Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/sMVurAPhkZI16x6bo5-U1be0hI4.roa
File:                     sMVurAPhkZI16x6bo5-U1be0hI4.roa (raw, json)
Hash identifier:          dqh90Yde7B8wlt1CjdvpqzI62geyWgGUiWIiP+eU4QE=
Subject key identifier:   B0:C5:6E:AC:03:E1:91:92:35:EB:1E:9B:A3:9F:94:D5:B7:B4:84:8E
Certificate issuer:       /CN=aee8d6f56c5fbc904c9b913609013e5964865257
Certificate serial:       0184DD9DF9D40B4D78F2770FC3F69F333547
Authority key identifier: AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/sMVurAPhkZI16x6bo5-U1be0hI4.roa
Signing time:             Sun 04 Dec 2022 14:50:28 +0000
ROA not before:           Sun 04 Dec 2022 14:50:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        195.20.19.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:dd:9d:f9:d4:0b:4d:78:f2:77:0f:c3:f6:9f:33:35:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aee8d6f56c5fbc904c9b913609013e5964865257
        Validity
            Not Before: Dec  4 14:50:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0c56eac03e1919235eb1e9ba39f94d5b7b4848e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:97:7f:0e:f0:6d:73:3a:9a:e2:04:90:af:c6:
                    33:e3:e0:6b:99:eb:02:80:cc:55:1a:c3:b5:7c:de:
                    cb:cb:a1:30:9a:a4:0a:31:bf:84:3f:ed:c0:74:44:
                    76:a8:77:18:e4:4e:5e:f5:36:75:5c:ed:9b:df:dd:
                    a3:2c:ba:f1:0a:e9:40:fc:a2:a8:5c:95:17:d4:29:
                    4a:ee:5c:e9:f1:0c:b8:72:70:7a:a9:86:90:9d:df:
                    a9:64:78:f0:a7:22:4c:80:93:e3:ff:92:96:db:8b:
                    ba:c3:43:a5:11:aa:9f:ea:a1:98:9e:6a:c7:33:80:
                    b3:3b:75:2f:7c:8b:3f:c2:09:40:cf:35:e0:4d:71:
                    cc:37:be:cd:88:24:92:96:9d:b0:a5:ce:15:c4:51:
                    03:f0:b1:26:2d:a6:b9:f5:31:ff:8a:34:96:60:33:
                    5f:13:55:c9:db:56:2a:64:8c:43:c8:1b:96:3a:53:
                    c8:c2:97:16:dc:40:64:54:c1:21:cf:80:90:e7:01:
                    59:8f:ae:1c:cd:f9:08:da:d1:b2:a7:64:92:d0:91:
                    71:df:60:26:55:fe:a5:b4:de:d1:01:5d:16:c7:e9:
                    65:85:38:4e:b0:5a:ea:48:e9:2a:3f:2f:00:d9:ad:
                    db:0d:21:61:50:75:96:cc:61:44:f0:ed:41:48:bb:
                    e2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C5:6E:AC:03:E1:91:92:35:EB:1E:9B:A3:9F:94:D5:B7:B4:84:8E
            X509v3 Authority Key Identifier:
                keyid:AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/sMVurAPhkZI16x6bo5-U1be0hI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/rujW9WxfvJBMm5E2CQE-WWSGUlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.20.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:ef:d6:cb:9e:2d:cc:73:a2:2c:92:60:1a:bc:50:49:d4:95:
         c3:9e:8c:d7:57:14:7c:67:8d:a7:d1:89:50:a3:f7:a5:2a:37:
         aa:3b:bf:67:9a:6d:b7:3f:a0:8a:a5:4b:ef:97:3a:aa:f7:a1:
         00:f8:79:20:74:c9:d6:67:de:f3:ac:ef:ea:0e:71:35:aa:96:
         7f:c6:2c:44:2a:a6:56:99:4f:a8:c7:ef:78:68:bc:27:9a:6a:
         9a:87:00:fc:f5:1a:c7:ea:d4:a6:4a:f5:fa:b1:e9:70:90:5c:
         3a:ae:0b:32:29:6b:99:1a:34:af:4e:7f:d6:64:c8:08:15:12:
         40:bb:cb:0a:be:75:6b:0c:7d:16:ad:ba:2f:ce:f4:4f:8e:fb:
         c1:bd:04:d7:bf:b1:92:9e:92:06:46:64:1d:e8:b3:19:e0:16:
         aa:23:7a:ab:1b:52:2a:fc:13:ba:d4:c2:2d:c3:7a:b7:f1:08:
         15:bc:f9:13:5a:51:29:4e:44:a0:e8:db:42:7e:e4:89:e8:8a:
         a9:15:05:19:24:ce:8f:da:a6:70:6d:0e:47:87:1c:72:95:47:
         69:e5:1d:96:cb:25:d8:77:c1:4c:5e:dc:aa:fa:15:1d:57:6c:
         07:91:c6:98:2f:e0:9b:7e:f9:5d:c5:2a:a5:53:b6:d7:2e:41:
         ca:ca:6f:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTdnfnUC0148ncPw/afMzVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZThkNmY1NmM1ZmJjOTA0YzliOTEzNjA5MDEzZTU5NjQ4
NjUyNTcwHhcNMjIxMjA0MTQ1MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM1NmVhYzAzZTE5MTkyMzVlYjFlOWJhMzlmOTRkNWI3YjQ4NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZd/DvBtczqa4gSQr8Yz4+BrmesC
gMxVGsO1fN7Ly6EwmqQKMb+EP+3AdER2qHcY5E5e9TZ1XO2b392jLLrxCulA/KKo
XJUX1ClK7lzp8Qy4cnB6qYaQnd+pZHjwpyJMgJPj/5KW24u6w0OlEaqf6qGYnmrH
M4CzO3UvfIs/wglAzzXgTXHMN77NiCSSlp2wpc4VxFED8LEmLaa59TH/ijSWYDNf
E1XJ21YqZIxDyBuWOlPIwpcW3EBkVMEhz4CQ5wFZj64czfkI2tGyp2SS0JFx32Am
Vf6ltN7RAV0Wx+llhThOsFrqSOkqPy8A2a3bDSFhUHWWzGFE8O1BSLvisQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDFbqwD4ZGSNesem6OflNW3tISOMB8GA1UdIwQY
MBaAFK7o1vVsX7yQTJuRNgkBPllkhlJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEt
YzZmOWQwYThmMzZlLzEvc01WdXJBUGhrWkkxNng2Ym81LVUxYmUwaEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEtYzZmOWQwYThmMzZl
LzEvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxQTMA0G
CSqGSIb3DQEBCwUAA4IBAQCV79bLni3Mc6IskmAavFBJ1JXDnozXVxR8Z42n0YlQ
o/elKjeqO79nmm23P6CKpUvvlzqq96EA+HkgdMnWZ97zrO/qDnE1qpZ/xixEKqZW
mU+ox+94aLwnmmqahwD89RrH6tSmSvX6selwkFw6rgsyKWuZGjSvTn/WZMgIFRJA
u8sKvnVrDH0WrbovzvRPjvvBvQTXv7GSnpIGRmQd6LMZ4BaqI3qrG1Iq/BO61MIt
w3q38QgVvPkTWlEpTkSg6NtCfuSJ6IqpFQUZJM6P2qZwbQ5HhxxylUdp5R2WyyXY
d8FMXtyq+hUdV2wHkcaYL+CbfvldxSqlU7bXLkHKym95
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:29 2024 by rpki-client on console-fra.rpki-client.org