Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/eKVDGQc218a_NbKMf-G6OyuybUg.roa
File:                     eKVDGQc218a_NbKMf-G6OyuybUg.roa (raw, json)
Hash identifier:          1BgaUxxGYb/M3Vbi2BRp/I6R2mApowZTOQxiUynhH30=
Subject key identifier:   78:A5:43:19:07:36:D7:C6:BF:35:B2:8C:7F:E1:BA:3B:2B:B2:6D:48
Certificate issuer:       /CN=9ffc98428c2451c1aedf8affc072a95868ecee8b
Certificate serial:       01178ABD
Authority key identifier: 9F:FC:98:42:8C:24:51:C1:AE:DF:8A:FF:C0:72:A9:58:68:EC:EE:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n_yYQowkUcGu34r_wHKpWGjs7os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/eKVDGQc218a_NbKMf-G6OyuybUg.roa
Signing time:             Mon 02 May 2022 12:03:50 +0000
ROA not before:           Mon 02 May 2022 12:03:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39791
IP address blocks:        193.109.176.0/21 maxlen: 21
                          89.111.102.0/24 maxlen: 24
                          89.111.64.0/18 maxlen: 18
                          89.111.72.0/22 maxlen: 22
                          89.111.76.0/22 maxlen: 22
                          2a01:a040::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18320061 (0x1178abd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ffc98428c2451c1aedf8affc072a95868ecee8b
        Validity
            Not Before: May  2 12:03:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=78a543190736d7c6bf35b28c7fe1ba3b2bb26d48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7e:26:a4:18:04:f4:61:6e:24:53:51:9e:0d:
                    ea:21:26:0a:e0:fa:1e:f2:75:50:7b:d7:ec:6f:78:
                    6c:e4:c3:38:e5:ab:9d:f0:3e:0d:9e:cf:d4:11:02:
                    23:ea:73:9d:38:7e:80:10:f1:80:10:fa:c6:c2:0f:
                    82:36:b7:7c:a5:27:d4:c5:cb:3f:8c:a9:b9:fb:97:
                    08:92:d2:6b:40:39:43:65:08:01:4e:ef:4c:e5:38:
                    83:c2:2d:ab:e2:af:80:0e:5e:63:c3:a3:f3:4f:8f:
                    69:f1:ca:80:5c:a0:fe:a8:66:05:5a:f9:69:13:84:
                    66:c4:ab:e2:5b:a0:81:43:6a:64:df:f8:84:1b:eb:
                    42:11:97:bc:4d:15:d7:03:d1:42:0f:b0:cc:09:0d:
                    97:77:23:9f:ad:df:c5:9b:4c:0c:9b:03:61:61:29:
                    38:ae:23:ce:49:df:d8:bb:32:10:68:f2:55:2a:f0:
                    43:54:b0:05:2a:e5:46:f8:3a:95:c6:d7:c1:7a:73:
                    1b:58:11:12:07:c8:76:a7:4a:50:5d:a0:28:68:3e:
                    f2:08:ef:ae:fe:87:3c:36:7d:25:9e:cb:bb:67:1d:
                    11:a7:3c:4f:c1:65:79:8e:4f:f0:61:57:99:4c:a0:
                    f1:d0:0b:aa:92:69:c2:ac:e7:50:a7:13:e1:99:53:
                    ac:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:A5:43:19:07:36:D7:C6:BF:35:B2:8C:7F:E1:BA:3B:2B:B2:6D:48
            X509v3 Authority Key Identifier:
                keyid:9F:FC:98:42:8C:24:51:C1:AE:DF:8A:FF:C0:72:A9:58:68:EC:EE:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_yYQowkUcGu34r_wHKpWGjs7os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/eKVDGQc218a_NbKMf-G6OyuybUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/n_yYQowkUcGu34r_wHKpWGjs7os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.111.64.0/18
                  193.109.176.0/21
                IPv6:
                  2a01:a040::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:05:f3:0b:43:62:94:64:2e:6e:40:e5:ed:dd:8e:f9:9d:dc:
         96:de:93:cf:ae:23:52:b6:9a:aa:b2:de:68:aa:86:79:17:96:
         7d:c8:00:f5:64:a5:95:ea:c9:41:a4:96:9f:45:da:1a:f1:a7:
         dc:7a:d1:4f:41:30:44:4b:3d:a7:d5:ed:8e:d5:ab:45:4d:5c:
         25:b1:67:47:c7:2f:99:c8:61:0b:84:5f:7f:02:41:8c:9d:d0:
         7d:3b:ff:33:87:77:d2:f1:8d:11:e0:87:10:e2:92:30:01:e5:
         2c:6d:bc:68:9d:2a:d1:bb:d5:2c:6e:24:06:79:5d:39:51:c6:
         f4:91:c2:43:24:22:0e:ee:09:b7:7a:a8:3a:ee:54:5d:e8:66:
         8c:4a:00:11:1e:91:20:41:17:36:ab:ae:cb:6a:74:16:98:75:
         25:d5:d4:8d:4d:3d:ca:8e:c4:52:61:a5:f2:07:59:6a:40:a6:
         8a:74:cf:97:de:29:46:cf:4a:5d:38:88:ee:3e:c9:a8:98:f1:
         37:51:7b:ce:08:99:7b:f4:50:12:d2:da:5d:63:d7:bb:0f:fa:
         d9:8e:57:3a:f5:10:b5:47:4b:81:d2:0d:a2:0b:59:98:54:41:
         b9:d8:e2:56:2e:6c:82:9f:51:02:11:29:b3:01:79:d4:8a:fc:
         9b:ae:7b:e2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAReKvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZmZjOTg0MjhjMjQ1MWMxYWVkZjhhZmZjMDcyYTk1ODY4ZWNlZThiMB4XDTIyMDUw
MjEyMDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhhNTQzMTkwNzM2
ZDdjNmJmMzViMjhjN2ZlMWJhM2IyYmIyNmQ0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZ+JqQYBPRhbiRTUZ4N6iEmCuD6HvJ1UHvX7G94bOTDOOWr
nfA+DZ7P1BECI+pznTh+gBDxgBD6xsIPgja3fKUn1MXLP4ypufuXCJLSa0A5Q2UI
AU7vTOU4g8Itq+KvgA5eY8Oj80+PafHKgFyg/qhmBVr5aROEZsSr4luggUNqZN/4
hBvrQhGXvE0V1wPRQg+wzAkNl3cjn63fxZtMDJsDYWEpOK4jzknf2LsyEGjyVSrw
Q1SwBSrlRvg6lcbXwXpzG1gREgfIdqdKUF2gKGg+8gjvrv6HPDZ9JZ7Lu2cdEac8
T8FleY5P8GFXmUyg8dALqpJpwqznUKcT4ZlTrF8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR4pUMZBzbXxr81sox/4bo7K7JtSDAfBgNVHSMEGDAWgBSf/JhCjCRRwa7f
iv/AcqlYaOzuizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25feVlRb3drVWNHdTM0cl93SEtwV0dqczdvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvNzI0MzI4LTA5ZDMtNDk2NC1hY2M0LWI5NmQyZmJlZmViZC8x
L2VLVkRHUWMyMThhX05iS01mLUc2T3l1eWJVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
NzI0MzI4LTA5ZDMtNDk2NC1hY2M0LWI5NmQyZmJlZmViZC8xL25feVlRb3drVWNH
dTM0cl93SEtwV0dqczdvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBllvQAMEA8FtsDANBAIAAjAHAwUA
KgGgQDANBgkqhkiG9w0BAQsFAAOCAQEAHQXzC0NilGQubkDl7d2O+Z3clt6Tz64j
UraaqrLeaKqGeReWfcgA9WSllerJQaSWn0XaGvGn3HrRT0EwREs9p9XtjtWrRU1c
JbFnR8cvmchhC4RffwJBjJ3QfTv/M4d30vGNEeCHEOKSMAHlLG28aJ0q0bvVLG4k
BnldOVHG9JHCQyQiDu4Jt3qoOu5UXehmjEoAER6RIEEXNquuy2p0Fph1JdXUjU09
yo7EUmGl8gdZakCminTPl94pRs9KXTiI7j7JqJjxN1F7zgiZe/RQEtLaXWPXuw/6
2Y5XOvUQtUdLgdINogtZmFRBudjiVi5sgp9RAhEpswF51Ir8m6574g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:06 2024 by rpki-client on console-ams.rpki-client.org