Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/RzsR_pWyZV4vcvkKCGRVhw1a7n8.roa
File:                     RzsR_pWyZV4vcvkKCGRVhw1a7n8.roa (raw, json)
Hash identifier:          2Nuus67EciStcwyZmFjnUzU6xgOb/fu3jUxhlW3UAfQ=
Subject key identifier:   47:3B:11:FE:95:B2:65:5E:2F:72:F9:0A:08:64:55:87:0D:5A:EE:7F
Certificate issuer:       /CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Certificate serial:       05E141
Authority key identifier: 88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/RzsR_pWyZV4vcvkKCGRVhw1a7n8.roa
Signing time:             Wed 08 Jun 2022 13:24:02 +0000
ROA not before:           Wed 08 Jun 2022 13:24:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8751
IP address blocks:        195.245.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 385345 (0x5e141)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
        Validity
            Not Before: Jun  8 13:24:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=473b11fe95b2655e2f72f90a086455870d5aee7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ab:e3:6d:44:92:57:b0:fe:90:7e:30:77:48:
                    e2:e5:40:4b:6d:ed:f3:f3:49:67:d5:5c:26:ba:36:
                    ea:ca:ad:24:ba:b0:be:5a:46:74:f5:d8:1e:57:64:
                    dc:15:6e:ca:bd:ce:3f:c6:8c:5c:a3:dd:58:bf:11:
                    f3:22:b5:21:72:9a:50:4d:06:48:c2:3e:5f:c9:cd:
                    0c:ba:1d:18:ab:4d:56:1a:38:24:18:fd:ee:7e:11:
                    f2:91:86:2b:77:67:c8:50:5c:6e:f5:03:2d:df:1e:
                    32:7e:68:2f:fe:90:61:b5:00:bf:97:8f:87:03:c4:
                    5f:3a:41:70:6f:d1:2d:92:e7:b6:0a:98:7a:53:b3:
                    ad:12:38:c6:31:e9:b6:29:18:94:8b:b0:e4:2e:a0:
                    36:c2:75:83:ba:73:e6:f9:89:17:a6:92:f6:56:7a:
                    25:07:8a:e5:60:4b:0b:2c:b6:90:e4:9b:f5:3d:d8:
                    3e:67:c4:33:98:17:24:cb:30:2e:9b:4a:51:f1:2b:
                    8a:06:41:ec:4d:f5:6d:af:80:b9:ec:18:42:cb:ed:
                    5e:f1:ca:2f:1b:f1:34:4f:72:8c:84:85:49:2c:c5:
                    60:6a:25:a2:49:9b:33:b7:fa:d8:71:ad:3f:32:03:
                    e4:dd:9b:b3:23:89:7e:b3:f5:53:d5:4e:e3:01:7c:
                    49:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:3B:11:FE:95:B2:65:5E:2F:72:F9:0A:08:64:55:87:0D:5A:EE:7F
            X509v3 Authority Key Identifier:
                keyid:88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/RzsR_pWyZV4vcvkKCGRVhw1a7n8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/iKWrZp-r5y3sLoN4R2p-kVwk7c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.245.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d4:19:8a:fd:10:6e:3c:d3:4c:87:35:ae:2c:c2:33:eb:c7:3b:
         fd:55:f5:0e:a2:7c:d8:a0:08:8e:89:32:9e:da:c2:16:4a:27:
         07:4c:13:5b:6e:b7:d0:3d:97:8f:8f:5e:10:26:79:a4:2e:7e:
         f6:2a:31:e4:ff:cf:d0:88:ad:8e:23:7e:ae:22:b0:d4:e5:93:
         db:ab:b0:56:0b:89:86:47:42:2d:4d:a2:59:e3:de:cc:71:58:
         4f:e1:82:9b:2f:a3:6b:46:d2:33:ea:2e:35:c0:99:eb:35:0d:
         1e:8c:96:1b:89:3d:2e:d7:c9:a1:16:b2:5a:92:2f:c6:80:d0:
         ff:98:7e:9c:60:9d:43:9a:4b:1f:24:37:e5:48:54:ea:1e:d3:
         6d:3e:c1:1f:57:27:16:83:c3:21:7e:1d:8f:b7:d7:9a:72:f0:
         e8:0c:0b:15:33:de:73:41:25:c8:36:73:12:d7:ad:94:d6:1f:
         d2:01:cd:dc:ea:5e:25:96:59:11:8b:f8:4a:8e:74:87:7a:1b:
         a8:54:04:f6:46:73:1d:37:0e:2b:09:d5:25:ba:9f:1d:21:fd:
         fb:ba:bd:c4:0b:04:cb:7f:0f:55:fe:c5:04:73:9c:67:45:9b:
         cb:0d:c1:5b:74:d5:d8:50:c9:97:d4:28:99:2d:72:71:55:b8:
         06:eb:43:c2
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBeFBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg4
YTVhYjY2OWZhYmU3MmRlYzJlODM3ODQ3NmE3ZTkxNWMyNGVkY2YwHhcNMjIwNjA4
MTMyNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NzNiMTFmZTk1YjI2
NTVlMmY3MmY5MGEwODY0NTU4NzBkNWFlZTdmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtqvjbUSSV7D+kH4wd0ji5UBLbe3z80ln1Vwmujbqyq0kurC+
WkZ09dgeV2TcFW7Kvc4/xoxco91YvxHzIrUhcppQTQZIwj5fyc0Muh0Yq01WGjgk
GP3ufhHykYYrd2fIUFxu9QMt3x4yfmgv/pBhtQC/l4+HA8RfOkFwb9Etkue2Cph6
U7OtEjjGMem2KRiUi7DkLqA2wnWDunPm+YkXppL2VnolB4rlYEsLLLaQ5Jv1Pdg+
Z8QzmBckyzAum0pR8SuKBkHsTfVtr4C57BhCy+1e8covG/E0T3KMhIVJLMVgaiWi
SZszt/rYca0/MgPk3ZuzI4l+s/VT1U7jAXxJQwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEc7Ef6VsmVeL3L5CghkVYcNWu5/MB8GA1UdIwQYMBaAFIilq2afq+ct7C6D
eEdqfpFcJO3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5LzEv
UnpzUl9wV3laVjR2Y3ZrS0NHUlZodzFhN244LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82
OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5LzEvaUtXclpwLXI1eTNz
TG9ONFIycC1rVndrN2M4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XcMA0GCSqGSIb3DQEBCwUAA4IB
AQDUGYr9EG4800yHNa4swjPrxzv9VfUOonzYoAiOiTKe2sIWSicHTBNbbrfQPZeP
j14QJnmkLn72KjHk/8/QiK2OI36uIrDU5ZPbq7BWC4mGR0ItTaJZ497McVhP4YKb
L6NrRtIz6i41wJnrNQ0ejJYbiT0u18mhFrJaki/GgND/mH6cYJ1DmksfJDflSFTq
HtNtPsEfVycWg8Mhfh2Pt9eacvDoDAsVM95zQSXINnMS162U1h/SAc3c6l4lllkR
i/hKjnSHehuoVAT2RnMdNw4rCdUlup8dIf37ur3ECwTLfw9V/sUEc5xnRZvLDcFb
dNXYUMmX1CiZLXJxVbgG60PC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:12 2024 by rpki-client on console-ams.rpki-client.org