Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Sr3LK8E_r3XjVume4c__cQkD23U.roa
File:                     Sr3LK8E_r3XjVume4c__cQkD23U.roa (raw, json)
Hash identifier:          Y33r5eJmD2tKB++jt99MTaz0B3tEn3jftbQ/9rVGRlc=
Subject key identifier:   4A:BD:CB:2B:C1:3F:AF:75:E3:56:E9:9E:E1:CF:FF:71:09:03:DB:75
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       0183F1B4A788C734D897BA2361625DDE022B
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Sr3LK8E_r3XjVume4c__cQkD23U.roa
Signing time:             Wed 19 Oct 2022 19:24:51 +0000
ROA not before:           Wed 19 Oct 2022 19:24:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24940
IP address blocks:        217.78.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f1:b4:a7:88:c7:34:d8:97:ba:23:61:62:5d:de:02:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Oct 19 19:24:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4abdcb2bc13faf75e356e99ee1cfff710903db75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d6:6b:5c:eb:83:5c:e5:28:67:c0:28:fa:a6:
                    8e:f1:ca:eb:69:f6:a0:29:53:6e:4b:7d:43:e4:fb:
                    1b:3c:55:21:15:61:6f:71:c6:f9:42:22:b1:0c:21:
                    97:00:f9:48:a1:fd:ef:ec:60:d6:f1:22:df:2c:84:
                    aa:77:7b:b7:4c:88:57:e8:11:28:fe:b9:a3:97:09:
                    da:12:59:e2:0b:ad:77:ca:c2:f3:36:0b:31:2b:94:
                    6b:29:81:af:1f:db:7a:28:9e:dd:18:cb:33:7d:da:
                    9a:04:f3:0b:73:5f:1f:ef:df:2a:4c:a6:f2:ac:d2:
                    9a:d1:04:7c:45:65:f9:55:8e:d3:d8:b7:01:11:8c:
                    57:be:6b:ff:f7:24:28:91:7f:4a:fc:6b:af:ab:54:
                    5f:94:e4:f5:ad:1c:c3:2a:5d:62:fa:3b:e3:24:df:
                    c4:c5:a0:b1:3e:c3:3b:fe:4f:5d:16:2e:b3:da:75:
                    38:85:bc:3a:65:39:84:eb:3e:b1:61:b5:90:7f:11:
                    75:ea:bf:b7:a8:a8:bb:b6:22:3a:65:46:db:9b:01:
                    f3:4d:ae:48:48:ae:d7:51:3a:98:2b:5f:41:83:4f:
                    57:6f:4d:c4:ba:26:f1:45:17:27:7c:1e:7d:24:eb:
                    ed:06:f4:65:95:0a:8b:52:0f:53:f6:4c:4c:d1:5d:
                    98:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:BD:CB:2B:C1:3F:AF:75:E3:56:E9:9E:E1:CF:FF:71:09:03:DB:75
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Sr3LK8E_r3XjVume4c__cQkD23U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.78.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:71:c4:e1:67:65:43:19:b3:3b:04:5d:c2:5b:c8:60:7f:98:
         23:75:d9:4f:f7:85:26:d2:c0:b1:cc:70:60:99:79:2c:d7:7a:
         17:cd:4a:e3:9a:69:8f:28:c1:54:3c:86:0e:ea:6c:a5:59:87:
         82:c2:53:29:c5:c9:61:32:07:0f:2e:dd:fe:56:14:86:d5:31:
         98:e7:8d:35:40:d7:31:4c:fa:e6:7f:43:fd:f1:d6:61:c1:f8:
         af:c9:52:6b:d2:8c:2b:a4:50:72:02:79:13:f3:3e:1a:e0:e8:
         18:16:cb:f5:7b:b6:a2:e0:a6:4b:ff:5d:a7:ef:06:32:77:87:
         07:4f:14:03:d7:3b:cf:bc:a2:6e:a1:a6:ac:00:f9:83:08:19:
         90:3f:d6:6e:87:17:74:a4:02:90:27:91:f7:a1:01:f8:27:39:
         c9:61:52:95:8d:c7:75:56:80:42:aa:05:82:6a:2c:73:57:57:
         e8:ed:c7:76:4d:a0:2f:e4:ea:16:49:68:dd:c2:be:67:98:25:
         55:e3:e3:27:1e:7b:aa:3f:01:be:64:7c:01:2d:60:fa:7a:da:
         70:25:ca:b4:7c:f3:0d:a0:b2:fd:39:82:f2:4a:b5:6c:d9:09:
         8f:3e:3f:2e:4a:fb:51:b5:d6:e6:b8:d5:ac:40:1e:11:ba:b5:
         30:88:e0:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPxtKeIxzTYl7ojYWJd3gIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjIxMDE5MTkyNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJkY2IyYmMxM2ZhZjc1ZTM1NmU5OWVlMWNmZmY3MTA5MDNkYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNZrXOuDXOUoZ8Ao+qaO8crrafag
KVNuS31D5PsbPFUhFWFvccb5QiKxDCGXAPlIof3v7GDW8SLfLISqd3u3TIhX6BEo
/rmjlwnaElniC613ysLzNgsxK5RrKYGvH9t6KJ7dGMszfdqaBPMLc18f798qTKby
rNKa0QR8RWX5VY7T2LcBEYxXvmv/9yQokX9K/Guvq1RflOT1rRzDKl1i+jvjJN/E
xaCxPsM7/k9dFi6z2nU4hbw6ZTmE6z6xYbWQfxF16r+3qKi7tiI6ZUbbmwHzTa5I
SK7XUTqYK19Bg09Xb03EuibxRRcnfB59JOvtBvRllQqLUg9T9kxM0V2YlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEq9yyvBP69141bpnuHP/3EJA9t1MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvU3IzTEs4RV9yM1hqVnVtZTRjX19jUWtEMjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2U7tMA0G
CSqGSIb3DQEBCwUAA4IBAQCBccThZ2VDGbM7BF3CW8hgf5gjddlP94Um0sCxzHBg
mXks13oXzUrjmmmPKMFUPIYO6mylWYeCwlMpxclhMgcPLt3+VhSG1TGY5401QNcx
TPrmf0P98dZhwfivyVJr0owrpFByAnkT8z4a4OgYFsv1e7ai4KZL/12n7wYyd4cH
TxQD1zvPvKJuoaasAPmDCBmQP9Zuhxd0pAKQJ5H3oQH4JznJYVKVjcd1VoBCqgWC
aixzV1fo7cd2TaAv5OoWSWjdwr5nmCVV4+MnHnuqPwG+ZHwBLWD6etpwJcq0fPMN
oLL9OYLySrVs2QmPPj8uSvtRtdbmuNWsQB4RurUwiOCh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org