Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/dK3fC3JlUruWDJc-m4D3MaJgbkE.roa
File:                     dK3fC3JlUruWDJc-m4D3MaJgbkE.roa (raw, json)
Hash identifier:          kwL8yCOHiTvORY6Lqj95P7rQ90OnVD75Co42MK8t7Z8=
Subject key identifier:   74:AD:DF:0B:72:65:52:BB:96:0C:97:3E:9B:80:F7:31:A2:60:6E:41
Certificate issuer:       /CN=67edadc765fa8f2fa19eb20963cf5bd235d01b43
Certificate serial:       1C548918
Authority key identifier: 67:ED:AD:C7:65:FA:8F:2F:A1:9E:B2:09:63:CF:5B:D2:35:D0:1B:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z-2tx2X6jy-hnrIJY89b0jXQG0M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/dK3fC3JlUruWDJc-m4D3MaJgbkE.roa
Signing time:             Sat 01 Jan 2022 06:58:37 +0000
ROA not before:           Sat 01 Jan 2022 06:58:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20974
IP address blocks:        178.251.52.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 475302168 (0x1c548918)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67edadc765fa8f2fa19eb20963cf5bd235d01b43
        Validity
            Not Before: Jan  1 06:58:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74addf0b726552bb960c973e9b80f731a2606e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:35:d8:a5:72:c1:25:17:0e:02:43:6b:6d:3a:
                    5e:ff:10:be:a3:a4:5b:ee:4e:6e:97:1c:c6:d3:94:
                    b8:ef:5d:a2:2b:88:64:ad:94:c0:6b:3d:7c:d7:65:
                    5f:e4:e2:fd:ee:05:7f:90:82:b6:37:08:12:e4:69:
                    57:f7:bb:ff:b0:d1:72:bb:c8:59:66:f7:22:a1:a7:
                    e2:fb:c1:c3:1e:96:58:c1:0c:bc:28:1e:64:8d:b7:
                    23:9d:b8:61:93:96:85:5a:a3:a6:cf:dd:f2:04:b5:
                    f7:16:c4:aa:2f:ba:4b:49:eb:a0:6c:37:10:74:7c:
                    5a:cc:a9:76:24:cd:b8:1a:8b:4c:5d:67:79:03:32:
                    24:07:5f:23:a1:38:9a:88:a6:da:8e:34:e6:d3:4d:
                    44:48:e4:1e:74:e4:13:76:e9:f9:d4:98:16:25:5f:
                    d8:ec:82:f4:c5:b7:9b:06:1c:2f:27:b7:09:ab:81:
                    9f:29:7c:d4:34:9b:b8:a1:e8:85:10:20:b6:40:d5:
                    58:9d:fb:1a:9c:06:96:9d:51:bb:71:3d:50:37:ca:
                    58:cf:73:08:93:e7:cc:ab:16:01:89:54:34:af:5c:
                    3f:46:18:b2:ec:41:df:59:d6:ab:c0:f4:78:c1:47:
                    29:d9:f3:13:30:71:21:23:65:70:9e:46:96:19:a1:
                    ed:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:AD:DF:0B:72:65:52:BB:96:0C:97:3E:9B:80:F7:31:A2:60:6E:41
            X509v3 Authority Key Identifier:
                keyid:67:ED:AD:C7:65:FA:8F:2F:A1:9E:B2:09:63:CF:5B:D2:35:D0:1B:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-2tx2X6jy-hnrIJY89b0jXQG0M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/dK3fC3JlUruWDJc-m4D3MaJgbkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/663c6c-13bf-4400-8482-21e0a66d5444/1/Z-2tx2X6jy-hnrIJY89b0jXQG0M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.251.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:2c:56:14:37:be:16:76:35:16:d9:0f:60:3a:40:b5:61:8e:
         16:06:37:80:55:a8:38:70:5c:6a:2b:6e:97:23:0f:bb:e0:4f:
         07:42:d1:5d:e2:db:36:be:b1:2f:95:5c:b3:2d:d8:8b:d6:b1:
         ef:c4:d6:05:07:9f:c0:d3:02:44:4a:ac:dc:d2:7b:94:41:22:
         20:cc:24:a3:eb:61:1f:bf:f2:a2:b8:75:68:ec:34:df:2e:d1:
         ba:8f:18:7c:e5:e3:66:33:17:38:66:bb:e3:bd:4c:af:9d:d0:
         6d:64:c8:3d:7a:dc:f2:bb:8a:49:53:46:46:0a:41:9d:21:4b:
         17:fc:48:ea:0e:cb:e7:26:12:f9:de:19:22:a2:dd:c3:22:60:
         a6:14:8c:0e:aa:a1:46:38:ee:e7:7d:2c:d2:75:d2:3d:9f:26:
         ea:7a:be:4f:fc:ff:07:9a:ec:7f:fd:ae:97:b4:29:2c:80:52:
         73:b2:53:90:a2:5d:6b:5d:58:18:65:0a:b6:9f:7d:20:4f:ff:
         cf:53:4c:89:a9:29:eb:cf:9a:76:a9:ad:e1:4a:b9:fe:50:8b:
         5f:4e:b9:d5:ef:f8:4b:35:0e:f2:3f:42:8c:f9:48:aa:d1:c2:
         da:57:73:81:60:bb:41:df:7a:ee:3f:6b:44:a4:fa:4d:76:22:
         19:74:1a:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHFSJGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2VkYWRjNzY1ZmE4ZjJmYTE5ZWIyMDk2M2NmNWJkMjM1ZDAxYjQzMB4XDTIyMDEw
MTA2NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRhZGRmMGI3MjY1
NTJiYjk2MGM5NzNlOWI4MGY3MzFhMjYwNmU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIo12KVywSUXDgJDa206Xv8QvqOkW+5ObpccxtOUuO9doiuI
ZK2UwGs9fNdlX+Ti/e4Ff5CCtjcIEuRpV/e7/7DRcrvIWWb3IqGn4vvBwx6WWMEM
vCgeZI23I524YZOWhVqjps/d8gS19xbEqi+6S0nroGw3EHR8WsypdiTNuBqLTF1n
eQMyJAdfI6E4moim2o405tNNREjkHnTkE3bp+dSYFiVf2OyC9MW3mwYcLye3CauB
nyl81DSbuKHohRAgtkDVWJ37GpwGlp1Ru3E9UDfKWM9zCJPnzKsWAYlUNK9cP0YY
suxB31nWq8D0eMFHKdnzEzBxISNlcJ5Glhmh7XsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0rd8LcmVSu5YMlz6bgPcxomBuQTAfBgNVHSMEGDAWgBRn7a3HZfqPL6Ge
sgljz1vSNdAbQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1otMnR4Mlg2anktaG5ySUpZODliMGpYUUcwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNjYzYzZjLTEzYmYtNDQwMC04NDgyLTIxZTBhNjZkNTQ0NC8x
L2RLM2ZDM0psVXJ1V0RKYy1tNEQzTWFKZ2JrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NjYzYzZjLTEzYmYtNDQwMC04NDgyLTIxZTBhNjZkNTQ0NC8xL1otMnR4Mlg2ankt
aG5ySUpZODliMGpYUUcwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbL7NDANBgkqhkiG9w0BAQsFAAOC
AQEAeSxWFDe+FnY1FtkPYDpAtWGOFgY3gFWoOHBcaitulyMPu+BPB0LRXeLbNr6x
L5Vcsy3Yi9ax78TWBQefwNMCREqs3NJ7lEEiIMwko+thH7/yorh1aOw03y7Ruo8Y
fOXjZjMXOGa7471Mr53QbWTIPXrc8ruKSVNGRgpBnSFLF/xI6g7L5yYS+d4ZIqLd
wyJgphSMDqqhRjju530s0nXSPZ8m6nq+T/z/B5rsf/2ul7QpLIBSc7JTkKJda11Y
GGUKtp99IE//z1NMiakp68+adqmt4Uq5/lCLX0651e/4SzUO8j9CjPlIqtHC2ldz
gWC7Qd967j9rRKT6TXYiGXQa/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:47 2024 by rpki-client on console-fra.rpki-client.org