Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa
File:                     rcg4GBRxksIYVBUPeS6sb-pqEfo.roa (raw, json)
Hash identifier:          OnWuVCwQgC9cesDeZdxEfWcIoIMWbqtKjeq1rHH5qCY=
Subject key identifier:   AD:C8:38:18:14:71:92:C2:18:54:15:0F:79:2E:AC:6F:EA:6A:11:FA
Certificate issuer:       /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Certificate serial:       3836BA96
Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa
Signing time:             Sat 01 Jan 2022 10:55:08 +0000
ROA not before:           Sat 01 Jan 2022 10:55:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43284
IP address blocks:        77.73.240.0/21 maxlen: 21
                          194.56.219.0/24 maxlen: 24
                          2a02:2108::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 943110806 (0x3836ba96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
        Validity
            Not Before: Jan  1 10:55:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=adc83818147192c21854150f792eac6fea6a11fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:20:92:e7:62:b4:2d:55:58:7b:f1:2d:0f:e9:
                    a0:61:9c:05:cb:60:66:5a:f3:95:9b:11:fa:52:cb:
                    b6:f9:eb:13:c1:f4:bf:6d:32:68:04:fc:5f:f3:45:
                    40:42:9c:58:05:93:6f:cf:cb:a6:99:e9:7b:a2:49:
                    87:df:53:b3:33:6e:b8:16:91:78:b3:f8:82:b6:e7:
                    25:7e:0f:d2:e2:5e:34:97:70:13:e2:41:1e:45:c9:
                    d2:3c:09:9f:57:af:c0:6d:14:17:5c:bd:7e:04:b4:
                    37:ce:06:18:a6:3b:a6:43:07:d7:ef:02:e4:c7:a2:
                    c4:c4:63:7e:06:91:1e:c1:0a:66:44:15:17:8c:91:
                    22:ed:85:6d:8a:7e:f0:0a:ea:1f:0c:59:02:a2:12:
                    53:a6:b7:99:a7:06:56:88:4f:a7:ed:3b:19:df:98:
                    04:30:b3:4a:02:eb:f4:63:55:e7:5d:3c:c1:bd:fb:
                    2c:6f:fb:29:23:44:71:f8:f1:56:ca:00:81:1a:57:
                    ca:1f:2f:79:cc:2f:f1:4f:a5:be:ce:92:97:7f:63:
                    9b:53:bc:ec:bb:0a:be:96:67:56:4d:3d:2c:3a:f1:
                    9e:37:54:dc:4a:d5:a1:4f:ed:66:4c:d1:9e:15:3a:
                    a9:6c:df:5e:02:c1:22:4f:60:ad:bc:50:47:a2:f4:
                    c2:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:C8:38:18:14:71:92:C2:18:54:15:0F:79:2E:AC:6F:EA:6A:11:FA
            X509v3 Authority Key Identifier:
                keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/rcg4GBRxksIYVBUPeS6sb-pqEfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.73.240.0/21
                  194.56.219.0/24
                IPv6:
                  2a02:2108::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:fd:ad:5e:1f:fb:59:89:a1:53:79:ef:69:20:84:8c:81:45:
         e6:79:ed:63:08:1b:6d:46:d1:5a:36:6c:35:d3:07:42:5b:e1:
         88:30:83:15:9c:96:97:b1:88:cb:a5:ba:3b:b5:23:a4:7b:5e:
         05:eb:f1:b2:e3:3e:bd:3e:b3:81:a7:7c:34:f3:a6:f9:e1:11:
         fa:3c:4c:7a:9c:3f:ce:b5:f5:1a:b2:92:27:5c:47:63:cb:a4:
         f1:a4:7b:93:39:31:43:c0:f1:d9:d2:85:d6:c6:a3:eb:a2:40:
         f0:7b:e4:1a:10:ca:4e:d8:70:5b:0d:59:24:36:f4:ac:7d:5f:
         af:e8:7f:16:de:7a:4e:04:66:a1:5f:51:30:71:49:02:f9:e6:
         a0:bf:81:a7:de:64:95:ff:fb:8e:31:22:4f:66:61:e2:fd:71:
         bd:98:8d:d3:e2:5e:18:09:77:a2:78:0f:99:9a:0a:93:7d:3d:
         07:59:dd:98:b6:a6:25:b5:2d:a0:87:5c:4a:6a:e4:5f:24:a7:
         60:d3:3f:ad:12:a1:c3:83:89:4d:3e:36:0f:10:50:09:18:b4:
         33:ef:23:27:3b:bf:d7:3c:d3:f3:f7:7f:9a:cd:4d:4c:11:7f:
         4c:ca:40:d2:ec:bb:aa:91:98:65:f9:64:e0:da:83:ea:58:c0:
         d9:12:51:a0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEODa6ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzZhMzc0MmYwZjBmYjEyMDkyMmIzMzllZjAxY2VjZjg3ZjRkMWVlMB4XDTIyMDEw
MTEwNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRjODM4MTgxNDcx
OTJjMjE4NTQxNTBmNzkyZWFjNmZlYTZhMTFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEgkuditC1VWHvxLQ/poGGcBctgZlrzlZsR+lLLtvnrE8H0
v20yaAT8X/NFQEKcWAWTb8/Lppnpe6JJh99TszNuuBaReLP4grbnJX4P0uJeNJdw
E+JBHkXJ0jwJn1evwG0UF1y9fgS0N84GGKY7pkMH1+8C5MeixMRjfgaRHsEKZkQV
F4yRIu2FbYp+8ArqHwxZAqISU6a3macGVohPp+07Gd+YBDCzSgLr9GNV5108wb37
LG/7KSNEcfjxVsoAgRpXyh8vecwv8U+lvs6Sl39jm1O87LsKvpZnVk09LDrxnjdU
3ErVoU/tZkzRnhU6qWzfXgLBIk9grbxQR6L0wh8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBStyDgYFHGSwhhUFQ95Lqxv6moR+jAfBgNVHSMEGDAWgBTcajdC8PD7Egki
sznvAc7Ph/TR7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNHbzNRdkR3LXhJSklyTTU3d0hPejRmMDBlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNDdjOTczLTIwNWItNDE5Ny04Njk4LWNjMWQyYzVlMWIzMS8x
L3JjZzRHQlJ4a3NJWVZCVVBlUzZzYi1wcUVmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NDdjOTczLTIwNWItNDE5Ny04Njk4LWNjMWQyYzVlMWIzMS8xLzNHbzNRdkR3LXhJ
SklyTTU3d0hPejRmMDBlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA01J8AMEAMI42zANBAIAAjAHAwUA
KgIhCDANBgkqhkiG9w0BAQsFAAOCAQEAHP2tXh/7WYmhU3nvaSCEjIFF5nntYwgb
bUbRWjZsNdMHQlvhiDCDFZyWl7GIy6W6O7UjpHteBevxsuM+vT6zgad8NPOm+eER
+jxMepw/zrX1GrKSJ1xHY8uk8aR7kzkxQ8Dx2dKF1saj66JA8HvkGhDKTthwWw1Z
JDb0rH1fr+h/Ft56TgRmoV9RMHFJAvnmoL+Bp95klf/7jjEiT2Zh4v1xvZiN0+Je
GAl3ongPmZoKk309B1ndmLamJbUtoIdcSmrkXySnYNM/rRKhw4OJTT42DxBQCRi0
M+8jJzu/1zzT8/d/ms1NTBF/TMpA0uy7qpGYZflk4NqD6ljA2RJRoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org