Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NbNkh0Ao-JWmhkQkRKIjI-jDy_k.roa
File:                     NbNkh0Ao-JWmhkQkRKIjI-jDy_k.roa (raw, json)
Hash identifier:          xOLjIYNpo4P+/gF26X0J6Wxn4MKUoWlMCwSYiFBFhyc=
Subject key identifier:   35:B3:64:87:40:28:F8:95:A6:86:44:24:44:A2:23:23:E8:C3:CB:F9
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018364A1D03523997C1E1F9063D2361E51B1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NbNkh0Ao-JWmhkQkRKIjI-jDy_k.roa
Signing time:             Thu 22 Sep 2022 09:57:49 +0000
ROA not before:           Thu 22 Sep 2022 09:57:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        195.133.55.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:64:a1:d0:35:23:99:7c:1e:1f:90:63:d2:36:1e:51:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 22 09:57:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35b364874028f895a686442444a22323e8c3cbf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3f:82:51:7c:e9:c6:26:b2:8e:1e:2b:ee:6f:
                    b6:eb:f0:d7:50:29:40:fe:ca:5a:63:93:80:4b:0d:
                    d8:ee:db:8b:23:48:c4:99:ce:16:e4:46:37:ab:0d:
                    dc:7f:d7:1c:07:a5:21:e2:e9:64:ec:89:35:78:ad:
                    53:55:76:e3:6c:58:2f:87:fd:9e:9f:57:6f:76:49:
                    46:21:71:4d:f4:ca:4a:c9:e8:9e:5b:db:04:ff:f3:
                    85:09:24:ad:bd:14:ed:38:37:99:11:fc:8d:80:30:
                    b6:6b:32:96:1c:c7:33:25:07:be:9c:93:89:6d:52:
                    97:a5:d0:e2:94:42:47:eb:21:ee:c7:92:22:d5:8e:
                    d1:e5:6e:86:a8:56:3c:0a:59:b3:64:c2:a6:fa:f1:
                    38:33:a8:3b:9a:52:78:c7:a7:f6:b4:bd:64:95:91:
                    06:47:7e:47:6a:8e:11:a0:3b:b4:16:90:3e:11:78:
                    47:f7:ee:d5:3e:ab:4e:2c:3c:f4:e5:09:7a:10:7c:
                    85:b1:f0:31:4b:92:c2:0e:af:5d:2c:52:a1:93:ba:
                    63:24:51:fd:54:26:71:cf:3e:ea:ad:49:0b:07:38:
                    09:26:5f:d8:d0:65:f7:01:95:12:ad:66:f7:49:d1:
                    58:7c:5c:21:c2:ab:32:cb:6e:42:ff:83:61:e3:51:
                    69:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:B3:64:87:40:28:F8:95:A6:86:44:24:44:A2:23:23:E8:C3:CB:F9
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NbNkh0Ao-JWmhkQkRKIjI-jDy_k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:d5:b9:03:26:0d:92:f5:8d:55:82:b8:16:d1:19:0a:a7:1d:
         4b:84:ee:71:9a:24:d1:4b:f2:80:23:f3:a3:b4:bf:20:e6:d0:
         3d:ba:74:9e:ee:a1:ad:2d:b2:ac:55:3e:dc:76:28:32:da:d2:
         01:03:5f:70:aa:6b:45:6a:56:e0:b2:a0:b7:0a:c1:42:b0:38:
         21:52:38:c6:0b:4a:03:d1:44:33:8e:47:71:4f:29:c3:68:29:
         56:06:41:38:59:28:f9:34:69:8e:6a:41:f7:6d:70:aa:b2:2b:
         8e:3d:77:27:60:57:bb:81:89:51:dc:4d:7e:11:12:cf:80:7c:
         c8:48:f5:30:62:dc:e5:b9:11:0e:2d:2f:f3:43:ce:a6:e7:22:
         47:17:13:42:d3:fb:8d:a8:42:51:1e:bc:71:71:76:39:80:49:
         5e:2c:c6:1f:56:ed:25:18:9c:43:3e:26:f4:89:82:cc:95:90:
         b0:6a:ed:d4:77:6e:1b:2a:90:76:6f:8a:0c:74:4e:d4:31:d4:
         68:13:2b:58:d2:52:ef:ed:33:7c:4d:14:18:65:d6:90:2f:41:
         4a:dc:30:12:ac:63:1f:e8:8e:2b:c5:c6:26:df:2d:01:b3:e6:
         0b:94:90:98:26:8b:2f:ec:8c:13:7c:c5:2a:85:3a:80:ea:71:
         42:85:bf:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNkodA1I5l8Hh+QY9I2HlGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwOTIyMDk1NzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIzNjQ4NzQwMjhmODk1YTY4NjQ0MjQ0NGEyMjMyM2U4YzNjYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz+CUXzpxiayjh4r7m+26/DXUClA
/spaY5OASw3Y7tuLI0jEmc4W5EY3qw3cf9ccB6Uh4ulk7Ik1eK1TVXbjbFgvh/2e
n1dvdklGIXFN9MpKyeieW9sE//OFCSStvRTtODeZEfyNgDC2azKWHMczJQe+nJOJ
bVKXpdDilEJH6yHux5Ii1Y7R5W6GqFY8ClmzZMKm+vE4M6g7mlJ4x6f2tL1klZEG
R35Hao4RoDu0FpA+EXhH9+7VPqtOLDz05Ql6EHyFsfAxS5LCDq9dLFKhk7pjJFH9
VCZxzz7qrUkLBzgJJl/Y0GX3AZUSrWb3SdFYfFwhwqsyy25C/4Nh41FppwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWzZIdAKPiVpoZEJESiIyPow8v5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTmJOa2gwQW8tSldtaGtRa1JLSWpJLWpEeV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4U3MA0G
CSqGSIb3DQEBCwUAA4IBAQAg1bkDJg2S9Y1VgrgW0RkKpx1LhO5xmiTRS/KAI/Oj
tL8g5tA9unSe7qGtLbKsVT7cdigy2tIBA19wqmtFalbgsqC3CsFCsDghUjjGC0oD
0UQzjkdxTynDaClWBkE4WSj5NGmOakH3bXCqsiuOPXcnYFe7gYlR3E1+ERLPgHzI
SPUwYtzluREOLS/zQ86m5yJHFxNC0/uNqEJRHrxxcXY5gEleLMYfVu0lGJxDPib0
iYLMlZCwau3Ud24bKpB2b4oMdE7UMdRoEytY0lLv7TN8TRQYZdaQL0FK3DASrGMf
6I4rxcYm3y0Bs+YLlJCYJosv7IwTfMUqhTqA6nFChb/O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-ams.rpki-client.org