Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DAdU1y0C84k2QLkLt9yTGwYmbYk.roa
File:                     DAdU1y0C84k2QLkLt9yTGwYmbYk.roa (raw, json)
Hash identifier:          c5Kdh5xwyrKF5MCxhTETpdnKm2oOf2/wZEAvyZ9YOVI=
Subject key identifier:   0C:07:54:D7:2D:02:F3:89:36:40:B9:0B:B7:DC:93:1B:06:26:6D:89
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       028E4E6B
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DAdU1y0C84k2QLkLt9yTGwYmbYk.roa
Signing time:             Sat 01 Jan 2022 13:03:01 +0000
ROA not before:           Sat 01 Jan 2022 13:03:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206092
IP address blocks:        84.247.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 42880619 (0x28e4e6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Jan  1 13:03:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c0754d72d02f3893640b90bb7dc931b06266d89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:68:f6:40:47:1b:47:61:66:a0:c9:5c:bd:60:
                    37:ca:8d:ce:69:d2:d4:71:72:02:c8:24:ec:1b:39:
                    e9:e7:ec:ff:f6:62:14:18:9c:f5:f6:38:98:f4:3a:
                    97:ef:ca:c0:f4:a4:75:b0:7b:4b:69:54:3a:16:48:
                    1e:a5:f5:b8:ad:35:55:6c:53:0f:90:3d:bb:52:bc:
                    07:32:0d:5c:85:ea:46:11:26:7e:a2:f5:36:11:48:
                    ea:48:49:8b:b0:c8:6b:cb:12:ad:a2:84:80:57:d0:
                    cd:10:ab:8c:2d:d7:b4:fe:b8:02:dc:90:d2:e3:20:
                    85:bd:c7:58:c1:24:f0:6c:2d:54:18:bc:bf:93:35:
                    72:df:bc:c6:67:12:fa:dc:63:95:e7:a5:35:da:f4:
                    37:5d:1d:39:26:2d:86:a1:9f:8c:15:56:cb:57:64:
                    4a:05:99:75:a5:41:83:47:df:e7:f5:95:18:69:c5:
                    6d:f1:34:d5:45:b3:51:c7:c7:8d:b2:aa:97:e0:cb:
                    e4:a5:a5:f3:7b:1a:95:e4:43:71:71:45:6a:36:87:
                    a9:65:df:f2:f6:8d:3d:07:32:f1:99:5d:1e:3c:ec:
                    97:b8:0d:6b:ae:7a:cb:dc:f6:76:4f:61:2b:7f:e3:
                    8b:cb:ec:5b:da:d2:23:ec:e8:14:eb:57:ea:8e:3c:
                    73:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:07:54:D7:2D:02:F3:89:36:40:B9:0B:B7:DC:93:1B:06:26:6D:89
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/DAdU1y0C84k2QLkLt9yTGwYmbYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.247.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:45:9a:bf:b6:1c:94:91:8f:17:13:23:7c:1b:c3:6b:a8:0e:
         18:46:98:3e:f0:e1:e8:dd:e7:47:55:ec:4b:f6:5c:f0:82:c9:
         13:77:d2:6c:76:5f:3f:b6:57:1e:7f:0c:9e:fd:d6:d8:62:d9:
         a9:3d:8c:65:ce:cd:86:48:0d:ab:e9:8c:38:c9:ef:e8:12:c4:
         37:2e:d2:fa:75:a1:4a:35:73:05:4d:ff:ae:e1:83:bd:8e:8e:
         03:c4:d7:84:f0:25:1c:09:1c:bb:e8:ee:3b:01:83:1c:44:d9:
         52:31:47:47:9b:e2:da:f0:33:65:01:fa:c4:1b:22:79:8b:f1:
         aa:d5:44:1e:59:c9:77:31:de:83:09:cc:99:a8:40:04:13:93:
         a4:75:f7:b6:0b:5c:f7:97:bf:f3:7a:c8:2b:39:4a:d6:fa:6c:
         8f:3f:fc:c0:e1:20:bd:ca:7b:56:ef:75:74:5f:e0:81:05:e9:
         1f:f5:74:90:f1:27:fa:4b:43:4c:20:7d:00:d1:57:a3:ab:96:
         d9:27:ac:95:8a:43:1c:66:80:ce:14:b2:b6:85:e2:6c:cd:95:
         0b:9f:20:99:78:f0:04:42:0a:11:15:8d:9f:ef:1d:f9:57:1e:
         33:a9:1f:b0:54:76:66:e7:54:7f:e8:9f:7a:07:fe:20:70:6d:
         99:51:0d:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAo5OazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDEw
MTEzMDMwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMwNzU0ZDcyZDAy
ZjM4OTM2NDBiOTBiYjdkYzkzMWIwNjI2NmQ4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBo9kBHG0dhZqDJXL1gN8qNzmnS1HFyAsgk7Bs56efs//Zi
FBic9fY4mPQ6l+/KwPSkdbB7S2lUOhZIHqX1uK01VWxTD5A9u1K8BzINXIXqRhEm
fqL1NhFI6khJi7DIa8sSraKEgFfQzRCrjC3XtP64AtyQ0uMghb3HWMEk8GwtVBi8
v5M1ct+8xmcS+txjleelNdr0N10dOSYthqGfjBVWy1dkSgWZdaVBg0ff5/WVGGnF
bfE01UWzUcfHjbKql+DL5KWl83saleRDcXFFajaHqWXf8vaNPQcy8ZldHjzsl7gN
a656y9z2dk9hK3/ji8vsW9rSI+zoFOtX6o48cwsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMB1TXLQLziTZAuQu33JMbBiZtiTAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L0RBZFUxeTBDODRrMlFMa0x0OXlUR3dZbWJZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFT3OzANBgkqhkiG9w0BAQsFAAOC
AQEAi0Wav7YclJGPFxMjfBvDa6gOGEaYPvDh6N3nR1XsS/Zc8ILJE3fSbHZfP7ZX
Hn8Mnv3W2GLZqT2MZc7NhkgNq+mMOMnv6BLENy7S+nWhSjVzBU3/ruGDvY6OA8TX
hPAlHAkcu+juOwGDHETZUjFHR5vi2vAzZQH6xBsieYvxqtVEHlnJdzHegwnMmahA
BBOTpHX3tgtc95e/83rIKzlK1vpsjz/8wOEgvcp7Vu91dF/ggQXpH/V0kPEn+ktD
TCB9ANFXo6uW2SeslYpDHGaAzhSytoXibM2VC58gmXjwBEIKERWNn+8d+VceM6kf
sFR2ZudUf+ifegf+IHBtmVENTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org