Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/0_82r7GbvR6EjkDwoi4aN_XjTT8.roa
File:                     0_82r7GbvR6EjkDwoi4aN_XjTT8.roa (raw, json)
Hash identifier:          ZKwQmYrENds6fsPRwxHM5zJ+vLnGTtmeB/huOOlCGdg=
Subject key identifier:   D3:FF:36:AF:B1:9B:BD:1E:84:8E:40:F0:A2:2E:1A:37:F5:E3:4D:3F
Certificate issuer:       /CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
Certificate serial:       01847B7B88DFB401F8028201612B16A34B7E
Authority key identifier: 99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/0_82r7GbvR6EjkDwoi4aN_XjTT8.roa
Signing time:             Tue 15 Nov 2022 13:30:04 +0000
ROA not before:           Tue 15 Nov 2022 13:30:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     135752
IP address blocks:        195.184.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7b:7b:88:df:b4:01:f8:02:82:01:61:2b:16:a3:4b:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fad2527eafa95215a8fed67a27fad3cfb2d37f
        Validity
            Not Before: Nov 15 13:30:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3ff36afb19bbd1e848e40f0a22e1a37f5e34d3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d4:db:ba:c8:37:6b:55:16:99:9d:3d:7e:ae:
                    1a:46:e6:e4:c6:4a:b5:ca:03:b9:71:04:e0:1b:98:
                    38:c3:14:b5:c1:22:c1:f8:61:c7:3d:e8:8b:34:27:
                    4a:57:61:be:74:e6:c8:05:0a:26:4a:a7:27:f0:01:
                    99:b7:1d:cb:9b:6b:a8:1c:9e:73:98:d7:1e:78:f9:
                    b3:19:f9:6a:34:3d:c0:f6:ad:45:8e:8c:fd:49:5a:
                    d0:b1:5f:e8:21:62:c0:21:12:48:4e:6f:3c:4e:9c:
                    d2:df:91:14:96:eb:65:be:02:c3:b6:74:58:e5:b6:
                    1d:68:01:c3:f0:dd:6f:14:84:76:47:20:b0:d9:cd:
                    0b:cb:0d:77:67:14:60:2e:d7:00:85:22:71:0f:13:
                    ce:8b:87:13:e4:86:cb:96:46:4e:71:3b:88:9a:fb:
                    fd:01:81:03:e7:f0:b6:07:9c:8e:1c:b7:01:d9:1d:
                    b3:5c:c8:97:54:f0:fd:d2:39:4e:b5:47:15:5d:fc:
                    89:49:d3:cf:6a:47:ce:c8:34:25:5c:a6:81:69:c8:
                    16:e7:2c:04:ac:f8:57:d7:c9:ad:96:96:f9:12:93:
                    aa:92:37:53:36:ac:ac:13:8e:84:ca:30:20:f8:ac:
                    1a:a1:81:9c:52:b8:9d:07:d3:00:8d:d9:e2:86:57:
                    46:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:FF:36:AF:B1:9B:BD:1E:84:8E:40:F0:A2:2E:1A:37:F5:E3:4D:3F
            X509v3 Authority Key Identifier:
                keyid:99:FA:D2:52:7E:AF:A9:52:15:A8:FE:D6:7A:27:FA:D3:CF:B2:D3:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mfrSUn6vqVIVqP7Weif608-y038.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/0_82r7GbvR6EjkDwoi4aN_XjTT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/456eac-65df-4dd1-bf9c-0103a899c2de/1/mfrSUn6vqVIVqP7Weif608-y038.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.184.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:1b:53:83:6e:9b:9c:7d:6d:87:5d:f3:e9:a2:70:22:52:44:
         5b:81:e1:b4:5d:9f:54:6a:f8:d8:d2:4e:a4:a1:18:e6:e2:b2:
         45:f9:5a:22:87:26:8a:93:2e:62:cd:04:cb:37:52:b0:24:19:
         c3:39:2b:bb:25:b7:44:a6:08:c8:ca:97:cc:3f:69:aa:9a:18:
         fc:fe:96:ba:0a:b9:71:97:66:ad:d1:53:b5:9a:32:34:b2:d4:
         e4:31:5b:3e:6e:c8:05:eb:9b:51:96:fe:39:65:27:f6:03:57:
         6a:e7:e1:6a:d3:2b:c5:44:ce:e4:f6:5d:d9:e7:18:0d:39:4e:
         39:d2:27:df:b2:cb:24:6b:ac:5e:85:39:d9:b9:bb:10:6a:76:
         67:9b:4a:fb:d3:87:b0:59:53:35:a5:24:48:67:35:fe:c3:be:
         8a:6d:e0:50:98:2a:db:ff:4b:24:f5:f5:f5:92:e4:57:4a:bc:
         d9:6a:84:6e:39:13:3f:b9:e3:cb:f6:51:12:ec:9d:8e:72:cb:
         44:90:65:15:60:e8:e7:3b:96:56:22:5a:cd:24:82:fa:de:ec:
         2f:85:40:15:2d:13:fd:fb:2a:ef:87:ae:11:9d:a4:f8:ed:f9:
         11:17:da:52:89:3e:37:b8:9e:1e:ff:f9:74:bf:f1:3d:dc:6d:
         e1:10:94:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR7e4jftAH4AoIBYSsWo0t+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmFkMjUyN2VhZmE5NTIxNWE4ZmVkNjdhMjdmYWQzY2Zi
MmQzN2YwHhcNMjIxMTE1MTMzMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZmMzZhZmIxOWJiZDFlODQ4ZTQwZjBhMjJlMWEzN2Y1ZTM0ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Tbusg3a1UWmZ09fq4aRubkxkq1
ygO5cQTgG5g4wxS1wSLB+GHHPeiLNCdKV2G+dObIBQomSqcn8AGZtx3Lm2uoHJ5z
mNceePmzGflqND3A9q1Fjoz9SVrQsV/oIWLAIRJITm88TpzS35EUlutlvgLDtnRY
5bYdaAHD8N1vFIR2RyCw2c0Lyw13ZxRgLtcAhSJxDxPOi4cT5IbLlkZOcTuImvv9
AYED5/C2B5yOHLcB2R2zXMiXVPD90jlOtUcVXfyJSdPPakfOyDQlXKaBacgW5ywE
rPhX18mtlpb5EpOqkjdTNqysE46EyjAg+KwaoYGcUridB9MAjdnihldGpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNP/Nq+xm70ehI5A8KIuGjf1400/MB8GA1UdIwQY
MBaAFJn60lJ+r6lSFaj+1non+tPPstN/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMt
MDEwM2E4OTljMmRlLzEvMF84MnI3R2J2UjZFamtEd29pNGFOX1hqVFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NTZlYWMtNjVkZi00ZGQxLWJmOWMtMDEwM2E4OTljMmRl
LzEvbWZyU1VuNnZxVklWcVA3V2VpZjYwOC15MDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7hMMA0G
CSqGSIb3DQEBCwUAA4IBAQCKG1ODbpucfW2HXfPponAiUkRbgeG0XZ9UavjY0k6k
oRjm4rJF+VoihyaKky5izQTLN1KwJBnDOSu7JbdEpgjIypfMP2mqmhj8/pa6Crlx
l2at0VO1mjI0stTkMVs+bsgF65tRlv45ZSf2A1dq5+Fq0yvFRM7k9l3Z5xgNOU45
0iffssska6xehTnZubsQanZnm0r704ewWVM1pSRIZzX+w76KbeBQmCrb/0sk9fX1
kuRXSrzZaoRuORM/uePL9lES7J2OcstEkGUVYOjnO5ZWIlrNJIL63uwvhUAVLRP9
+yrvh64RnaT47fkRF9pSiT43uJ4e//l0v/E93G3hEJR9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org