Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa
File:                     S5MKke9dMD54vhT7s9FWcJQ5MDU.roa (raw, json)
Hash identifier:          vHubUu208LiRRi/9rYKRpuO8wV9H+Hsif6btdFCS7co=
Subject key identifier:   4B:93:0A:91:EF:5D:30:3E:78:BE:14:FB:B3:D1:56:70:94:39:30:35
Certificate issuer:       /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial:       01849F7C5B74D5BC31F801669D5C1EBA27FD
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa
Signing time:             Tue 22 Nov 2022 13:17:17 +0000
ROA not before:           Tue 22 Nov 2022 13:17:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211254
IP address blocks:        78.159.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9f:7c:5b:74:d5:bc:31:f8:01:66:9d:5c:1e:ba:27:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
        Validity
            Not Before: Nov 22 13:17:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b930a91ef5d303e78be14fbb3d1567094393035
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:30:7a:6e:36:df:06:90:80:a2:86:f9:71:65:
                    73:c9:d8:52:af:de:d6:35:12:45:0f:f9:f1:d9:bc:
                    c1:30:e8:50:46:22:40:a1:98:b1:62:03:2f:0f:9b:
                    53:0f:a4:00:63:48:52:a2:ec:02:99:ee:f2:ab:a0:
                    46:ff:85:a5:64:80:0f:15:f1:b3:31:6a:63:cd:0b:
                    6b:71:0f:21:f2:69:cf:29:0b:b2:c9:c7:88:ae:e3:
                    aa:0d:4e:34:da:e5:6c:64:25:f4:ae:80:5b:33:fd:
                    3e:e6:23:a5:25:75:af:79:96:cb:1e:b5:32:20:6d:
                    3c:71:2d:f2:6f:64:30:47:27:cd:4f:be:b2:b1:2a:
                    7a:0f:aa:3e:5e:06:2f:20:6d:8b:17:47:a1:ca:aa:
                    40:f7:6f:b0:87:7a:6f:d7:50:19:d2:c6:04:80:03:
                    be:83:b1:45:94:b6:1e:b9:09:2b:4f:08:b7:a7:7d:
                    30:c8:cd:e4:3d:68:08:31:f4:02:fe:96:9c:95:7a:
                    75:86:0c:9a:56:d6:30:57:b7:27:dd:fa:98:38:7a:
                    40:77:d6:8c:65:84:6c:9c:49:2d:b8:1d:c6:59:d4:
                    46:2b:ae:a9:ab:28:81:97:44:f2:ed:93:d0:eb:df:
                    6d:fd:df:bb:49:35:2e:07:b7:cf:f9:69:a7:1f:44:
                    42:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:93:0A:91:EF:5D:30:3E:78:BE:14:FB:B3:D1:56:70:94:39:30:35
            X509v3 Authority Key Identifier:
                keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/S5MKke9dMD54vhT7s9FWcJQ5MDU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.159.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:84:f9:45:da:77:0e:04:34:ea:31:4c:b4:aa:d2:c0:f2:e0:
         a9:19:d0:6b:42:c0:4c:76:04:a9:36:07:f4:cc:eb:c6:c1:45:
         f3:92:71:b8:59:50:16:86:33:b8:5f:59:c6:97:4f:de:55:d1:
         fe:e9:42:42:e0:2e:5d:21:19:95:85:39:d9:14:ed:88:b6:2d:
         0b:10:6a:30:8c:16:3e:69:ec:65:94:27:28:8a:ca:29:61:13:
         e8:9f:7f:a2:da:75:25:2a:89:0a:8f:f6:29:12:05:a9:0e:8f:
         96:b9:76:00:5a:a2:dd:8e:66:ad:df:90:24:e6:6b:33:ba:38:
         c0:c0:ba:e9:6a:15:50:4b:b2:b4:2a:cf:f5:c8:9c:71:53:88:
         b5:d2:9d:38:ed:1c:68:af:5b:8c:2d:c2:4a:34:db:8d:ee:ed:
         07:e1:93:42:dc:e9:c4:22:04:7a:cb:86:41:e4:64:b6:72:8b:
         40:90:ed:6e:3c:6d:42:4a:d8:63:93:32:e0:56:6c:d2:01:28:
         46:51:42:60:7e:16:47:a1:ba:9e:d4:c4:f9:33:57:95:ca:45:
         61:07:36:b8:7a:dd:b2:22:14:2d:0a:d7:40:fb:97:34:62:2b:
         72:33:25:1e:05:05:44:b1:da:2b:f8:d6:a0:e9:8d:68:c2:3a:
         61:72:fb:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSffFt01bwx+AFmnVweuif9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjIxMTIyMTMxNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjkzMGE5MWVmNWQzMDNlNzhiZTE0ZmJiM2QxNTY3MDk0MzkzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzB6bjbfBpCAoob5cWVzydhSr97W
NRJFD/nx2bzBMOhQRiJAoZixYgMvD5tTD6QAY0hSouwCme7yq6BG/4WlZIAPFfGz
MWpjzQtrcQ8h8mnPKQuyyceIruOqDU402uVsZCX0roBbM/0+5iOlJXWveZbLHrUy
IG08cS3yb2QwRyfNT76ysSp6D6o+XgYvIG2LF0ehyqpA92+wh3pv11AZ0sYEgAO+
g7FFlLYeuQkrTwi3p30wyM3kPWgIMfQC/paclXp1hgyaVtYwV7cn3fqYOHpAd9aM
ZYRsnEktuB3GWdRGK66pqyiBl0Ty7ZPQ699t/d+7STUuB7fP+WmnH0RCWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuTCpHvXTA+eL4U+7PRVnCUOTA1MB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvUzVNS2tlOWRNRDU0dmhUN3M5RldjSlE1TURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9QMA0G
CSqGSIb3DQEBCwUAA4IBAQC7hPlF2ncOBDTqMUy0qtLA8uCpGdBrQsBMdgSpNgf0
zOvGwUXzknG4WVAWhjO4X1nGl0/eVdH+6UJC4C5dIRmVhTnZFO2Iti0LEGowjBY+
aexllCcoisopYRPon3+i2nUlKokKj/YpEgWpDo+WuXYAWqLdjmat35Ak5mszujjA
wLrpahVQS7K0Ks/1yJxxU4i10p047Rxor1uMLcJKNNuN7u0H4ZNC3OnEIgR6y4ZB
5GS2cotAkO1uPG1CSthjkzLgVmzSAShGUUJgfhZHobqe1MT5M1eVykVhBza4et2y
IhQtCtdA+5c0YityMyUeBQVEsdor+Nag6Y1owjphcvud
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:44 2024 by rpki-client on console-ams.rpki-client.org