Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/ZucrwHAHcK1ZprkEj1Xad-hT-ho.roa
File:                     ZucrwHAHcK1ZprkEj1Xad-hT-ho.roa (raw, json)
Hash identifier:          YHOEKZig5MyS9odMIJdZXhO2+7ApSyzwXiqalbMY1fw=
Subject key identifier:   66:E7:2B:C0:70:07:70:AD:59:A6:B9:04:8F:55:DA:77:E8:53:FA:1A
Certificate issuer:       /CN=36b413e536d99353f0b050ee746ffdd24edb5930
Certificate serial:       35E13918
Authority key identifier: 36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/ZucrwHAHcK1ZprkEj1Xad-hT-ho.roa
Signing time:             Sat 01 Jan 2022 03:54:40 +0000
ROA not before:           Sat 01 Jan 2022 03:54:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47901
IP address blocks:        94.125.226.0/24 maxlen: 24
                          94.125.225.0/24 maxlen: 24
                          94.125.224.0/24 maxlen: 24
                          94.125.231.0/24 maxlen: 24
                          94.125.230.0/24 maxlen: 24
                          94.125.229.0/24 maxlen: 24
                          94.125.228.0/24 maxlen: 24
                          94.125.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 903952664 (0x35e13918)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36b413e536d99353f0b050ee746ffdd24edb5930
        Validity
            Not Before: Jan  1 03:54:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66e72bc0700770ad59a6b9048f55da77e853fa1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:eb:2f:4c:45:65:5f:b5:3e:f5:c3:e5:0d:8e:
                    a7:bc:76:67:28:87:db:3b:83:6f:a9:d2:ca:9b:84:
                    1d:27:67:b8:41:66:79:e9:83:e7:c2:b2:fb:71:db:
                    aa:77:81:e1:f9:9d:59:88:a1:0c:a3:23:b7:41:bf:
                    c9:4d:8a:bf:a5:3b:dd:3b:41:bb:01:e8:db:57:ea:
                    03:e5:93:c2:27:f2:27:ec:1a:3e:ec:b9:a7:73:09:
                    7e:e0:ec:1c:14:27:1a:ed:77:5c:65:41:04:75:b2:
                    1a:49:f4:fa:ac:bb:00:3e:28:f0:f6:a4:c9:8f:c3:
                    b9:27:24:7f:59:88:28:9f:77:dc:35:2e:54:89:c3:
                    3c:cf:6a:af:db:d7:04:ac:6f:61:fa:c1:be:cd:ed:
                    2e:26:cd:17:6f:4f:6a:50:ac:c6:16:1e:a2:02:eb:
                    6b:67:78:07:c0:7d:2d:43:71:88:70:5e:bf:30:36:
                    fa:f4:de:47:b5:5d:c6:f0:57:ad:0e:89:09:b1:6a:
                    37:2e:33:c7:aa:f8:58:f6:af:67:35:95:29:a2:88:
                    58:26:53:66:f5:7b:68:e9:27:38:42:80:18:46:e1:
                    2c:a7:24:bd:cd:3d:a7:02:ee:45:f8:e6:e1:67:a4:
                    cb:93:fa:4b:3f:4e:03:38:c9:3b:35:d0:e0:d5:f9:
                    d5:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E7:2B:C0:70:07:70:AD:59:A6:B9:04:8F:55:DA:77:E8:53:FA:1A
            X509v3 Authority Key Identifier:
                keyid:36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/ZucrwHAHcK1ZprkEj1Xad-hT-ho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.125.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         be:c4:90:c0:80:20:29:cd:ed:77:16:2c:f0:9a:29:06:b4:de:
         04:cc:c3:22:c1:4f:93:e9:d0:e4:1b:13:2f:93:dd:96:09:2f:
         07:f8:f6:d2:8b:5d:ca:55:0a:06:df:13:39:ff:af:23:46:f4:
         a3:e0:45:79:e9:e5:88:13:19:06:4c:ec:49:29:ad:7d:be:0a:
         a3:58:69:67:19:1f:e4:4e:5f:76:98:c6:68:94:d3:5b:c9:a6:
         57:ed:11:dc:3d:8e:fc:ef:f0:d9:06:db:f3:56:b0:03:10:3a:
         2f:38:af:7c:20:31:06:c7:02:7d:1a:d7:5b:24:1b:ee:f9:28:
         46:76:5b:32:7f:57:aa:0f:4d:0c:8f:43:f9:27:43:da:d7:b5:
         2e:cb:e7:07:76:f7:79:c8:6a:bf:a4:db:81:c5:ae:57:ce:93:
         74:2e:26:ab:bf:1e:d9:99:9e:33:5b:39:ea:e6:fc:b2:ef:2e:
         43:b2:0d:23:92:7a:8b:a4:b9:f9:62:b8:60:1a:05:e2:bd:ba:
         5f:51:98:2e:9d:15:38:24:8f:df:19:0a:74:38:75:96:a2:8b:
         9f:d2:93:79:e7:dc:00:51:11:f7:a9:2e:11:c8:94:f9:10:c3:
         fe:40:fb:14:95:b2:bf:28:76:21:ac:f7:1c:cc:d1:18:ab:80:
         05:16:28:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENeE5GDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmI0MTNlNTM2ZDk5MzUzZjBiMDUwZWU3NDZmZmRkMjRlZGI1OTMwMB4XDTIyMDEw
MTAzNTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZlNzJiYzA3MDA3
NzBhZDU5YTZiOTA0OGY1NWRhNzdlODUzZmExYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLrL0xFZV+1PvXD5Q2Op7x2ZyiH2zuDb6nSypuEHSdnuEFm
eemD58Ky+3HbqneB4fmdWYihDKMjt0G/yU2Kv6U73TtBuwHo21fqA+WTwifyJ+wa
Puy5p3MJfuDsHBQnGu13XGVBBHWyGkn0+qy7AD4o8PakyY/DuSckf1mIKJ933DUu
VInDPM9qr9vXBKxvYfrBvs3tLibNF29PalCsxhYeogLra2d4B8B9LUNxiHBevzA2
+vTeR7VdxvBXrQ6JCbFqNy4zx6r4WPavZzWVKaKIWCZTZvV7aOknOEKAGEbhLKck
vc09pwLuRfjm4Weky5P6Sz9OAzjJOzXQ4NX51U0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRm5yvAcAdwrVmmuQSPVdp36FP6GjAfBgNVHSMEGDAWgBQ2tBPlNtmTU/Cw
UO50b/3STttZMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05yUVQ1VGJaazFQd3NGRHVkR185MGs3YldUQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvZTY2Mjk2LTA0NzktNGM1Mi05Y2VhLWExZjU3M2QwNjlkYS8x
L1p1Y3J3SEFIY0sxWnBya0VqMVhhZC1oVC1oby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ZTY2Mjk2LTA0NzktNGM1Mi05Y2VhLWExZjU3M2QwNjlkYS8xL05yUVQ1VGJaazFQ
d3NGRHVkR185MGs3YldUQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1594DANBgkqhkiG9w0BAQsFAAOC
AQEAvsSQwIAgKc3tdxYs8JopBrTeBMzDIsFPk+nQ5BsTL5PdlgkvB/j20otdylUK
Bt8TOf+vI0b0o+BFeenliBMZBkzsSSmtfb4Ko1hpZxkf5E5fdpjGaJTTW8mmV+0R
3D2O/O/w2Qbb81awAxA6LzivfCAxBscCfRrXWyQb7vkoRnZbMn9Xqg9NDI9D+SdD
2te1LsvnB3b3echqv6TbgcWuV86TdC4mq78e2ZmeM1s56ub8su8uQ7INI5J6i6S5
+WK4YBoF4r26X1GYLp0VOCSP3xkKdDh1lqKLn9KTeefcAFER96kuEciU+RDD/kD7
FJWyvyh2Iaz3HMzRGKuABRYonA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:34 2024 by rpki-client on console-fra.rpki-client.org