Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Uz4fAv7K0vN4a7iRFSJXp1Ucm7Q.roa
File:                     Uz4fAv7K0vN4a7iRFSJXp1Ucm7Q.roa (raw, json)
Hash identifier:          4Lx//Km1udrHB4da4sFs0pV6X6HfyqI1OS6dCN9M7FY=
Subject key identifier:   53:3E:1F:02:FE:CA:D2:F3:78:6B:B8:91:15:22:57:A7:55:1C:9B:B4
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       0184F1EF92F6B177EAEB7924DBD7050C2346
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Uz4fAv7K0vN4a7iRFSJXp1Ucm7Q.roa
Signing time:             Thu 08 Dec 2022 13:32:00 +0000
ROA not before:           Thu 08 Dec 2022 13:32:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     996
IP address blocks:        92.240.201.0/24 maxlen: 24
                          92.240.205.0/24 maxlen: 24
                          92.240.214.0/24 maxlen: 24
                          92.240.216.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f1:ef:92:f6:b1:77:ea:eb:79:24:db:d7:05:0c:23:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Dec  8 13:32:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=533e1f02fecad2f3786bb891152257a7551c9bb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:51:64:2f:f7:bc:74:e4:e5:59:70:4f:3e:3c:
                    bb:f8:d0:2c:01:b8:9c:b6:d3:b6:53:c3:71:ec:65:
                    79:ec:c3:33:a5:30:9b:6f:e7:be:b8:01:77:e4:7e:
                    b2:65:1c:ff:2a:42:c2:8a:2d:63:1a:6f:14:16:b0:
                    a3:4b:e4:8d:2c:e5:65:09:09:50:3e:23:fe:d0:cc:
                    ac:4d:b8:c7:e8:64:af:ca:e9:35:9a:4d:61:43:b9:
                    bd:b6:69:ed:bb:55:b0:4a:d4:3f:32:ca:f0:55:5b:
                    47:98:d6:ff:f8:b3:a6:a9:94:ae:83:85:e7:55:ad:
                    d3:be:e9:db:bd:d1:3e:d3:8f:54:a1:ab:b3:f1:9d:
                    6c:f4:24:90:ca:ee:31:3f:1a:06:b4:84:4a:fe:b7:
                    80:73:86:c4:ae:32:27:9b:14:b6:e3:46:36:04:76:
                    89:71:6f:6d:ab:20:eb:40:12:ad:6e:4a:c3:40:88:
                    79:6b:3d:42:97:5d:8a:9a:62:88:c8:96:6a:63:8b:
                    a8:b1:0e:79:35:b4:06:08:df:f4:e0:3a:8b:c6:f8:
                    ce:a3:f3:61:c3:d9:2f:f9:e7:92:b0:14:93:2d:a6:
                    a1:a9:e6:35:a0:50:0a:7e:c2:b0:96:9a:e0:93:a0:
                    5c:35:cc:c5:77:1f:79:39:97:82:fb:be:95:2f:2c:
                    92:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:3E:1F:02:FE:CA:D2:F3:78:6B:B8:91:15:22:57:A7:55:1C:9B:B4
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Uz4fAv7K0vN4a7iRFSJXp1Ucm7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.240.201.0/24
                  92.240.205.0/24
                  92.240.214.0/24
                  92.240.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:32:92:5c:42:06:38:b8:5c:c2:48:76:13:8f:6d:8f:53:e7:
         eb:7f:4b:b3:57:55:5e:ac:e3:62:c5:db:37:dc:be:1f:48:5f:
         f9:e0:a4:87:34:19:df:53:f4:e9:f8:89:bf:aa:c8:6e:fe:07:
         37:a9:af:f7:33:06:86:0a:05:ba:fa:dd:73:60:f5:2e:52:43:
         00:0d:d6:ab:d7:4c:d2:77:b7:e5:8b:de:d8:f4:3d:8e:a4:98:
         17:c5:5a:a6:97:1f:c7:53:f1:89:b8:c9:4d:63:b1:49:9a:ba:
         df:ee:02:fd:b3:00:75:3b:3d:31:d2:f6:40:78:fa:01:5b:23:
         ec:e2:79:93:06:ee:90:8e:5e:66:3d:c4:c3:3f:48:27:1b:91:
         98:c3:a0:61:55:9c:86:c4:b5:76:aa:c3:07:a6:8f:28:09:42:
         89:11:49:af:0c:bc:bf:65:ec:31:67:09:00:6e:d8:fd:c2:64:
         30:bf:15:64:20:ba:e8:45:af:9e:f2:11:a6:82:fe:55:e5:8d:
         eb:93:f0:8d:18:40:42:c7:74:02:b3:04:9c:7c:9d:e3:cf:69:
         f2:d3:09:ed:2c:db:68:f1:d1:88:a5:5f:fd:b8:4d:9f:32:1e:
         85:e0:7a:97:73:96:70:cc:95:06:1a:e9:cd:d1:f8:ad:e1:2e:
         72:55:05:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTx75L2sXfq63kk29cFDCNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjIxMjA4MTMzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNlMWYwMmZlY2FkMmYzNzg2YmI4OTExNTIyNTdhNzU1MWM5YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFFkL/e8dOTlWXBPPjy7+NAsAbic
ttO2U8Nx7GV57MMzpTCbb+e+uAF35H6yZRz/KkLCii1jGm8UFrCjS+SNLOVlCQlQ
PiP+0MysTbjH6GSvyuk1mk1hQ7m9tmntu1WwStQ/MsrwVVtHmNb/+LOmqZSug4Xn
Va3TvunbvdE+049Uoauz8Z1s9CSQyu4xPxoGtIRK/reAc4bErjInmxS240Y2BHaJ
cW9tqyDrQBKtbkrDQIh5az1Cl12KmmKIyJZqY4uosQ55NbQGCN/04DqLxvjOo/Nh
w9kv+eeSsBSTLaahqeY1oFAKfsKwlprgk6BcNczFdx95OZeC+76VLyySrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFM+HwL+ytLzeGu4kRUiV6dVHJu0MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvVXo0ZkF2N0swdk40YTdpUkZTSlhwMVVjbTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXPDJAwQA
XPDNAwQAXPDWAwQAXPDYMA0GCSqGSIb3DQEBCwUAA4IBAQAkMpJcQgY4uFzCSHYT
j22PU+frf0uzV1VerONixds33L4fSF/54KSHNBnfU/Tp+Im/qshu/gc3qa/3MwaG
CgW6+t1zYPUuUkMADdar10zSd7fli97Y9D2OpJgXxVqmlx/HU/GJuMlNY7FJmrrf
7gL9swB1Oz0x0vZAePoBWyPs4nmTBu6Qjl5mPcTDP0gnG5GYw6BhVZyGxLV2qsMH
po8oCUKJEUmvDLy/ZewxZwkAbtj9wmQwvxVkILroRa+e8hGmgv5V5Y3rk/CNGEBC
x3QCswScfJ3jz2ny0wntLNto8dGIpV/9uE2fMh6F4HqXc5ZwzJUGGunN0fit4S5y
VQXU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:18 2024 by rpki-client on console-ams.rpki-client.org