Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/pDRfLkUZvCN7Y5N_PHLRHtyoJ-k.roa
File:                     pDRfLkUZvCN7Y5N_PHLRHtyoJ-k.roa (raw, json)
Hash identifier:          3zWD5DBaz+Oaef/Hf77uEofIfx0yWfjgtHbZ8dL6S0I=
Subject key identifier:   A4:34:5F:2E:45:19:BC:23:7B:63:93:7F:3C:72:D1:1E:DC:A8:27:E9
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       01822BEE740BF2B1A8BFC18342E28F544193
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/pDRfLkUZvCN7Y5N_PHLRHtyoJ-k.roa
Signing time:             Sat 23 Jul 2022 16:40:23 +0000
ROA not before:           Sat 23 Jul 2022 16:40:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204968
IP address blocks:        178.253.26.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:2b:ee:74:0b:f2:b1:a8:bf:c1:83:42:e2:8f:54:41:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jul 23 16:40:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4345f2e4519bc237b63937f3c72d11edca827e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b1:71:60:cb:6b:f6:52:b3:90:7f:55:a5:50:
                    81:f4:49:43:08:aa:6d:6e:e7:e3:8e:af:f1:30:47:
                    7d:7d:a3:53:91:58:71:1d:1e:5a:99:b8:69:4b:a3:
                    7b:b9:ca:d6:f0:00:cf:6a:e2:1b:30:83:d6:52:23:
                    0c:52:bc:e5:44:07:a0:ff:32:77:ef:ed:76:89:7f:
                    46:48:81:cd:4e:8e:8a:ec:6f:6d:56:58:4f:47:8e:
                    57:7d:49:2e:06:1a:aa:77:a6:87:c8:99:84:be:5f:
                    9e:e2:00:b8:db:a0:54:56:b1:aa:34:58:f0:39:fd:
                    3a:dc:65:d9:d6:25:20:b5:c5:43:12:d8:78:5f:8a:
                    e6:91:36:be:9b:f4:d5:a8:03:1e:c2:31:10:e5:98:
                    ff:ca:43:7f:de:96:37:41:08:c6:73:82:76:cd:d1:
                    e2:aa:5b:b7:af:21:17:e4:42:6a:4a:3e:f9:0f:cd:
                    ec:bb:12:52:be:86:f6:80:19:15:99:ec:5d:2a:ff:
                    0f:91:d3:9c:02:6e:6e:fe:3c:90:6e:70:54:d9:0d:
                    02:3a:4b:ff:ea:42:86:cf:c8:a4:e3:db:23:27:85:
                    54:7c:f9:0d:46:ab:37:29:a1:56:46:58:96:e9:69:
                    58:51:fe:09:98:5b:54:54:7b:1e:31:50:5b:48:5f:
                    8f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:34:5F:2E:45:19:BC:23:7B:63:93:7F:3C:72:D1:1E:DC:A8:27:E9
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/pDRfLkUZvCN7Y5N_PHLRHtyoJ-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:4b:e3:6f:83:49:e1:16:b8:8a:fa:5d:0e:70:9f:06:62:5f:
         8f:d0:df:8b:ef:ef:02:d1:14:47:49:20:d2:4e:36:80:39:f1:
         cb:1f:51:b4:ed:68:6f:65:8f:f6:41:dc:23:a9:5f:9e:03:19:
         8f:f0:6e:54:ab:79:be:f0:e9:1e:87:7e:77:a4:5e:88:d4:ab:
         a0:4c:09:de:8e:9d:b4:2a:9a:c5:a8:51:99:44:bd:33:dc:11:
         68:7f:58:6e:9d:ae:93:65:7f:61:c4:3a:fb:ec:bb:f3:2a:1c:
         33:43:78:a0:4a:0f:76:b6:3e:6b:e2:d6:5c:3b:c3:be:9c:14:
         88:26:f3:09:21:fc:90:e0:90:da:bf:a1:a0:d3:12:41:20:f0:
         6f:ac:b8:55:fe:a5:8f:12:86:5d:38:c9:de:ce:ff:65:8d:ce:
         f1:9f:db:13:c1:0d:9f:01:f5:79:57:b0:7f:36:5c:07:7c:b0:
         54:28:c0:27:db:3e:5d:49:e1:5c:9b:61:7a:97:3f:65:49:34:
         49:f9:b1:5a:6c:ab:a5:98:a7:87:13:e5:a5:38:a7:51:45:0d:
         f2:b2:f8:3a:e5:c2:cf:77:27:b0:68:52:10:b6:9b:ca:3d:d6:
         a6:ee:0f:3d:50:42:dd:49:6f:e3:51:fa:79:d6:d7:39:8b:7b:
         eb:9e:6d:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIr7nQL8rGov8GDQuKPVEGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIwNzIzMTY0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM0NWYyZTQ1MTliYzIzN2I2MzkzN2YzYzcyZDExZWRjYTgyN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbFxYMtr9lKzkH9VpVCB9ElDCKpt
bufjjq/xMEd9faNTkVhxHR5ambhpS6N7ucrW8ADPauIbMIPWUiMMUrzlRAeg/zJ3
7+12iX9GSIHNTo6K7G9tVlhPR45XfUkuBhqqd6aHyJmEvl+e4gC426BUVrGqNFjw
Of063GXZ1iUgtcVDEth4X4rmkTa+m/TVqAMewjEQ5Zj/ykN/3pY3QQjGc4J2zdHi
qlu3ryEX5EJqSj75D83suxJSvob2gBkVmexdKv8PkdOcAm5u/jyQbnBU2Q0COkv/
6kKGz8ik49sjJ4VUfPkNRqs3KaFWRliW6WlYUf4JmFtUVHseMVBbSF+P7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQ0Xy5FGbwje2OTfzxy0R7cqCfpMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcERSZkxrVVp2Q043WTVOX1BITFJIdHlvSi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv0aMA0G
CSqGSIb3DQEBCwUAA4IBAQADS+Nvg0nhFriK+l0OcJ8GYl+P0N+L7+8C0RRHSSDS
TjaAOfHLH1G07WhvZY/2QdwjqV+eAxmP8G5Uq3m+8Okeh353pF6I1KugTAnejp20
KprFqFGZRL0z3BFof1huna6TZX9hxDr77LvzKhwzQ3igSg92tj5r4tZcO8O+nBSI
JvMJIfyQ4JDav6Gg0xJBIPBvrLhV/qWPEoZdOMnezv9ljc7xn9sTwQ2fAfV5V7B/
NlwHfLBUKMAn2z5dSeFcm2F6lz9lSTRJ+bFabKulmKeHE+WlOKdRRQ3ysvg65cLP
dyewaFIQtpvKPdam7g89UELdSW/jUfp51tc5i3vrnm1L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org