Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nedjb84bIQUIeWzYPd8N3cxVlzs.roa
File:                     nedjb84bIQUIeWzYPd8N3cxVlzs.roa (raw, json)
Hash identifier:          YrKxrWmCxmmG+Ug2AxGIh+hF4a9qXij4z7BcXnIa9FQ=
Subject key identifier:   9D:E7:63:6F:CE:1B:21:05:08:79:6C:D8:3D:DF:0D:DD:CC:55:97:3B
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       01831D8D9EE63D723F411AF495A51CD7F24D
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nedjb84bIQUIeWzYPd8N3cxVlzs.roa
Signing time:             Thu 08 Sep 2022 14:42:43 +0000
ROA not before:           Thu 08 Sep 2022 14:42:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     394814
IP address blocks:        95.164.112.0/20 maxlen: 24
                          95.164.248.0/22 maxlen: 24
                          95.164.144.0/20 maxlen: 24
                          94.131.80.0/20 maxlen: 24
                          95.164.60.0/22 maxlen: 24
                          95.164.176.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1d:8d:9e:e6:3d:72:3f:41:1a:f4:95:a5:1c:d7:f2:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Sep  8 14:42:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9de7636fce1b210508796cd83ddf0dddcc55973b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:dc:f5:cc:cb:5f:20:3b:84:2c:58:dc:34:14:
                    f4:f9:47:83:24:6c:f9:83:fb:b7:c1:d7:ac:4d:0c:
                    00:12:84:95:05:da:26:09:33:ab:2b:68:d5:dd:7c:
                    e2:6b:54:1a:26:c8:0d:a1:67:0b:70:d7:57:90:ad:
                    a4:66:bc:44:41:cd:54:1a:25:72:71:1f:ae:98:35:
                    1b:36:bd:2a:37:97:59:95:5e:e3:77:26:db:a2:d1:
                    b0:f7:65:38:2c:8a:c0:ba:1c:ec:18:86:b5:36:d7:
                    b0:80:f9:a8:93:b7:68:8e:c4:22:f7:07:b8:91:8e:
                    a2:a2:07:40:fd:72:ab:f5:e4:35:67:f4:91:92:46:
                    de:fe:4f:67:53:a4:c7:51:29:2c:96:08:a3:37:bf:
                    83:1b:49:74:cd:0c:03:b0:0a:c7:e4:dd:24:5c:88:
                    7d:a6:16:90:b7:86:b6:6d:a9:55:c8:28:dd:79:6b:
                    33:c4:b7:03:fb:db:41:f4:5f:9a:91:52:8b:d0:4f:
                    54:ea:f3:ec:cf:74:86:46:b2:6d:38:38:af:e0:b6:
                    8d:7b:62:13:b9:ca:e9:66:66:20:97:d9:3d:b7:b9:
                    bf:c4:8e:b6:1e:90:c2:f5:cc:38:a4:b4:d5:f2:e6:
                    66:57:7a:0e:d8:c2:ae:e7:ac:6e:f6:36:19:36:98:
                    22:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E7:63:6F:CE:1B:21:05:08:79:6C:D8:3D:DF:0D:DD:CC:55:97:3B
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nedjb84bIQUIeWzYPd8N3cxVlzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.131.80.0/20
                  95.164.60.0/22
                  95.164.112.0/20
                  95.164.144.0/20
                  95.164.176.0/20
                  95.164.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:28:0b:03:18:25:3b:b3:75:b0:8b:3b:09:35:4e:35:94:74:
         48:c5:4c:55:3e:bd:d0:71:29:8b:58:95:db:a3:8c:f5:f7:b9:
         a9:2b:d0:c8:44:fa:b3:aa:87:6d:d8:61:1f:d8:2c:f8:7c:cd:
         b6:19:90:2d:47:fd:a1:01:37:dc:7b:c2:7e:39:44:40:36:6e:
         4b:4b:4d:d4:db:84:86:e5:33:8c:c3:cb:5d:7d:19:26:01:6d:
         54:90:79:66:d1:a2:b6:28:39:49:b0:35:cf:f6:a2:1a:da:7f:
         17:e6:24:e6:52:fa:75:ba:8d:54:b7:fb:87:c2:b9:ea:82:d9:
         7a:49:ff:b8:2e:1b:6a:24:27:2d:6d:e7:23:43:15:3e:c5:46:
         47:33:1b:cd:99:ab:ee:4f:05:94:3d:22:60:2d:64:46:a1:4e:
         23:c7:2e:62:9b:20:09:c1:a5:c2:dd:5f:94:65:1c:29:d9:a0:
         21:fd:e8:f2:e8:77:df:c9:fd:ea:37:3c:23:6b:eb:f8:94:8f:
         51:eb:34:d8:20:ef:2c:17:2c:b1:33:5b:db:17:dc:6f:3f:c2:
         6a:04:26:01:25:f0:0e:c0:d7:19:53:36:fd:f2:ac:69:b6:48:
         10:d0:09:aa:db:8c:e9:e7:ff:1e:00:c9:a0:2b:e6:ce:11:77:
         2a:81:7d:cd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYMdjZ7mPXI/QRr0laUc1/JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwOTA4MTQ0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU3NjM2ZmNlMWIyMTA1MDg3OTZjZDgzZGRmMGRkZGNjNTU5NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtz1zMtfIDuELFjcNBT0+UeDJGz5
g/u3wdesTQwAEoSVBdomCTOrK2jV3Xzia1QaJsgNoWcLcNdXkK2kZrxEQc1UGiVy
cR+umDUbNr0qN5dZlV7jdybbotGw92U4LIrAuhzsGIa1NtewgPmok7dojsQi9we4
kY6iogdA/XKr9eQ1Z/SRkkbe/k9nU6THUSkslgijN7+DG0l0zQwDsArH5N0kXIh9
phaQt4a2balVyCjdeWszxLcD+9tB9F+akVKL0E9U6vPsz3SGRrJtODiv4LaNe2IT
ucrpZmYgl9k9t7m/xI62HpDC9cw4pLTV8uZmV3oO2MKu56xu9jYZNpgiGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ3nY2/OGyEFCHls2D3fDd3MVZc7MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbmVkamI4NGJJUVVJZVd6WVBkOE4zY3hWbHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEXoNQAwQC
X6Q8AwQEX6RwAwQEX6SQAwQEX6SwAwQCX6T4MA0GCSqGSIb3DQEBCwUAA4IBAQBg
KAsDGCU7s3WwizsJNU41lHRIxUxVPr3QcSmLWJXbo4z197mpK9DIRPqzqodt2GEf
2Cz4fM22GZAtR/2hATfce8J+OURANm5LS03U24SG5TOMw8tdfRkmAW1UkHlm0aK2
KDlJsDXP9qIa2n8X5iTmUvp1uo1Ut/uHwrnqgtl6Sf+4LhtqJCctbecjQxU+xUZH
MxvNmavuTwWUPSJgLWRGoU4jxy5imyAJwaXC3V+UZRwp2aAh/ejy6Hffyf3qNzwj
a+v4lI9R6zTYIO8sFyyxM1vbF9xvP8JqBCYBJfAOwNcZUzb98qxptkgQ0Amq24zp
5/8eAMmgK+bOEXcqgX3N
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:43 2023 by rpki-client on console-ams.rpki-client.org