Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/n7SpKx_MkiCcBQXagbvxZ1Mae4g.roa
File:                     n7SpKx_MkiCcBQXagbvxZ1Mae4g.roa (raw, json)
Hash identifier:          QJHzW00nWeRq/ZrnHNWs/RwAGHjsBtpIx6gNrBFtqfk=
Subject key identifier:   9F:B4:A9:2B:1F:CC:92:20:9C:05:05:DA:81:BB:F1:67:53:1A:7B:88
Certificate issuer:       /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial:       0BF28A90
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/n7SpKx_MkiCcBQXagbvxZ1Mae4g.roa
Signing time:             Thu 27 Jan 2022 09:19:56 +0000
ROA not before:           Thu 27 Jan 2022 09:19:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2856
IP address blocks:        195.180.152.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 200444560 (0xbf28a90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
        Validity
            Not Before: Jan 27 09:19:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9fb4a92b1fcc92209c0505da81bbf167531a7b88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:99:81:c2:30:b8:aa:ee:0e:34:c5:3c:b9:1c:
                    9f:23:05:7a:ed:a0:1d:f5:41:af:bd:51:bd:c1:9a:
                    23:36:c6:e6:74:cf:60:af:2c:d1:d9:79:38:d6:58:
                    83:25:9d:65:f8:30:b4:01:8f:c8:a2:92:fc:b8:0c:
                    c0:97:51:ee:db:d8:be:22:00:d3:71:a4:5a:ff:cb:
                    bd:8d:6c:39:4f:e4:b6:6d:6d:76:b8:fd:7d:04:55:
                    97:2f:60:cb:52:9c:b4:a1:82:c5:57:fc:25:de:fc:
                    48:7f:e6:15:21:b3:6f:34:fa:d0:61:f7:ac:d8:15:
                    64:50:00:be:cd:c5:94:84:b3:b4:1e:97:7d:1e:ae:
                    64:5b:74:bd:de:38:d6:64:40:83:55:c2:14:94:5f:
                    92:04:9d:0a:c7:2d:48:48:93:4d:8b:9c:77:4e:58:
                    8e:47:14:0b:49:00:af:3a:d3:f3:7a:22:e8:15:53:
                    3c:7c:09:fa:68:8b:9d:7b:cc:ae:c0:89:47:b5:e3:
                    98:3f:4b:8e:77:0b:e8:24:65:cf:c7:33:1e:6b:04:
                    7b:13:5f:ca:77:b2:ab:5b:bf:d4:31:30:b3:8f:af:
                    03:1c:64:70:79:b2:3f:f9:fd:3b:55:af:2a:d7:f2:
                    6a:0a:3c:1c:7b:2a:93:0f:26:41:e0:e5:3b:cb:4c:
                    e1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:B4:A9:2B:1F:CC:92:20:9C:05:05:DA:81:BB:F1:67:53:1A:7B:88
            X509v3 Authority Key Identifier:
                keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/n7SpKx_MkiCcBQXagbvxZ1Mae4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.180.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:81:8b:d9:a0:88:75:5c:4e:d9:5d:1c:ff:68:1e:7a:ca:9b:
         44:21:5b:0c:cc:f1:60:1d:d2:09:c5:75:4e:b8:37:4b:96:e2:
         ba:b6:4b:23:e8:b0:01:bf:26:8f:24:05:bf:d6:41:ae:91:9c:
         f4:8f:9e:02:b5:12:78:0d:ec:1e:e5:0a:b3:74:57:3a:08:70:
         f0:51:84:e3:e6:5c:c6:38:ec:9e:d7:a1:46:64:b0:91:75:90:
         10:f3:7f:67:07:ac:6a:7a:82:65:c0:31:63:96:f7:5d:2d:88:
         e2:0e:80:12:ed:a7:47:83:4e:62:61:26:ca:c1:03:e0:38:a6:
         f5:fe:ec:9b:24:bf:6e:d7:70:2b:ce:7e:0e:d8:71:b1:55:cf:
         5c:4d:91:85:9b:a9:02:5a:76:70:14:bc:9d:25:9c:47:6a:53:
         15:6e:26:e5:6c:ef:37:7f:67:7c:d4:0c:9f:bd:54:6e:b2:25:
         48:f0:fd:eb:6d:2a:90:ca:0e:a3:1c:7e:fb:6c:87:a4:cb:2a:
         3d:98:9c:61:fd:f1:15:a8:09:58:ef:7c:be:da:3f:56:00:0c:
         68:1c:19:a2:20:e2:b8:82:46:ec:76:61:b2:7c:53:73:07:20:
         fc:c5:b5:70:a0:be:f9:5d:c6:8f:30:8c:ba:d4:a5:cb:79:ac:
         fa:c8:e7:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC/KKkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDEy
NzA5MTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZiNGE5MmIxZmNj
OTIyMDljMDUwNWRhODFiYmYxNjc1MzFhN2I4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+ZgcIwuKruDjTFPLkcnyMFeu2gHfVBr71RvcGaIzbG5nTP
YK8s0dl5ONZYgyWdZfgwtAGPyKKS/LgMwJdR7tvYviIA03GkWv/LvY1sOU/ktm1t
drj9fQRVly9gy1KctKGCxVf8Jd78SH/mFSGzbzT60GH3rNgVZFAAvs3FlISztB6X
fR6uZFt0vd441mRAg1XCFJRfkgSdCsctSEiTTYucd05YjkcUC0kArzrT83oi6BVT
PHwJ+miLnXvMrsCJR7XjmD9LjncL6CRlz8czHmsEexNfyneyq1u/1DEws4+vAxxk
cHmyP/n9O1WvKtfyago8HHsqkw8mQeDlO8tM4Z8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSftKkrH8ySIJwFBdqBu/FnUxp7iDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L243U3BLeF9Na2lDY0JRWGFnYnZ4WjFNYWU0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsO0mDANBgkqhkiG9w0BAQsFAAOC
AQEAHYGL2aCIdVxO2V0c/2geesqbRCFbDMzxYB3SCcV1Trg3S5biurZLI+iwAb8m
jyQFv9ZBrpGc9I+eArUSeA3sHuUKs3RXOghw8FGE4+ZcxjjsntehRmSwkXWQEPN/
ZwesanqCZcAxY5b3XS2I4g6AEu2nR4NOYmEmysED4Dim9f7smyS/btdwK85+Dthx
sVXPXE2RhZupAlp2cBS8nSWcR2pTFW4m5WzvN39nfNQMn71UbrIlSPD9620qkMoO
oxx++2yHpMsqPZicYf3xFagJWO98vto/VgAMaBwZoiDiuIJG7HZhsnxTcwcg/MW1
cKC++V3GjzCMutSly3ms+sjnPA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org