Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mzMVY3fUKDB5kB06FjVW62Jw-hc.roa
File:                     mzMVY3fUKDB5kB06FjVW62Jw-hc.roa (raw, json)
Hash identifier:          8eW9SSKeDQXEewQj3aDM/WloOf7+wSC46xpKv/KXfhk=
Subject key identifier:   9B:33:15:63:77:D4:28:30:79:90:1D:3A:16:35:56:EB:62:70:FA:17
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       1544A6B8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mzMVY3fUKDB5kB06FjVW62Jw-hc.roa
Signing time:             Sat 04 Jun 2022 10:28:22 +0000
ROA not before:           Sat 04 Jun 2022 10:28:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41171
IP address blocks:        195.216.156.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 356820664 (0x1544a6b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jun  4 10:28:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b33156377d4283079901d3a163556eb6270fa17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f9:17:8f:58:3c:01:39:0a:a1:77:d6:47:2b:
                    45:de:74:3c:3e:30:b3:6b:35:4d:4f:e0:74:be:e4:
                    3e:75:52:85:bc:1e:a1:4b:4b:24:99:33:78:d7:63:
                    8c:53:f5:50:58:73:9c:a8:27:15:5b:b3:51:65:43:
                    f4:cc:af:0a:9b:46:9d:3d:ea:2e:c3:10:da:79:ae:
                    7c:2b:60:94:11:93:39:61:41:d2:fd:d7:5d:09:d6:
                    8f:ed:a7:4e:bf:a8:67:9c:3b:52:25:d5:4a:a8:a0:
                    43:1a:c1:49:f7:e5:3c:6f:12:d3:c2:c3:b5:7f:8e:
                    bc:8c:b6:8d:0c:02:bf:d8:23:24:41:13:08:87:f3:
                    03:96:11:55:cf:07:9b:80:02:a9:a8:4b:6c:e8:19:
                    29:ad:34:62:a7:73:e3:70:46:08:c1:70:1d:f0:bf:
                    1a:94:3e:f6:72:f3:ca:35:f3:99:22:a1:76:cb:01:
                    cf:b8:fb:c4:74:86:95:a1:7b:31:1a:5b:0d:e8:70:
                    86:b2:d4:7b:6b:05:e1:9a:6b:35:dc:46:df:e2:c4:
                    a7:38:f8:a9:4d:8d:ed:89:ba:22:19:78:69:35:14:
                    fd:3c:d4:97:6b:7a:a3:e1:7b:79:26:93:c2:8b:c6:
                    78:95:ef:4a:30:e3:c4:7d:73:a7:f7:b0:11:c8:fc:
                    62:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:33:15:63:77:D4:28:30:79:90:1D:3A:16:35:56:EB:62:70:FA:17
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mzMVY3fUKDB5kB06FjVW62Jw-hc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.216.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:bc:78:df:48:87:a4:dc:95:55:d6:73:14:2f:34:7e:fb:b6:
         8b:10:5f:26:82:ae:d3:56:ad:a5:db:8c:11:bf:f4:6e:a2:ef:
         a5:3f:03:0e:b5:ce:c7:3a:08:fa:5a:e0:fc:78:7d:e9:97:75:
         c3:bf:25:ac:99:d3:57:df:6d:63:78:9e:14:b2:6b:fb:60:9b:
         0c:53:09:12:bd:67:3e:23:05:23:6a:29:1b:05:2e:cf:36:d1:
         24:88:28:83:c1:88:0c:99:2c:05:0d:40:2e:12:b3:61:2e:57:
         3a:df:21:43:ee:0d:08:f7:fb:7a:24:be:b4:1f:63:ba:42:a7:
         44:9d:46:63:d6:37:5c:d6:4b:ae:bf:c9:25:7e:73:6f:5c:88:
         9b:6c:07:fc:68:67:27:0d:12:0c:20:56:a1:a0:d7:d6:76:ea:
         47:a1:70:e1:29:3b:3f:d4:8b:4c:54:8f:00:ad:5d:c7:32:18:
         19:08:6d:52:82:57:4e:c1:14:c6:89:8c:7b:08:7e:dd:ad:32:
         54:fc:84:19:d9:30:2c:35:e7:0d:97:2b:0b:d7:66:e3:c4:c9:
         72:eb:9b:a2:ee:90:10:57:61:3d:ec:06:20:b9:24:f1:0b:23:
         d7:75:86:ea:dc:04:bc:91:a7:d3:54:28:6e:a2:1c:40:bf:ab:
         c1:10:ad:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFUSmuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYw
NDEwMjgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIzMzE1NjM3N2Q0
MjgzMDc5OTAxZDNhMTYzNTU2ZWI2MjcwZmExNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/5F49YPAE5CqF31kcrRd50PD4ws2s1TU/gdL7kPnVShbwe
oUtLJJkzeNdjjFP1UFhznKgnFVuzUWVD9MyvCptGnT3qLsMQ2nmufCtglBGTOWFB
0v3XXQnWj+2nTr+oZ5w7UiXVSqigQxrBSfflPG8S08LDtX+OvIy2jQwCv9gjJEET
CIfzA5YRVc8Hm4ACqahLbOgZKa00Yqdz43BGCMFwHfC/GpQ+9nLzyjXzmSKhdssB
z7j7xHSGlaF7MRpbDehwhrLUe2sF4ZprNdxG3+LEpzj4qU2N7Ym6Ihl4aTUU/TzU
l2t6o+F7eSaTwovGeJXvSjDjxH1zp/ewEcj8YikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSbMxVjd9QoMHmQHToWNVbrYnD6FzAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L216TVZZM2ZVS0RCNWtCMDZGalZXNjJKdy1oYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsPYnDANBgkqhkiG9w0BAQsFAAOC
AQEAabx430iHpNyVVdZzFC80fvu2ixBfJoKu01atpduMEb/0bqLvpT8DDrXOxzoI
+lrg/Hh96Zd1w78lrJnTV99tY3ieFLJr+2CbDFMJEr1nPiMFI2opGwUuzzbRJIgo
g8GIDJksBQ1ALhKzYS5XOt8hQ+4NCPf7eiS+tB9jukKnRJ1GY9Y3XNZLrr/JJX5z
b1yIm2wH/GhnJw0SDCBWoaDX1nbqR6Fw4Sk7P9SLTFSPAK1dxzIYGQhtUoJXTsEU
xomMewh+3a0yVPyEGdkwLDXnDZcrC9dm48TJcuubou6QEFdhPewGILkk8Qsj13WG
6twEvJGn01QobqIcQL+rwRCtBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org