Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SGezHkTwFWtkoFrxHmq5IEHaoow.roa
File:                     SGezHkTwFWtkoFrxHmq5IEHaoow.roa (raw, json)
Hash identifier:          La0Spm1N8xHTKhwxMrWIZJ6t+8tjfubw/IDapMfTyUI=
Subject key identifier:   48:67:B3:1E:44:F0:15:6B:64:A0:5A:F1:1E:6A:B9:20:41:DA:A2:8C
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       096C28D8
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SGezHkTwFWtkoFrxHmq5IEHaoow.roa
Signing time:             Fri 20 May 2022 15:37:29 +0000
ROA not before:           Fri 20 May 2022 15:37:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        83.147.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158083288 (0x96c28d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: May 20 15:37:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4867b31e44f0156b64a05af11e6ab92041daa28c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:34:a4:1d:f7:39:ac:e4:6c:c7:05:ed:4a:c6:
                    f9:52:37:29:0c:c0:d6:1e:37:cd:07:61:d8:5b:24:
                    d2:42:d6:40:28:e9:dd:c3:91:81:4f:49:46:62:a0:
                    35:ed:f0:7c:cb:b5:d4:de:89:82:41:73:cc:4f:f1:
                    91:d9:f0:1b:86:27:9c:38:f0:e5:7a:36:52:ec:20:
                    f2:a5:c5:29:9b:a7:06:7f:ac:44:00:3e:47:9f:40:
                    93:ce:04:67:85:f9:e0:98:66:a1:8f:3c:21:2f:17:
                    25:2c:13:ee:98:98:38:71:a9:e9:dc:91:d9:26:2d:
                    93:06:02:e0:ab:e6:63:1a:e4:51:a9:9e:94:03:72:
                    e3:5f:ed:f0:4f:0f:ff:92:70:5c:05:b5:7f:3b:f9:
                    12:4d:c0:61:9b:2a:23:4e:9f:a5:fe:6f:6f:f5:88:
                    bb:64:70:41:83:b9:c8:c6:8a:bd:5a:cd:93:d4:64:
                    11:a9:af:1a:b7:89:1c:1a:c7:d1:c0:52:73:50:6c:
                    f4:24:9a:9f:ec:35:83:4e:8a:34:23:ef:fd:ba:da:
                    66:cf:4d:7c:40:bb:c9:82:3b:39:30:48:e6:f7:d4:
                    cd:42:2a:77:0f:d7:8c:3f:4b:60:66:b8:29:0b:b9:
                    c4:2e:4d:5b:1a:5e:0e:b4:75:49:1d:ee:3e:1a:3d:
                    30:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:67:B3:1E:44:F0:15:6B:64:A0:5A:F1:1E:6A:B9:20:41:DA:A2:8C
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SGezHkTwFWtkoFrxHmq5IEHaoow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:fc:8f:7c:84:81:82:85:fd:f2:32:87:37:8c:64:57:1a:83:
         f6:03:b7:0b:47:22:6b:bc:57:e2:33:c9:3b:e6:12:df:07:3d:
         bb:5a:dc:12:40:cd:7d:0d:b0:3b:7e:71:ea:01:5d:a2:a5:d3:
         6c:21:fa:b8:2d:68:fd:bd:f4:75:56:2a:f2:29:8a:f5:96:4b:
         fb:7d:d3:57:59:45:64:77:df:0c:44:1c:0d:f6:06:f3:0d:c1:
         94:56:94:9d:f9:67:78:8c:f3:f0:b1:73:9f:93:d7:d8:17:dd:
         0e:ab:7b:d2:95:54:25:f1:9b:68:02:01:25:45:06:17:eb:32:
         b8:89:1f:a2:36:7b:44:18:27:9a:a2:4b:7a:08:47:f6:77:b2:
         6d:60:0f:15:1f:0c:8a:20:36:84:b6:0b:08:1c:c2:7e:7c:a6:
         4f:61:62:d0:64:9e:4c:9d:ed:4f:1d:90:50:48:04:75:9b:09:
         50:09:22:86:a4:9c:57:a7:f9:7c:1e:8c:9e:8c:74:77:46:05:
         72:aa:41:b0:fa:b0:ae:58:37:59:91:cd:83:be:5c:35:62:b9:
         78:0b:81:27:7b:2c:5e:36:21:be:43:95:2e:65:6e:ca:ce:b4:
         73:19:e4:01:3e:cc:0f:5a:74:be:e7:cd:61:3e:42:7d:ad:14:
         d8:91:18:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECWwo2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDUy
MDE1MzcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg2N2IzMWU0NGYw
MTU2YjY0YTA1YWYxMWU2YWI5MjA0MWRhYTI4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM00pB33OazkbMcF7UrG+VI3KQzA1h43zQdh2Fsk0kLWQCjp
3cORgU9JRmKgNe3wfMu11N6JgkFzzE/xkdnwG4YnnDjw5Xo2Uuwg8qXFKZunBn+s
RAA+R59Ak84EZ4X54JhmoY88IS8XJSwT7piYOHGp6dyR2SYtkwYC4KvmYxrkUame
lANy41/t8E8P/5JwXAW1fzv5Ek3AYZsqI06fpf5vb/WIu2RwQYO5yMaKvVrNk9Rk
EamvGreJHBrH0cBSc1Bs9CSan+w1g06KNCPv/braZs9NfEC7yYI7OTBI5vfUzUIq
dw/XjD9LYGa4KQu5xC5NWxpeDrR1SR3uPho9MI0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIZ7MeRPAVa2SgWvEearkgQdqijDAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L1NHZXpIa1R3Rld0a29GcnhIbXE1SUVIYW9vdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlOT9DANBgkqhkiG9w0BAQsFAAOC
AQEAavyPfISBgoX98jKHN4xkVxqD9gO3C0cia7xX4jPJO+YS3wc9u1rcEkDNfQ2w
O35x6gFdoqXTbCH6uC1o/b30dVYq8imK9ZZL+33TV1lFZHffDEQcDfYG8w3BlFaU
nflneIzz8LFzn5PX2BfdDqt70pVUJfGbaAIBJUUGF+syuIkfojZ7RBgnmqJLeghH
9neybWAPFR8MiiA2hLYLCBzCfnymT2Fi0GSeTJ3tTx2QUEgEdZsJUAkihqScV6f5
fB6Mnox0d0YFcqpBsPqwrlg3WZHNg75cNWK5eAuBJ3ssXjYhvkOVLmVuys60cxnk
AT7MD1p0vufNYT5Cfa0U2JEYXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org