Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7NzmoL4xWYw8DkxbWyIf7ZRAaSc.roa
File:                     7NzmoL4xWYw8DkxbWyIf7ZRAaSc.roa (raw, json)
Hash identifier:          HOfH8CPiceYnh56kadyBbL/443KVKZFdG62rSa2kHX4=
Subject key identifier:   EC:DC:E6:A0:BE:31:59:8C:3C:0E:4C:5B:5B:22:1F:ED:94:40:69:27
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       0181CF904943CCF4A8D20277ECCB4595ABEB
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7NzmoL4xWYw8DkxbWyIf7ZRAaSc.roa
Signing time:             Tue 05 Jul 2022 18:12:28 +0000
ROA not before:           Tue 05 Jul 2022 18:12:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12722
IP address blocks:        95.181.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:cf:90:49:43:cc:f4:a8:d2:02:77:ec:cb:45:95:ab:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jul  5 18:12:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecdce6a0be31598c3c0e4c5b5b221fed94406927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8a:64:a7:74:91:ef:51:75:d9:56:60:cd:55:
                    eb:d5:69:ee:f7:f2:87:f6:9f:38:31:31:2e:b7:e7:
                    c2:ee:bb:4e:b6:fc:66:44:54:27:86:7f:81:3e:60:
                    bd:83:fd:4f:26:58:fc:1a:70:d1:e1:b6:4f:f7:d0:
                    31:77:da:80:4a:2e:37:a7:1f:5b:3d:dd:6e:d0:10:
                    0a:11:89:e5:15:21:f2:81:e7:18:15:f8:bd:85:6b:
                    6c:36:27:ac:52:5c:54:cd:00:2c:c2:7b:da:fc:4e:
                    12:ca:d5:52:ce:46:99:53:a9:33:7f:ec:d9:ab:35:
                    5a:2a:ac:92:f7:02:83:a0:4e:56:4e:f7:b0:dc:41:
                    30:1a:1e:ab:77:e8:57:f7:a1:37:9a:62:66:ff:31:
                    36:7a:b2:ff:32:51:9c:7b:4a:1b:09:34:ea:97:e1:
                    87:46:9c:11:6a:d3:cc:99:b1:69:1b:1e:f2:9d:03:
                    5a:d9:77:d4:a7:d9:db:3a:67:3c:1c:84:3b:cd:86:
                    1d:2e:f8:76:b2:9e:df:c1:24:90:c9:3a:78:31:ff:
                    e1:d3:d6:58:d7:e7:1a:62:b8:ab:dd:60:e1:ae:5f:
                    4f:0e:e5:ca:8c:3d:22:7f:7b:f3:1b:34:f9:99:00:
                    f5:fe:7a:01:a5:c1:3b:aa:d8:f9:a3:1b:d6:10:cd:
                    8b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:DC:E6:A0:BE:31:59:8C:3C:0E:4C:5B:5B:22:1F:ED:94:40:69:27
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7NzmoL4xWYw8DkxbWyIf7ZRAaSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:89:d7:93:ef:8c:38:0d:a7:a1:8e:8a:ef:14:98:d7:a7:0c:
         9d:2f:1c:04:9e:eb:46:d8:68:b9:57:e0:42:4f:32:0d:c9:57:
         28:31:2f:6f:9d:b9:63:2e:30:65:86:3c:38:d6:64:d0:cc:fa:
         b4:02:9d:4b:bb:25:67:b5:28:bb:ad:99:72:d1:51:11:c3:25:
         d1:39:f9:19:db:22:dc:f5:e9:af:77:90:bf:65:9a:d1:0d:f3:
         68:5a:71:52:2d:96:37:f7:4a:3b:49:f1:74:fb:5a:bc:3c:5f:
         69:13:dc:3c:31:20:03:d5:92:97:6a:f9:ef:7a:bd:3b:db:bd:
         01:c1:c5:7b:77:d5:a9:ca:8e:19:c9:16:42:e5:46:10:e0:7a:
         b1:76:10:fd:4f:ca:68:ff:88:57:e8:e3:39:51:f7:bb:a5:15:
         79:82:49:94:33:b0:58:77:29:6b:0c:15:f0:3a:1f:08:26:ca:
         2f:49:43:dc:53:a3:f5:89:3f:ad:2b:17:54:dc:5b:73:dd:7a:
         3d:e4:2f:cd:7c:3f:b2:ed:3b:ea:07:b1:6a:82:96:16:9f:d2:
         4c:69:44:82:a4:e9:61:bc:57:df:77:0a:e0:cb:3d:14:fe:65:
         bf:45:15:d9:34:f4:bd:1f:b3:16:4e:32:bc:8e:e2:90:8e:ba:
         d4:d2:a4:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHPkElDzPSo0gJ37MtFlavrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjIwNzA1MTgxMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RjZTZhMGJlMzE1OThjM2MwZTRjNWI1YjIyMWZlZDk0NDA2OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYpkp3SR71F12VZgzVXr1Wnu9/KH
9p84MTEut+fC7rtOtvxmRFQnhn+BPmC9g/1PJlj8GnDR4bZP99Axd9qASi43px9b
Pd1u0BAKEYnlFSHygecYFfi9hWtsNiesUlxUzQAswnva/E4SytVSzkaZU6kzf+zZ
qzVaKqyS9wKDoE5WTvew3EEwGh6rd+hX96E3mmJm/zE2erL/MlGce0obCTTql+GH
RpwRatPMmbFpGx7ynQNa2XfUp9nbOmc8HIQ7zYYdLvh2sp7fwSSQyTp4Mf/h09ZY
1+caYrir3WDhrl9PDuXKjD0if3vzGzT5mQD1/noBpcE7qtj5oxvWEM2LaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzc5qC+MVmMPA5MW1siH+2UQGknMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvN056bW9MNHhXWXc4RGt4Yld5SWY3WlJBYVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WhMA0G
CSqGSIb3DQEBCwUAA4IBAQAPideT74w4DaehjorvFJjXpwydLxwEnutG2Gi5V+BC
TzINyVcoMS9vnbljLjBlhjw41mTQzPq0Ap1LuyVntSi7rZly0VERwyXROfkZ2yLc
9emvd5C/ZZrRDfNoWnFSLZY390o7SfF0+1q8PF9pE9w8MSAD1ZKXavnver07270B
wcV7d9Wpyo4ZyRZC5UYQ4HqxdhD9T8po/4hX6OM5Ufe7pRV5gkmUM7BYdylrDBXw
Oh8IJsovSUPcU6P1iT+tKxdU3Ftz3Xo95C/NfD+y7TvqB7FqgpYWn9JMaUSCpOlh
vFffdwrgyz0U/mW/RRXZNPS9H7MWTjK8juKQjrrU0qSb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org