Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/_APhR71HlK_Mfi-FQGwHx8erBiQ.roa
File:                     _APhR71HlK_Mfi-FQGwHx8erBiQ.roa (raw, json)
Hash identifier:          8CGbkARP5azwFnsXCe8IXgjrI54QWZyegebyqSSUqTU=
Subject key identifier:   FC:03:E1:47:BD:47:94:AF:CC:7E:2F:85:40:6C:07:C7:C7:AB:06:24
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       08CA0125
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/_APhR71HlK_Mfi-FQGwHx8erBiQ.roa
Signing time:             Tue 28 Jun 2022 13:09:02 +0000
ROA not before:           Tue 28 Jun 2022 13:09:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43350
IP address blocks:        95.178.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147456293 (0x8ca0125)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Jun 28 13:09:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fc03e147bd4794afcc7e2f85406c07c7c7ab0624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:cf:3c:45:f8:e2:cd:78:89:66:ed:71:79:1b:
                    3f:c0:1a:91:3f:21:4a:03:2b:e4:e0:00:4c:f3:08:
                    ce:2e:6c:de:7e:41:84:ae:6e:a4:ce:1b:70:d1:8f:
                    80:ae:63:d2:43:a8:f1:e4:4c:24:d1:2c:5f:96:04:
                    53:e9:e2:27:bd:f0:09:1e:d3:41:32:d7:5d:7d:6f:
                    47:ee:a0:c9:fd:c4:a0:de:33:81:f5:14:09:16:f8:
                    bd:49:b0:04:a8:08:9c:ee:86:66:53:b0:c4:74:0c:
                    60:64:fa:11:59:d2:22:01:9f:b5:94:88:e0:18:aa:
                    c8:e3:02:a3:75:8b:5a:ff:37:aa:3c:05:f1:fa:c7:
                    7b:71:82:ba:2e:a3:e5:20:fc:02:97:67:71:31:26:
                    8c:27:9d:cf:a3:eb:6b:26:c2:13:69:2b:3d:8b:9f:
                    ff:8d:59:cd:65:e5:bb:39:e3:18:e4:80:47:80:68:
                    64:37:36:e8:6c:b8:e2:7c:9d:7b:4b:21:f1:58:2c:
                    12:05:30:cd:7f:2e:d0:4e:f9:78:68:0d:fa:ee:1d:
                    38:2c:8b:8a:c9:fb:72:ab:4a:bf:13:d4:13:40:c8:
                    ef:47:11:25:ef:f1:8a:b1:e1:24:5c:fc:ff:cb:39:
                    7b:8f:46:b6:54:5c:69:3a:21:74:44:fb:07:ff:a7:
                    95:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:03:E1:47:BD:47:94:AF:CC:7E:2F:85:40:6C:07:C7:C7:AB:06:24
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/_APhR71HlK_Mfi-FQGwHx8erBiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.178.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:a6:69:7a:0d:91:2c:e7:0b:69:26:72:5c:af:70:cf:94:fc:
         9c:ce:97:cc:3e:93:fc:6f:fa:33:20:7d:4b:76:70:3b:27:99:
         e1:42:1f:97:25:8b:3f:72:e8:ca:92:e4:72:45:d6:a9:d2:ec:
         2e:9b:52:82:54:13:71:5a:9e:f1:1e:4f:b7:ef:be:04:4a:82:
         90:34:15:08:95:09:fc:38:f1:96:1c:f4:be:34:e0:a3:2e:e2:
         25:de:54:d2:44:d6:64:89:ea:42:13:1d:cc:79:1b:ca:47:0a:
         6d:df:81:db:dc:d1:48:43:2b:1f:42:c2:ed:11:c9:59:e9:97:
         e6:ce:84:d0:c7:b6:40:49:f6:59:12:e3:61:96:0c:b8:2f:40:
         51:1b:cd:37:37:04:23:03:75:cb:69:f9:78:d6:5c:ec:d0:f1:
         8d:81:18:56:26:a2:54:fa:56:f2:c2:cf:2a:fd:e4:c3:8d:66:
         54:32:25:85:15:03:71:65:cd:ef:34:38:be:1a:6c:c5:8a:db:
         a1:7a:9e:d8:cf:2f:ed:dd:c3:70:39:d2:6e:67:bf:6b:9a:79:
         c9:3a:5b:1b:8c:95:5a:44:ae:98:be:d4:fb:b8:93:46:4b:5a:
         46:a2:3e:32:3b:52:7f:89:5c:9c:3b:76:76:b5:39:44:a2:fe:
         de:51:63:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMoBJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2YyMTBmMTI5OWExZTBhZWU3MWRjMWQ3OWU1ZmIxMjA5MmQzMGE5MB4XDTIyMDYy
ODEzMDkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMwM2UxNDdiZDQ3
OTRhZmNjN2UyZjg1NDA2YzA3YzdjN2FiMDYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIPPPEX44s14iWbtcXkbP8AakT8hSgMr5OAATPMIzi5s3n5B
hK5upM4bcNGPgK5j0kOo8eRMJNEsX5YEU+niJ73wCR7TQTLXXX1vR+6gyf3EoN4z
gfUUCRb4vUmwBKgInO6GZlOwxHQMYGT6EVnSIgGftZSI4BiqyOMCo3WLWv83qjwF
8frHe3GCui6j5SD8ApdncTEmjCedz6PraybCE2krPYuf/41ZzWXluznjGOSAR4Bo
ZDc26Gy44nyde0sh8VgsEgUwzX8u0E75eGgN+u4dOCyLisn7cqtKvxPUE0DI70cR
Je/xirHhJFz8/8s5e49GtlRcaTohdET7B/+nle8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8A+FHvUeUr8x+L4VAbAfHx6sGJDAfBgNVHSMEGDAWgBRz8hDxKZoeCu5x
3B155fsSCS0wqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfSVE4U21hSGdydWNkd2RlZVg3RWdrdE1Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8x
L19BUGhSNzFIbEtfTWZpLUZRR3dIeDhlckJpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8xL2NfSVE4U21hSGdy
dWNkd2RlZVg3RWdrdE1Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+yajANBgkqhkiG9w0BAQsFAAOC
AQEAVaZpeg2RLOcLaSZyXK9wz5T8nM6XzD6T/G/6MyB9S3ZwOyeZ4UIflyWLP3Lo
ypLkckXWqdLsLptSglQTcVqe8R5Pt+++BEqCkDQVCJUJ/Djxlhz0vjTgoy7iJd5U
0kTWZInqQhMdzHkbykcKbd+B29zRSEMrH0LC7RHJWemX5s6E0Me2QEn2WRLjYZYM
uC9AURvNNzcEIwN1y2n5eNZc7NDxjYEYViaiVPpW8sLPKv3kw41mVDIlhRUDcWXN
7zQ4vhpsxYrboXqe2M8v7d3DcDnSbme/a5p5yTpbG4yVWkSumL7U+7iTRktaRqI+
MjtSf4lcnDt2drU5RKL+3lFjYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org