Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JhttjtkNI8TEjTtMKBPeZr0K1T0.roa
File:                     JhttjtkNI8TEjTtMKBPeZr0K1T0.roa (raw, json)
Hash identifier:          fQIB3/q2aFY4PNJnHK9YVeGrSDhJAspsr6o+GjJyOGI=
Subject key identifier:   26:1B:6D:8E:D9:0D:23:C4:C4:8D:3B:4C:28:13:DE:66:BD:0A:D5:3D
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       08AE0881
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JhttjtkNI8TEjTtMKBPeZr0K1T0.roa
Signing time:             Sat 01 Jan 2022 11:04:15 +0000
ROA not before:           Sat 01 Jan 2022 11:04:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209181
IP address blocks:        92.249.30.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145623169 (0x8ae0881)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  1 11:04:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=261b6d8ed90d23c4c48d3b4c2813de66bd0ad53d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:8c:03:bc:f3:6d:11:cd:c9:d3:9b:8b:a4:8d:
                    49:5f:ed:24:01:1c:fa:5f:63:b9:34:79:75:14:d5:
                    2d:06:3a:48:ff:41:0f:c5:86:52:aa:89:a8:ad:47:
                    0b:b8:71:ac:bb:db:87:ee:36:9c:32:ba:f8:8c:89:
                    09:03:67:2e:af:83:e8:fe:0d:b7:71:bc:bc:7f:c8:
                    3a:7a:94:81:2a:ac:80:71:2d:8a:ef:7e:f6:c0:4b:
                    57:26:fd:ae:6a:a1:13:0e:cf:29:e7:45:be:33:ae:
                    08:48:02:fe:2e:fc:3f:2d:62:46:3e:f1:5e:df:43:
                    07:4a:ba:72:3a:47:ae:a9:7d:5b:37:30:ea:88:a5:
                    cd:66:af:dc:7f:48:4a:9a:ee:47:eb:c7:29:80:92:
                    d2:a3:33:6f:a4:ec:34:0c:0f:ef:f0:8f:29:c0:2e:
                    d2:ff:29:1b:0d:87:f2:6f:73:8e:29:54:2f:5f:bd:
                    95:19:d9:bc:64:1a:8c:0d:63:4f:29:e7:ee:87:d6:
                    84:3e:8d:64:11:48:41:4a:12:1d:32:7f:86:c6:55:
                    c0:68:81:b7:98:08:3d:38:2f:97:b6:0b:41:ac:e4:
                    5e:78:81:2d:5a:9e:60:67:82:28:48:e4:b7:b0:59:
                    9f:83:8d:29:99:05:2f:45:02:c1:39:53:a9:42:3a:
                    9f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:1B:6D:8E:D9:0D:23:C4:C4:8D:3B:4C:28:13:DE:66:BD:0A:D5:3D
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JhttjtkNI8TEjTtMKBPeZr0K1T0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.249.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:3e:70:57:af:f8:8b:fd:ba:f2:21:a7:8e:1b:b8:33:38:46:
         1f:c3:f8:2b:60:d7:14:e1:70:c9:15:72:dd:52:33:6b:89:9c:
         bc:2a:fe:a9:40:86:df:72:be:c4:b4:6c:d0:85:7b:e2:13:ea:
         ec:c2:bb:52:49:59:2a:74:88:c0:57:9a:96:72:5d:c0:c1:7a:
         b8:88:a9:7e:29:20:ba:4f:2d:65:28:48:fb:47:e9:fd:a8:6c:
         86:37:df:a5:30:02:bf:d2:3b:cf:3d:b3:6b:ee:68:c5:31:2c:
         f6:33:80:aa:c8:44:6c:ef:38:57:b5:3e:ac:4f:03:b5:2e:7c:
         74:21:8c:4d:eb:af:7e:e6:55:c2:99:48:2f:d5:fb:fd:2a:48:
         07:a4:fe:d4:c1:c3:71:b2:58:fa:6e:d1:b9:8f:30:c8:97:ea:
         de:2b:47:66:1b:e1:59:bf:a7:89:7e:c4:e4:5e:b3:f7:9c:f7:
         23:7a:39:cb:61:b8:be:af:d8:58:5a:d4:45:e2:c9:fe:00:a7:
         46:13:83:68:04:42:a9:e4:26:cd:64:e7:0c:3e:8b:48:41:ca:
         b0:09:f2:6a:f3:3c:38:84:84:30:fa:09:2d:d6:58:0e:ac:01:
         94:43:3d:ea:65:dc:78:cb:26:6e:3d:f5:e3:fe:f0:41:2e:47:
         9a:e2:b5:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECK4IgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjYxYjZkOGVkOTBk
MjNjNGM0OGQzYjRjMjgxM2RlNjZiZDBhZDUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWMA7zzbRHNydObi6SNSV/tJAEc+l9juTR5dRTVLQY6SP9B
D8WGUqqJqK1HC7hxrLvbh+42nDK6+IyJCQNnLq+D6P4Nt3G8vH/IOnqUgSqsgHEt
iu9+9sBLVyb9rmqhEw7PKedFvjOuCEgC/i78Py1iRj7xXt9DB0q6cjpHrql9Wzcw
6oilzWav3H9ISpruR+vHKYCS0qMzb6TsNAwP7/CPKcAu0v8pGw2H8m9zjilUL1+9
lRnZvGQajA1jTynn7ofWhD6NZBFIQUoSHTJ/hsZVwGiBt5gIPTgvl7YLQazkXniB
LVqeYGeCKEjkt7BZn4ONKZkFL0UCwTlTqUI6n6sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmG22O2Q0jxMSNO0woE95mvQrVPTAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L0podHRqdGtOSThURWpUdE1LQlBlWnIwSzFUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFz5HjANBgkqhkiG9w0BAQsFAAOC
AQEAPD5wV6/4i/268iGnjhu4MzhGH8P4K2DXFOFwyRVy3VIza4mcvCr+qUCG33K+
xLRs0IV74hPq7MK7UklZKnSIwFealnJdwMF6uIipfikguk8tZShI+0fp/ahshjff
pTACv9I7zz2za+5oxTEs9jOAqshEbO84V7U+rE8DtS58dCGMTeuvfuZVwplIL9X7
/SpIB6T+1MHDcbJY+m7RuY8wyJfq3itHZhvhWb+niX7E5F6z95z3I3o5y2G4vq/Y
WFrUReLJ/gCnRhODaARCqeQmzWTnDD6LSEHKsAnyavM8OISEMPoJLdZYDqwBlEM9
6mXceMsmbj314/7wQS5HmuK1rQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org