Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/mFMjuR_yUYkYZS08bhbDeaUeX2A.roa
File:                     mFMjuR_yUYkYZS08bhbDeaUeX2A.roa (raw, json)
Hash identifier:          xqV0MMj+GcLdJux4Hu88TYsrzT2p/8HqZy0zBAmw+rY=
Subject key identifier:   98:53:23:B9:1F:F2:51:89:18:65:2D:3C:6E:16:C3:79:A5:1E:5F:60
Certificate issuer:       /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial:       07F1AAB5
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/mFMjuR_yUYkYZS08bhbDeaUeX2A.roa
Signing time:             Thu 13 Jan 2022 09:25:10 +0000
ROA not before:           Thu 13 Jan 2022 09:25:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     27176
IP address blocks:        185.73.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133278389 (0x7f1aab5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
        Validity
            Not Before: Jan 13 09:25:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=985323b91ff2518918652d3c6e16c379a51e5f60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:80:23:bd:2f:10:a2:68:aa:50:70:37:18:6b:
                    bc:99:28:fb:1f:85:7d:6c:eb:0e:bf:d1:10:bd:3e:
                    99:23:87:b1:6b:3a:a0:cd:0a:99:16:e3:d9:07:24:
                    d9:86:23:76:56:fc:cc:ed:4e:ff:79:16:88:3e:17:
                    ff:07:c6:18:a8:8d:a0:9b:b5:fc:a6:00:05:ac:7a:
                    d0:de:36:db:19:7d:65:55:3f:65:09:ed:d1:d5:0f:
                    54:c2:6c:3d:e5:3c:11:74:21:11:d0:6e:81:d7:71:
                    c1:cd:03:a2:bb:0c:64:ab:d1:86:fc:f1:77:c9:09:
                    17:21:0a:c5:f5:7c:c2:37:e3:3a:bc:fb:29:b9:92:
                    75:8b:4a:df:6a:e4:63:b0:36:75:0c:90:3a:79:1d:
                    82:01:f6:b8:d3:c9:6b:64:d6:4d:a9:1b:6e:58:a7:
                    37:3f:70:04:47:d4:79:7b:83:a6:a4:cf:fb:ae:cb:
                    d5:c1:d7:70:9b:96:47:b3:99:5f:1c:25:d6:d8:54:
                    80:2c:22:fb:f8:5c:07:21:e8:25:85:62:4f:67:d6:
                    a8:ff:5c:77:4a:34:bf:a2:4d:bc:2a:3c:1b:14:a5:
                    f1:7a:55:2a:bb:df:d5:de:81:39:82:dc:7f:e3:7f:
                    36:c2:8c:66:b8:e0:bb:50:bf:6d:f2:45:58:92:ce:
                    9e:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:53:23:B9:1F:F2:51:89:18:65:2D:3C:6E:16:C3:79:A5:1E:5F:60
            X509v3 Authority Key Identifier:
                keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/mFMjuR_yUYkYZS08bhbDeaUeX2A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:d2:51:6f:70:b5:10:38:4e:1e:e2:9a:6f:a8:25:e9:fd:66:
         b0:f9:99:d9:ec:4c:dd:c7:8d:25:25:b5:a3:e5:a3:3d:ba:38:
         9f:07:04:ce:e3:65:43:c3:f2:be:4f:48:f5:9f:a7:c8:6d:a2:
         9e:8a:0c:3b:20:c4:6c:11:00:0b:ed:62:80:d4:87:91:6f:8e:
         d4:e3:ae:af:1d:29:50:ba:56:a8:5b:b9:ca:30:ec:cf:91:7e:
         d1:a2:fd:ee:c7:d4:00:b6:d1:b4:97:b9:fa:aa:7f:74:70:14:
         2d:4e:eb:ba:af:7f:f8:cd:33:13:36:93:33:22:8c:05:13:4a:
         13:fc:24:2f:39:12:0f:b2:73:57:75:e1:d3:7d:6a:2e:10:17:
         4b:5b:30:bc:14:bf:5d:4d:2c:89:36:c3:53:bd:6d:28:c5:60:
         de:4a:23:14:69:b2:64:60:54:7b:9b:53:83:4c:e3:4d:31:3a:
         14:9a:8e:07:ce:06:b8:48:dc:06:b0:95:60:a6:ba:94:35:0a:
         b7:4d:a2:0e:f4:ab:6c:ed:38:18:49:dd:7c:c8:3f:ca:70:3d:
         aa:fe:91:79:fa:c8:49:ea:3c:07:5b:79:57:6f:0d:8b:4d:04:
         44:ec:ef:20:41:43:53:2e:20:f6:ee:d7:37:3f:a9:6a:5b:77:
         8f:5f:b5:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/GqtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjQ3NGFjN2NhODVlMDljMmQ0OGIzM2U3YmY2NmY4ZWQ3NjRkZTBmMB4XDTIyMDEx
MzA5MjUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg1MzIzYjkxZmYy
NTE4OTE4NjUyZDNjNmUxNmMzNzlhNTFlNWY2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeAI70vEKJoqlBwNxhrvJko+x+FfWzrDr/REL0+mSOHsWs6
oM0KmRbj2Qck2YYjdlb8zO1O/3kWiD4X/wfGGKiNoJu1/KYABax60N422xl9ZVU/
ZQnt0dUPVMJsPeU8EXQhEdBugddxwc0DorsMZKvRhvzxd8kJFyEKxfV8wjfjOrz7
KbmSdYtK32rkY7A2dQyQOnkdggH2uNPJa2TWTakbblinNz9wBEfUeXuDpqTP+67L
1cHXcJuWR7OZXxwl1thUgCwi+/hcByHoJYViT2fWqP9cd0o0v6JNvCo8GxSl8XpV
Krvf1d6BOYLcf+N/NsKMZrjgu1C/bfJFWJLOnq8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYUyO5H/JRiRhlLTxuFsN5pR5fYDAfBgNVHSMEGDAWgBQyR0rHyoXgnC1I
sz579m+O12TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01rZEt4OHFGNEp3dFNMTS1lX1p2anRkazNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8x
L21GTWp1Ul95VVlrWVpTMDhiaGJEZWFVZVgyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8xL01rZEt4OHFGNEp3
dFNMTS1lX1p2anRkazNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlJ8zANBgkqhkiG9w0BAQsFAAOC
AQEAodJRb3C1EDhOHuKab6gl6f1msPmZ2exM3ceNJSW1o+WjPbo4nwcEzuNlQ8Py
vk9I9Z+nyG2inooMOyDEbBEAC+1igNSHkW+O1OOurx0pULpWqFu5yjDsz5F+0aL9
7sfUALbRtJe5+qp/dHAULU7ruq9/+M0zEzaTMyKMBRNKE/wkLzkSD7JzV3Xh031q
LhAXS1swvBS/XU0siTbDU71tKMVg3kojFGmyZGBUe5tTg0zjTTE6FJqOB84GuEjc
BrCVYKa6lDUKt02iDvSrbO04GEndfMg/ynA9qv6RefrISeo8B1t5V28Ni00EROzv
IEFDUy4g9u7XNz+palt3j1+1VA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:53 2024 by rpki-client on console-fra.rpki-client.org