Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ee7i_TZtMemFVsdXPP1mJA63MNE.roa
File:                     ee7i_TZtMemFVsdXPP1mJA63MNE.roa (raw, json)
Hash identifier:          IHaWuWBRQwJiQChGlJ8hBCqSY2z9ATcXCDedQOl9/Iw=
Subject key identifier:   79:EE:E2:FD:36:6D:31:E9:85:56:C7:57:3C:FD:66:24:0E:B7:30:D1
Certificate issuer:       /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial:       01859C22
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ee7i_TZtMemFVsdXPP1mJA63MNE.roa
Signing time:             Thu 19 May 2022 13:04:02 +0000
ROA not before:           Thu 19 May 2022 13:04:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        95.214.172.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25533474 (0x1859c22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
        Validity
            Not Before: May 19 13:04:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79eee2fd366d31e98556c7573cfd66240eb730d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:77:fe:a1:0a:82:a9:56:62:6c:5a:84:71:ec:
                    18:5a:c7:c1:32:9f:5b:dd:7b:75:02:52:80:eb:96:
                    12:9a:d6:29:99:a6:49:d4:7b:ff:d6:94:d2:5f:62:
                    87:c2:44:6b:b5:f6:65:b3:eb:7d:52:b0:cc:99:b7:
                    fd:ba:54:c5:28:74:ac:c3:5a:4e:27:a0:31:23:ca:
                    37:70:89:95:66:5b:f2:3b:ac:37:8f:1e:8e:d2:83:
                    90:eb:05:9c:65:6c:22:12:bf:23:4d:68:d2:31:4c:
                    b1:41:d7:68:06:ba:55:50:dd:2b:ad:fe:38:4a:a0:
                    3d:be:d5:88:30:2a:e4:aa:4b:b8:97:8d:c4:94:43:
                    cf:42:51:c6:6b:8a:7a:15:11:d6:e7:48:68:05:23:
                    55:98:0a:5d:b0:96:dc:2b:5e:c9:2e:c3:58:fb:c7:
                    b0:d5:58:ec:0a:5f:a3:7e:1d:00:25:ee:02:56:ee:
                    cf:b9:46:4b:7c:1b:9e:d8:db:61:53:d2:f8:07:a2:
                    f0:2d:1c:6c:6e:37:be:26:a2:68:26:7c:fc:9a:44:
                    c0:05:c0:98:f2:03:5e:0b:b6:c6:79:0b:a1:88:e9:
                    77:7c:b4:56:82:cc:76:77:4e:72:85:55:87:10:29:
                    17:4f:1e:14:5e:a6:58:d0:e5:b7:5a:69:d6:3b:64:
                    ca:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:EE:E2:FD:36:6D:31:E9:85:56:C7:57:3C:FD:66:24:0E:B7:30:D1
            X509v3 Authority Key Identifier:
                keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/ee7i_TZtMemFVsdXPP1mJA63MNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:d1:81:2a:21:f2:ec:bb:47:6b:3a:70:3e:3f:cb:57:90:52:
         24:9b:e1:66:5f:2c:bf:6f:d1:49:e3:20:40:56:6f:1c:b0:5a:
         96:9b:0f:9a:fa:e7:d7:03:aa:3c:dd:5b:47:71:2a:11:24:b5:
         e9:3d:8c:b0:0a:0e:44:59:42:3b:c1:de:32:85:04:b7:9b:36:
         9d:0f:a9:19:50:3e:55:23:a5:50:31:0f:c3:be:4a:b3:56:66:
         1e:ec:76:69:0f:90:01:7e:0f:24:aa:9b:14:b8:99:49:ee:b8:
         28:8b:fb:38:ea:a5:5a:02:9e:4d:99:b4:06:53:33:97:7c:f4:
         03:0c:87:bb:bd:c7:16:2b:ef:43:a1:95:49:b3:5a:b5:de:e3:
         17:e6:93:24:df:eb:93:42:5c:68:43:2c:b3:26:d7:c3:b7:a0:
         a3:0a:0b:e9:20:89:45:22:cb:e1:4b:49:4a:6e:e4:a3:22:fc:
         34:4c:b3:d6:d1:a0:07:b9:6c:64:8e:2c:dc:b8:1e:d5:e8:ba:
         6c:cd:1c:e2:cf:21:60:e8:0b:6b:fd:25:3b:be:03:f7:6c:e9:
         97:c8:c5:15:5a:a4:4a:8c:f0:5b:7f:2b:8f:16:fb:c1:37:d6:
         83:8e:22:58:b8:ea:62:c0:2f:a2:3f:24:cd:f0:ca:e4:ae:03:
         04:76:7c:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYWcIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODEwN2FiNjkyMWVmOGNiMmRlY2EzZWI3NjY0NzhjZmYzZTVmYzZkMB4XDTIyMDUx
OTEzMDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzllZWUyZmQzNjZk
MzFlOTg1NTZjNzU3M2NmZDY2MjQwZWI3MzBkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPF3/qEKgqlWYmxahHHsGFrHwTKfW917dQJSgOuWEprWKZmm
SdR7/9aU0l9ih8JEa7X2ZbPrfVKwzJm3/bpUxSh0rMNaTiegMSPKN3CJlWZb8jus
N48ejtKDkOsFnGVsIhK/I01o0jFMsUHXaAa6VVDdK63+OEqgPb7ViDAq5KpLuJeN
xJRDz0JRxmuKehUR1udIaAUjVZgKXbCW3CteyS7DWPvHsNVY7Apfo34dACXuAlbu
z7lGS3wbntjbYVPS+Aei8C0cbG43viaiaCZ8/JpEwAXAmPIDXgu2xnkLoYjpd3y0
VoLMdndOcoVVhxApF08eFF6mWNDlt1pp1jtkykUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR57uL9Nm0x6YVWx1c8/WYkDrcw0TAfBgNVHSMEGDAWgBQoEHq2kh74yy3s
o+t2ZHjP8+X8bTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tCQjZ0cEllLU1zdDdLUHJkbVI0el9QbF9HMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvMDg4MjZlLTc3ZDAtNDM3Yi1hMWMyLWMwZmIzZWY3NjQwZS8x
L2VlN2lfVFp0TWVtRlZzZFhQUDFtSkE2M01ORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
MDg4MjZlLTc3ZDAtNDM3Yi1hMWMyLWMwZmIzZWY3NjQwZS8xL0tCQjZ0cEllLU1z
dDdLUHJkbVI0el9QbF9HMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl/WrDANBgkqhkiG9w0BAQsFAAOC
AQEAMNGBKiHy7LtHazpwPj/LV5BSJJvhZl8sv2/RSeMgQFZvHLBalpsPmvrn1wOq
PN1bR3EqESS16T2MsAoORFlCO8HeMoUEt5s2nQ+pGVA+VSOlUDEPw75Ks1ZmHux2
aQ+QAX4PJKqbFLiZSe64KIv7OOqlWgKeTZm0BlMzl3z0AwyHu73HFivvQ6GVSbNa
td7jF+aTJN/rk0JcaEMssybXw7egowoL6SCJRSLL4UtJSm7koyL8NEyz1tGgB7ls
ZI4s3Lge1ei6bM0c4s8hYOgLa/0lO74D92zpl8jFFVqkSozwW38rjxb7wTfWg44i
WLjqYsAvoj8kzfDK5K4DBHZ8tA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:15 2023 by rpki-client on console-ams.rpki-client.org