Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/c71e30-c868-48fc-80df-36483139dc5e/1/4dCyr_9j_eb3KI3AYY2rpK1Oe04.roa
File:                     4dCyr_9j_eb3KI3AYY2rpK1Oe04.roa (raw, json)
Hash identifier:          0NcK2+ckdGhlsbQ/hFvqSBi7wUzVq2kw80dvkiNq7L8=
Subject key identifier:   E1:D0:B2:AF:FF:63:FD:E6:F7:28:8D:C0:61:8D:AB:A4:AD:4E:7B:4E
Certificate issuer:       /CN=93c38d3e1c4e7e543a36c8b6353eb66da4dab40b
Certificate serial:       05E79362
Authority key identifier: 93:C3:8D:3E:1C:4E:7E:54:3A:36:C8:B6:35:3E:B6:6D:A4:DA:B4:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k8ONPhxOflQ6Nsi2NT62baTatAs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/c71e30-c868-48fc-80df-36483139dc5e/1/4dCyr_9j_eb3KI3AYY2rpK1Oe04.roa
Signing time:             Sat 01 Jan 2022 10:54:55 +0000
ROA not before:           Sat 01 Jan 2022 10:54:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31463
IP address blocks:        93.177.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99062626 (0x5e79362)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93c38d3e1c4e7e543a36c8b6353eb66da4dab40b
        Validity
            Not Before: Jan  1 10:54:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e1d0b2afff63fde6f7288dc0618daba4ad4e7b4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:83:87:cb:08:d0:db:82:23:2f:94:a8:8e:3c:
                    d2:8f:ea:74:ff:b9:71:13:66:6f:f8:00:39:36:dd:
                    27:98:23:f3:a7:02:ee:0b:8c:d0:af:c9:31:3b:ab:
                    2b:fd:63:ae:a4:3c:db:47:30:73:18:5b:86:cc:1c:
                    4a:0d:20:c1:e7:77:90:87:ec:b2:d4:0b:20:14:b3:
                    28:48:cd:f1:be:ac:39:32:5e:1d:74:11:84:62:b8:
                    e9:ed:b5:f8:60:0f:bf:1e:65:84:a2:6d:e0:fe:6c:
                    6c:3c:81:ab:3c:0c:ff:a7:b5:15:52:83:22:d7:d6:
                    99:c1:a2:c7:83:c6:ac:06:f3:47:91:8d:db:c2:a9:
                    4f:42:1f:60:f2:ce:05:38:fd:0e:ae:36:28:36:80:
                    45:a4:8f:3a:94:87:8d:4c:7a:be:08:4f:00:39:e2:
                    d3:32:52:a5:1d:df:88:35:fb:db:17:b5:40:bd:d5:
                    a9:f4:b5:fa:13:40:92:13:1e:52:60:ac:cb:d3:00:
                    c5:c7:07:1d:02:55:8a:02:f7:13:f5:03:ab:66:94:
                    9b:1d:c9:2b:65:cc:31:19:e1:4b:d8:54:06:9d:e6:
                    fc:b3:26:83:0f:4a:27:a2:01:5a:ce:a7:6f:c9:67:
                    a5:07:72:f9:c3:47:f3:42:48:49:20:aa:60:8a:ba:
                    e6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D0:B2:AF:FF:63:FD:E6:F7:28:8D:C0:61:8D:AB:A4:AD:4E:7B:4E
            X509v3 Authority Key Identifier:
                keyid:93:C3:8D:3E:1C:4E:7E:54:3A:36:C8:B6:35:3E:B6:6D:A4:DA:B4:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8ONPhxOflQ6Nsi2NT62baTatAs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c71e30-c868-48fc-80df-36483139dc5e/1/4dCyr_9j_eb3KI3AYY2rpK1Oe04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/c71e30-c868-48fc-80df-36483139dc5e/1/k8ONPhxOflQ6Nsi2NT62baTatAs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.177.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:3e:c3:5b:fc:ca:57:14:52:ad:7d:fc:78:fd:08:9f:b5:1f:
         67:f9:02:18:27:4b:2b:1d:15:76:ed:79:c8:59:4c:85:9b:3a:
         fa:fd:4c:19:54:3f:65:09:dc:3a:a8:33:e1:4f:af:41:b4:d1:
         46:d2:0e:09:89:61:8f:42:34:90:f9:d1:9a:7d:b6:99:7a:02:
         3d:39:5e:d3:22:d2:20:91:b6:f5:c9:a0:9d:0a:18:0a:e5:5d:
         70:cf:58:9e:d1:8f:3b:f8:9e:96:1e:a8:25:b2:40:7e:68:08:
         2e:bd:a9:11:ca:5a:fd:98:c1:7d:e4:13:62:4e:a2:35:23:3b:
         8f:f2:57:0c:d7:15:05:a1:54:86:9f:96:3d:4b:2c:44:f0:1f:
         91:48:79:b4:34:7e:d4:2b:9c:a8:6d:a6:15:54:61:67:d6:81:
         9b:8d:ba:9f:d6:34:6d:d3:37:e9:9a:79:73:c4:4e:8f:44:b3:
         cd:f3:77:84:8b:39:86:a3:99:87:0d:38:0d:52:83:70:2e:c0:
         e5:7c:28:fb:2d:37:c4:d5:b0:36:85:90:84:90:38:73:a1:54:
         1d:c1:33:9f:64:a6:80:dd:ef:b3:2a:35:4e:f1:03:35:d3:05:
         b5:ee:33:48:11:f9:88:61:65:fa:3b:68:e6:df:5a:ee:de:d8:
         99:de:59:ec
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBeeTYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2MzOGQzZTFjNGU3ZTU0M2EzNmM4YjYzNTNlYjY2ZGE0ZGFiNDBiMB4XDTIyMDEw
MTEwNTQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFkMGIyYWZmZjYz
ZmRlNmY3Mjg4ZGMwNjE4ZGFiYTRhZDRlN2I0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJeDh8sI0NuCIy+UqI480o/qdP+5cRNmb/gAOTbdJ5gj86cC
7guM0K/JMTurK/1jrqQ820cwcxhbhswcSg0gwed3kIfsstQLIBSzKEjN8b6sOTJe
HXQRhGK46e21+GAPvx5lhKJt4P5sbDyBqzwM/6e1FVKDItfWmcGix4PGrAbzR5GN
28KpT0IfYPLOBTj9Dq42KDaARaSPOpSHjUx6vghPADni0zJSpR3fiDX72xe1QL3V
qfS1+hNAkhMeUmCsy9MAxccHHQJVigL3E/UDq2aUmx3JK2XMMRnhS9hUBp3m/LMm
gw9KJ6IBWs6nb8lnpQdy+cNH80JISSCqYIq65sMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTh0LKv/2P95vcojcBhjaukrU57TjAfBgNVHSMEGDAWgBSTw40+HE5+VDo2
yLY1PrZtpNq0CzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s4T05QaHhPZmxRNk5zaTJOVDYyYmFUYXRBcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYzcxZTMwLWM4NjgtNDhmYy04MGRmLTM2NDgzMTM5ZGM1ZS8x
LzRkQ3lyXzlqX2ViM0tJM0FZWTJycEsxT2UwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YzcxZTMwLWM4NjgtNDhmYy04MGRmLTM2NDgzMTM5ZGM1ZS8xL2s4T05QaHhPZmxR
Nk5zaTJOVDYyYmFUYXRBcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2xfzANBgkqhkiG9w0BAQsFAAOC
AQEAUz7DW/zKVxRSrX38eP0In7UfZ/kCGCdLKx0Vdu15yFlMhZs6+v1MGVQ/ZQnc
Oqgz4U+vQbTRRtIOCYlhj0I0kPnRmn22mXoCPTle0yLSIJG29cmgnQoYCuVdcM9Y
ntGPO/ielh6oJbJAfmgILr2pEcpa/ZjBfeQTYk6iNSM7j/JXDNcVBaFUhp+WPUss
RPAfkUh5tDR+1CucqG2mFVRhZ9aBm426n9Y0bdM36Zp5c8ROj0SzzfN3hIs5hqOZ
hw04DVKDcC7A5Xwo+y03xNWwNoWQhJA4c6FUHcEzn2SmgN3vsyo1TvEDNdMFte4z
SBH5iGFl+jto5t9a7t7Ymd5Z7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:31 2024 by rpki-client on console-fra.rpki-client.org