Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u7ZSrlRWyzFQvtlMyisPggo3DpE.roa
File:                     u7ZSrlRWyzFQvtlMyisPggo3DpE.roa (raw, json)
Hash identifier:          hn040lm3pEAA7yDWahztJ5s91brHs+lwf4zvvU+9+xY=
Subject key identifier:   BB:B6:52:AE:54:56:CB:31:50:BE:D9:4C:CA:2B:0F:82:0A:37:0E:91
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0F97C363
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u7ZSrlRWyzFQvtlMyisPggo3DpE.roa
Signing time:             Fri 29 Apr 2022 21:30:19 +0000
ROA not before:           Fri 29 Apr 2022 21:30:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        195.133.81.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 261604195 (0xf97c363)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr 29 21:30:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bbb652ae5456cb3150bed94cca2b0f820a370e91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:81:02:8d:0e:2f:ce:62:ba:f6:83:21:08:3c:
                    62:12:b0:9c:8c:af:17:ee:8b:88:58:cb:1e:ec:86:
                    6c:99:52:2c:e0:08:88:73:0d:51:a2:f9:47:3b:45:
                    25:6a:02:18:d3:20:ec:7d:a4:84:a1:cd:c3:4e:10:
                    8b:57:71:55:af:b6:8b:ac:00:e6:8b:d6:ca:4a:15:
                    74:98:91:7a:6b:af:5d:9e:23:b7:6f:fc:a2:c1:13:
                    d2:00:c9:88:0b:b1:75:8d:a6:93:84:df:61:b4:63:
                    94:26:b4:9e:54:01:6b:b6:5a:0e:d3:e3:9a:b4:d1:
                    54:f5:fe:40:69:7b:4a:7f:59:52:d3:1c:c4:e4:d4:
                    2b:e8:b2:24:3d:55:32:32:61:ba:ec:91:4d:94:4c:
                    8e:e9:1e:f8:6c:00:4d:02:d8:49:69:cc:1b:95:10:
                    a5:f9:0c:79:8a:a0:7d:6c:35:b5:89:42:5e:77:71:
                    48:6e:7e:44:99:9b:db:f8:2b:63:d8:56:4d:17:28:
                    6b:7a:f2:ea:67:a9:06:a0:52:9c:83:47:f4:d4:bf:
                    b4:13:75:2f:86:d2:4c:3b:ae:76:5f:5f:d6:80:98:
                    4f:5b:dc:c3:24:b6:31:42:b8:aa:e3:88:87:4a:0a:
                    bd:82:ef:30:49:fe:5f:fe:55:15:82:3b:58:02:0b:
                    d1:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B6:52:AE:54:56:CB:31:50:BE:D9:4C:CA:2B:0F:82:0A:37:0E:91
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/u7ZSrlRWyzFQvtlMyisPggo3DpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:03:ee:26:11:15:29:ff:60:c3:9d:ce:d5:91:02:27:89:d1:
         78:22:b0:3a:f8:0e:1f:d4:47:50:71:ec:e2:5d:97:61:a4:e4:
         dd:65:93:ca:dc:35:4c:6a:66:12:c0:b5:f1:e4:f1:99:f4:96:
         90:cc:84:61:9a:2f:a1:92:88:1d:3b:08:4d:40:a7:08:e1:eb:
         ad:58:31:60:1b:26:49:84:56:cc:4d:9e:8f:82:58:b5:68:36:
         f9:f3:c0:a6:6b:48:16:46:20:7f:c1:4c:21:3a:ad:34:6c:90:
         4e:30:7a:42:cc:5e:bb:48:6e:04:bf:e8:1b:b5:6a:05:17:fb:
         32:a5:45:be:53:b5:95:7e:c1:46:99:e5:39:81:4b:e9:84:aa:
         2f:85:07:55:d9:f9:4d:b6:64:78:af:d5:9e:49:60:cf:69:76:
         65:65:a0:f0:09:d4:fa:7c:f0:43:12:87:9c:4e:9f:80:9e:39:
         d3:31:0e:b1:fa:32:a6:5d:89:c1:dd:e0:d5:64:48:e6:fc:66:
         09:a4:7b:6a:d6:12:c0:a5:41:54:44:84:9a:90:11:6c:a8:e4:
         f6:8e:87:f6:44:d1:00:4c:56:64:e8:4f:f5:83:cf:a2:e6:82:
         b9:ef:99:0b:ac:99:d8:b2:0d:e0:7e:17:7d:c5:3a:e6:4b:e3:
         e8:08:b0:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED5fDYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDQy
OTIxMzAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJiNjUyYWU1NDU2
Y2IzMTUwYmVkOTRjY2EyYjBmODIwYTM3MGU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiBAo0OL85iuvaDIQg8YhKwnIyvF+6LiFjLHuyGbJlSLOAI
iHMNUaL5RztFJWoCGNMg7H2khKHNw04Qi1dxVa+2i6wA5ovWykoVdJiRemuvXZ4j
t2/8osET0gDJiAuxdY2mk4TfYbRjlCa0nlQBa7ZaDtPjmrTRVPX+QGl7Sn9ZUtMc
xOTUK+iyJD1VMjJhuuyRTZRMjuke+GwATQLYSWnMG5UQpfkMeYqgfWw1tYlCXndx
SG5+RJmb2/grY9hWTRcoa3ry6mepBqBSnINH9NS/tBN1L4bSTDuudl9f1oCYT1vc
wyS2MUK4quOIh0oKvYLvMEn+X/5VFYI7WAIL0eECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7tlKuVFbLMVC+2UzKKw+CCjcOkTAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L3U3WlNybFJXeXpGUXZ0bE15aXNQZ2dvM0RwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOFUTANBgkqhkiG9w0BAQsFAAOC
AQEAiwPuJhEVKf9gw53O1ZECJ4nReCKwOvgOH9RHUHHs4l2XYaTk3WWTytw1TGpm
EsC18eTxmfSWkMyEYZovoZKIHTsITUCnCOHrrVgxYBsmSYRWzE2ej4JYtWg2+fPA
pmtIFkYgf8FMITqtNGyQTjB6Qsxeu0huBL/oG7VqBRf7MqVFvlO1lX7BRpnlOYFL
6YSqL4UHVdn5TbZkeK/Vnklgz2l2ZWWg8AnU+nzwQxKHnE6fgJ450zEOsfoypl2J
wd3g1WRI5vxmCaR7atYSwKVBVESEmpARbKjk9o6H9kTRAExWZOhP9YPPouaCue+Z
C6yZ2LIN4H4XfcU65kvj6AiwAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:49 2024 by rpki-client on console-ams.rpki-client.org