Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/27BDKpB6H3PsR-vwfgy2VKBg-NM.roa
File:                     27BDKpB6H3PsR-vwfgy2VKBg-NM.roa (raw, json)
Hash identifier:          +8xsAWWn4H2o5OzgwTYFrfTIo68ZczjXjbVVv+BJFeg=
Subject key identifier:   DB:B0:43:2A:90:7A:1F:73:EC:47:EB:F0:7E:0C:B6:54:A0:60:F8:D3
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01842CA8338860EB11E56DAB2DB8E7FE6F8A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/27BDKpB6H3PsR-vwfgy2VKBg-NM.roa
Signing time:             Mon 31 Oct 2022 06:08:51 +0000
ROA not before:           Mon 31 Oct 2022 06:08:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6233
IP address blocks:        193.19.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2c:a8:33:88:60:eb:11:e5:6d:ab:2d:b8:e7:fe:6f:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 31 06:08:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dbb0432a907a1f73ec47ebf07e0cb654a060f8d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:bc:53:89:47:78:db:3f:8b:c3:19:62:c2:cd:
                    8e:51:1c:10:21:72:70:fa:da:cf:42:00:b8:27:98:
                    83:7a:fd:2a:a4:d4:00:86:4f:8a:d1:51:fa:08:09:
                    90:90:ca:3b:b7:c2:c7:ad:d4:a3:5a:09:97:3d:c3:
                    68:c7:bf:c1:29:41:e4:93:76:6f:37:a2:78:28:32:
                    f6:a3:28:d3:30:7a:72:c2:84:63:1c:c3:5c:99:75:
                    fc:e2:c3:37:8e:83:bb:38:73:41:79:74:2f:8a:1f:
                    03:74:42:16:85:93:33:da:5b:ca:34:2e:20:b4:f8:
                    59:fd:9a:70:66:3f:11:23:f8:d7:53:2b:eb:cf:b0:
                    52:60:32:f2:ae:4d:18:7b:9b:ed:0e:f7:4a:34:e2:
                    6b:23:d0:29:b2:e9:c5:33:34:c5:14:02:2c:99:f2:
                    1b:7f:97:4b:b2:1c:52:a4:34:59:45:19:8b:c6:2b:
                    f8:62:75:3a:e4:54:c9:9d:7a:43:2a:ff:e3:ae:bd:
                    c7:7a:10:80:f5:44:e7:ca:5f:3d:31:33:70:2d:54:
                    58:d4:c2:0a:2f:3e:b7:c3:bc:bb:6d:fc:a0:8b:1a:
                    9a:dc:8d:d3:68:be:f8:f0:79:cf:d5:9d:b9:dd:0e:
                    b8:60:a3:e6:a2:57:4b:c1:11:bd:07:f2:9d:9f:ed:
                    46:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:B0:43:2A:90:7A:1F:73:EC:47:EB:F0:7E:0C:B6:54:A0:60:F8:D3
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/27BDKpB6H3PsR-vwfgy2VKBg-NM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:3c:11:eb:85:8d:8c:69:b5:e9:54:3d:a5:ce:ce:46:46:cc:
         68:e2:fa:5e:c0:b6:c2:09:61:45:db:81:da:7f:22:64:32:f2:
         d4:6f:03:56:8c:61:75:0f:85:07:4e:dd:c2:90:0b:1e:a7:54:
         67:a7:13:76:ce:3d:73:50:38:94:29:f0:06:31:5a:bd:01:23:
         fe:7b:aa:6d:91:31:3e:47:3a:4e:bb:04:42:e8:41:04:ff:b9:
         20:61:e7:c6:d8:13:d5:b7:78:79:b3:bf:64:b7:b8:86:1b:4a:
         fc:30:6f:88:bd:ef:2e:0e:a0:f1:e7:20:df:17:60:e9:33:e2:
         aa:f2:98:00:26:9e:df:72:40:3a:0c:5b:b9:15:88:32:1c:c9:
         38:7e:1c:44:bc:48:14:68:2e:45:e8:39:3a:95:93:04:08:c1:
         a4:12:f7:70:33:10:95:bf:60:55:51:de:09:58:d3:e2:d4:03:
         49:1e:2d:1e:7f:12:6b:ef:f2:d6:6d:28:ae:ec:7c:aa:42:31:
         04:d5:5b:9b:22:21:68:83:69:72:9f:28:d2:e2:53:b8:a8:71:
         20:4f:3d:55:ff:ad:3b:c1:2a:6f:fa:b6:4c:47:db:dd:b4:f9:
         75:07:30:2d:8b:db:bb:6a:65:e3:fd:50:2c:24:57:78:cf:6f:
         a6:d9:fc:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQsqDOIYOsR5W2rLbjn/m+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDMxMDYwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmIwNDMyYTkwN2ExZjczZWM0N2ViZjA3ZTBjYjY1NGEwNjBmOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbxTiUd42z+Lwxliws2OURwQIXJw
+trPQgC4J5iDev0qpNQAhk+K0VH6CAmQkMo7t8LHrdSjWgmXPcNox7/BKUHkk3Zv
N6J4KDL2oyjTMHpywoRjHMNcmXX84sM3joO7OHNBeXQvih8DdEIWhZMz2lvKNC4g
tPhZ/ZpwZj8RI/jXUyvrz7BSYDLyrk0Ye5vtDvdKNOJrI9ApsunFMzTFFAIsmfIb
f5dLshxSpDRZRRmLxiv4YnU65FTJnXpDKv/jrr3HehCA9UTnyl89MTNwLVRY1MIK
Lz63w7y7bfygixqa3I3TaL748HnP1Z253Q64YKPmoldLwRG9B/Kdn+1GSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuwQyqQeh9z7Efr8H4MtlSgYPjTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMjdCREtwQjZIM1BzUi12d2ZneTJWS0JnLU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRNsMA0G
CSqGSIb3DQEBCwUAA4IBAQASPBHrhY2MabXpVD2lzs5GRsxo4vpewLbCCWFF24Ha
fyJkMvLUbwNWjGF1D4UHTt3CkAsep1RnpxN2zj1zUDiUKfAGMVq9ASP+e6ptkTE+
RzpOuwRC6EEE/7kgYefG2BPVt3h5s79kt7iGG0r8MG+Ive8uDqDx5yDfF2DpM+Kq
8pgAJp7fckA6DFu5FYgyHMk4fhxEvEgUaC5F6Dk6lZMECMGkEvdwMxCVv2BVUd4J
WNPi1ANJHi0efxJr7/LWbSiu7HyqQjEE1VubIiFog2lynyjS4lO4qHEgTz1V/607
wSpv+rZMR9vdtPl1BzAti9u7amXj/VAsJFd4z2+m2fz5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org