Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7Xbw6c-MEz8-0nBNPSwtFwbrPhs.roa
File:                     7Xbw6c-MEz8-0nBNPSwtFwbrPhs.roa (raw, json)
Hash identifier:          LkOxg3tAuF8l2QgeiAvL86OfST/NLPkY74T89sdtvYI=
Subject key identifier:   ED:76:F0:E9:CF:8C:13:3F:3E:D2:70:4D:3D:2C:2D:17:06:EB:3E:1B
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       0382193B
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7Xbw6c-MEz8-0nBNPSwtFwbrPhs.roa
Signing time:             Fri 11 Feb 2022 20:40:47 +0000
ROA not before:           Fri 11 Feb 2022 20:40:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208626
IP address blocks:        95.181.164.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58857787 (0x382193b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Feb 11 20:40:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed76f0e9cf8c133f3ed2704d3d2c2d1706eb3e1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:9f:1e:2d:b9:04:d6:74:6b:69:c7:63:f2:a8:
                    5a:23:ca:75:4b:f9:dd:04:e2:d7:52:74:a9:a5:a6:
                    2b:bf:6e:7a:c2:dd:fa:b0:7b:33:66:c2:5f:31:27:
                    30:2d:f0:2d:f7:1f:03:b4:79:bb:38:36:d4:8b:41:
                    f3:d6:da:5d:88:95:80:04:44:dd:82:0b:ff:7b:05:
                    7b:ad:4e:ec:9f:bf:d0:3e:d7:83:e8:67:e7:bc:6f:
                    4b:2d:5d:42:e2:c0:75:66:b0:3f:36:57:21:98:9a:
                    01:9f:c5:4e:d1:62:82:e1:93:c8:98:a4:bc:27:2c:
                    8b:ef:e7:b9:b8:26:43:b8:5b:88:0f:82:f8:69:6f:
                    f5:98:02:0c:8d:99:c0:70:17:bb:b7:49:54:f9:5c:
                    e4:d0:70:37:5d:f7:67:02:20:f1:d8:a1:73:df:34:
                    ff:d5:df:30:b3:3e:85:30:7b:b5:b5:8a:cf:8a:8a:
                    d9:a6:38:09:05:13:48:17:48:c0:a0:bb:a2:4d:6c:
                    85:a6:1b:d8:87:e6:a3:8e:4c:9c:36:8e:bd:aa:fa:
                    2b:a5:b6:e9:4d:68:e4:50:fc:3a:ac:41:ea:08:35:
                    da:4e:8a:f1:94:16:f7:65:c2:20:83:d0:6e:19:01:
                    b2:4f:a4:b1:7d:58:2d:f3:66:79:a6:79:2c:cb:b0:
                    2c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:76:F0:E9:CF:8C:13:3F:3E:D2:70:4D:3D:2C:2D:17:06:EB:3E:1B
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/7Xbw6c-MEz8-0nBNPSwtFwbrPhs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:b1:42:fe:8f:85:20:60:94:a9:1f:97:7c:b5:3a:ec:94:c9:
         60:e6:15:0f:5d:24:43:b1:1a:48:04:91:58:41:d9:91:e6:fd:
         fc:e8:3c:6a:dd:84:81:89:bd:7c:62:2d:d6:72:95:e0:30:ff:
         ab:de:5f:46:92:c3:ee:a9:19:d9:47:68:5f:c5:79:2b:1b:96:
         70:8f:e3:d3:86:9f:7a:3d:7a:43:72:37:56:8c:34:c8:08:55:
         98:f3:06:b1:28:a0:06:7c:ea:5a:9a:79:33:65:34:26:86:66:
         3a:67:84:78:1d:dc:ac:4b:17:7a:6a:97:d9:30:ed:02:39:02:
         cc:32:61:ef:e7:1d:5a:76:5a:3e:81:35:67:dd:bf:fe:79:78:
         ab:9a:ce:22:57:be:16:ee:58:63:d5:8f:82:83:8b:dc:2a:16:
         f7:e9:a3:fa:d8:33:44:27:73:4a:af:7c:e7:1d:84:bf:55:26:
         33:4a:d3:22:e3:db:4d:a2:61:50:12:96:d7:fb:09:50:89:71:
         07:fe:a2:98:59:5f:f7:d7:ee:e1:2c:a4:45:32:ef:b6:6a:4a:
         98:16:ff:78:7a:e4:ba:9a:7d:e1:c4:b6:59:3d:3a:7c:b0:3a:
         f8:e8:71:29:8d:57:18:33:bf:fb:ae:85:9c:89:3f:65:71:8a:
         9e:12:2d:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4IZOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjM3NjlmODY0NGE1YTcxOGFlNjJiMDU4ZGQxZmI2MmNiNWEzYzIwMB4XDTIyMDIx
MTIwNDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ3NmYwZTljZjhj
MTMzZjNlZDI3MDRkM2QyYzJkMTcwNmViM2UxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2fHi25BNZ0a2nHY/KoWiPKdUv53QTi11J0qaWmK79uesLd
+rB7M2bCXzEnMC3wLfcfA7R5uzg21ItB89baXYiVgARE3YIL/3sFe61O7J+/0D7X
g+hn57xvSy1dQuLAdWawPzZXIZiaAZ/FTtFiguGTyJikvCcsi+/nubgmQ7hbiA+C
+Glv9ZgCDI2ZwHAXu7dJVPlc5NBwN133ZwIg8dihc980/9XfMLM+hTB7tbWKz4qK
2aY4CQUTSBdIwKC7ok1shaYb2Ifmo45MnDaOvar6K6W26U1o5FD8OqxB6gg12k6K
8ZQW92XCIIPQbhkBsk+ksX1YLfNmeaZ5LMuwLN8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTtdvDpz4wTPz7ScE09LC0XBus+GzAfBgNVHSMEGDAWgBQ2N2n4ZEpacYrm
KwWN0ftiy1o8IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05qZHAtR1JLV25HSzVpc0ZqZEg3WXN0YVBDQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMGY4ZmVhLWYwMGEtNDQxNS1iMzk2LTM5OWZjOTY5M2IyMi8x
LzdYYnc2Yy1NRXo4LTBuQk5QU3d0RndiclBocy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MGY4ZmVhLWYwMGEtNDQxNS1iMzk2LTM5OWZjOTY5M2IyMi8xL05qZHAtR1JLV25H
SzVpc0ZqZEg3WXN0YVBDQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+1pDANBgkqhkiG9w0BAQsFAAOC
AQEAgLFC/o+FIGCUqR+XfLU67JTJYOYVD10kQ7EaSASRWEHZkeb9/Og8at2EgYm9
fGIt1nKV4DD/q95fRpLD7qkZ2UdoX8V5KxuWcI/j04afej16Q3I3Vow0yAhVmPMG
sSigBnzqWpp5M2U0JoZmOmeEeB3crEsXemqX2TDtAjkCzDJh7+cdWnZaPoE1Z92/
/nl4q5rOIle+Fu5YY9WPgoOL3CoW9+mj+tgzRCdzSq985x2Ev1UmM0rTIuPbTaJh
UBKW1/sJUIlxB/6imFlf99fu4SykRTLvtmpKmBb/eHrkupp94cS2WT06fLA6+Ohx
KY1XGDO/+66FnIk/ZXGKnhItJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:35 2024 by rpki-client on console-ams.rpki-client.org