Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/USHX3joxQL4pwccViDyryP0ZS6E.roa
File:                     USHX3joxQL4pwccViDyryP0ZS6E.roa (raw, json)
Hash identifier:          ItG4hklCTABMlUgfUEVApDbtqWHQAFBhFM4zyvS50Pk=
Subject key identifier:   51:21:D7:DE:3A:31:40:BE:29:C1:C7:15:88:3C:AB:C8:FD:19:4B:A1
Certificate issuer:       /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial:       09F4EE8D
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/USHX3joxQL4pwccViDyryP0ZS6E.roa
Signing time:             Sat 01 Jan 2022 15:57:20 +0000
ROA not before:           Sat 01 Jan 2022 15:57:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36351
IP address blocks:        95.142.114.0/24 maxlen: 24
                          95.142.117.0/24 maxlen: 24
                          185.54.231.0/24 maxlen: 24
                          95.142.120.0/24 maxlen: 24
                          95.142.126.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167046797 (0x9f4ee8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
        Validity
            Not Before: Jan  1 15:57:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5121d7de3a3140be29c1c715883cabc8fd194ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e4:00:3d:7a:32:a2:1f:7d:da:83:41:ad:af:
                    6b:5a:f0:d1:54:b9:8b:8c:d2:fc:7f:af:b2:13:b3:
                    f8:02:39:9d:aa:a2:5f:f9:be:b9:dc:42:05:18:ab:
                    6d:5e:6e:73:30:e8:e3:76:ad:74:55:9f:11:3d:99:
                    39:fe:a1:1a:d5:c5:18:00:d9:5d:b5:2d:24:f8:d9:
                    33:5b:dd:d6:97:ba:56:25:2d:10:19:10:45:c9:3d:
                    4d:0a:6f:31:cb:98:d4:c8:54:8a:55:f1:10:33:21:
                    25:5a:b2:38:31:65:75:2e:7f:66:f5:37:c0:ca:5c:
                    0b:5b:a9:3e:f2:8c:0c:09:e0:f6:05:c1:98:27:31:
                    ea:f4:16:f3:eb:40:91:ff:62:f5:a1:ec:15:01:0a:
                    3e:ed:e2:74:7d:89:24:19:65:f6:79:cc:e6:4c:27:
                    3b:88:c4:83:1a:84:99:1b:5c:5b:07:f6:23:9e:03:
                    e5:15:04:37:60:c0:88:f8:7e:dc:9e:67:a3:9a:56:
                    30:e0:ba:86:d1:c3:e1:4a:ab:91:59:2a:39:05:1d:
                    33:e2:a5:4f:fa:b0:3d:bb:2c:9a:8c:a8:62:72:b2:
                    ef:af:ef:65:a0:7e:83:dc:52:b9:e9:e6:27:a2:81:
                    8c:4c:a9:e4:05:e6:b4:2c:6b:71:9e:99:c8:15:71:
                    47:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:21:D7:DE:3A:31:40:BE:29:C1:C7:15:88:3C:AB:C8:FD:19:4B:A1
            X509v3 Authority Key Identifier:
                keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/USHX3joxQL4pwccViDyryP0ZS6E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.142.114.0/24
                  95.142.117.0/24
                  95.142.120.0/24
                  95.142.126.0/24
                  185.54.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:a2:80:69:d5:59:aa:e8:5d:6f:7f:aa:43:9b:19:1e:1f:c8:
         61:41:86:8d:79:1a:ba:f7:f3:24:19:ac:71:bf:dd:76:04:74:
         6b:55:5d:8a:d5:da:e5:ea:2a:16:3e:13:bb:ea:7d:ab:3a:b6:
         1d:ce:a0:3c:bd:48:01:7f:4d:36:23:a2:c8:24:24:43:38:5b:
         3f:e7:83:ab:9e:a8:84:49:db:8a:fc:94:a8:a2:7b:af:11:02:
         2d:a4:e9:66:76:da:ef:be:f3:bd:23:80:d8:d8:a1:52:87:5a:
         c9:9d:6f:76:39:ab:0a:fe:49:1b:7e:18:8a:10:99:83:f9:38:
         0d:35:b3:65:c8:15:f6:74:ce:0f:c6:ea:ae:5a:e8:72:07:0c:
         ac:0d:4d:b3:6a:92:b1:c8:71:e4:bc:4e:6a:64:3d:cc:51:f1:
         05:12:b2:1b:9a:65:9b:63:cb:78:da:9c:c4:1f:48:e2:fa:3d:
         ed:2f:75:0f:85:43:46:a6:2d:48:a7:6a:b8:37:39:ba:9b:5b:
         f7:71:c7:ce:0e:94:e4:6b:29:c8:03:3a:eb:36:20:f5:12:83:
         7a:ec:20:7e:a3:b9:4c:db:31:70:12:3c:a7:ae:71:0c:e1:1d:
         13:16:3a:37:b3:a7:86:fb:82:6b:c9:23:05:29:59:9d:0c:d3:
         16:79:fc:81
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECfTujTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTBkOWQ2YjY5N2NhMWM4NjU3MGMyNTY4NjJlNjg1OGI0Nzk5Yzg1MB4XDTIyMDEw
MTE1NTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEyMWQ3ZGUzYTMx
NDBiZTI5YzFjNzE1ODgzY2FiYzhmZDE5NGJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXkAD16MqIffdqDQa2va1rw0VS5i4zS/H+vshOz+AI5naqi
X/m+udxCBRirbV5uczDo43atdFWfET2ZOf6hGtXFGADZXbUtJPjZM1vd1pe6ViUt
EBkQRck9TQpvMcuY1MhUilXxEDMhJVqyODFldS5/ZvU3wMpcC1upPvKMDAng9gXB
mCcx6vQW8+tAkf9i9aHsFQEKPu3idH2JJBll9nnM5kwnO4jEgxqEmRtcWwf2I54D
5RUEN2DAiPh+3J5no5pWMOC6htHD4UqrkVkqOQUdM+KlT/qwPbssmoyoYnKy76/v
ZaB+g9xSuenmJ6KBjEyp5AXmtCxrcZ6ZyBVxR0ECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRRIdfeOjFAvinBxxWIPKvI/RlLoTAfBgNVHSMEGDAWgBTeDZ1raXyhyGVw
wlaGLmhYtHmchTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNnMmRhMmw4b2NobGNNSldoaTVvV0xSNW5JVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNjhkYzNjLWRmMmUtNDQ2MS1iN2E2LTAxY2JmYzBlOTRlNy8x
L1VTSFgzam94UUw0cHdjY1ZpRHlyeVAwWlM2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NjhkYzNjLWRmMmUtNDQ2MS1iN2E2LTAxY2JmYzBlOTRlNy8xLzNnMmRhMmw4b2No
bGNNSldoaTVvV0xSNW5JVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAF+OcgMEAF+OdQMEAF+OeAMEAF+O
fgMEALk25zANBgkqhkiG9w0BAQsFAAOCAQEAu6KAadVZquhdb3+qQ5sZHh/IYUGG
jXkauvfzJBmscb/ddgR0a1VditXa5eoqFj4Tu+p9qzq2Hc6gPL1IAX9NNiOiyCQk
QzhbP+eDq56ohEnbivyUqKJ7rxECLaTpZnba777zvSOA2NihUodayZ1vdjmrCv5J
G34YihCZg/k4DTWzZcgV9nTOD8bqrlrocgcMrA1Ns2qSschx5LxOamQ9zFHxBRKy
G5plm2PLeNqcxB9I4vo97S91D4VDRqYtSKdquDc5uptb93HHzg6U5GspyAM66zYg
9RKDeuwgfqO5TNsxcBI8p65xDOEdExY6N7OnhvuCa8kjBSlZnQzTFnn8gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:08 2024 by rpki-client on console-ams.rpki-client.org