Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/TphbslRSdknO5qaqoK559LAKkVE.roa
File:                     TphbslRSdknO5qaqoK559LAKkVE.roa (raw, json)
Hash identifier:          Qu18GMYFZ5Cr6Teyq0E2svWr8ExmhSBxVvLBHhnUwaI=
Subject key identifier:   4E:98:5B:B2:54:52:76:49:CE:E6:A6:AA:A0:AE:79:F4:B0:0A:91:51
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       031C22E4
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/TphbslRSdknO5qaqoK559LAKkVE.roa
Signing time:             Sat 01 Jan 2022 08:57:15 +0000
ROA not before:           Sat 01 Jan 2022 08:57:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50214
IP address blocks:        185.12.125.0/24 maxlen: 24
                          185.12.124.0/24 maxlen: 24
                          185.12.126.0/24 maxlen: 24
                          185.12.127.0/24 maxlen: 24
                          95.181.152.0/24 maxlen: 24
                          95.181.158.0/24 maxlen: 24
                          95.181.164.0/24 maxlen: 24
                          95.181.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52175588 (0x31c22e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  1 08:57:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e985bb254527649cee6a6aaa0ae79f4b00a9151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:01:00:2d:f0:e3:28:b7:79:7b:85:ba:51:bd:
                    cf:a2:f0:37:62:ea:2c:7b:70:9a:64:75:f8:23:4d:
                    55:19:7e:5d:0e:71:85:33:16:2d:05:07:4e:b6:f5:
                    74:48:50:b2:91:4a:da:58:86:c9:ef:5b:64:63:e2:
                    7e:29:4e:bd:e9:03:f9:43:c5:1d:42:f0:96:94:f2:
                    56:80:87:6f:58:3c:6c:fe:e5:37:69:81:ea:58:ee:
                    6a:14:d3:79:ec:b6:28:bf:a3:bd:ad:bb:7a:98:4a:
                    e5:f8:26:31:72:43:61:b9:9d:93:bf:6d:a3:52:4d:
                    2e:39:ff:f5:b5:83:f3:e1:e3:ed:a8:b9:45:86:93:
                    85:f5:f4:2d:c7:b2:4f:75:b2:78:fd:3e:e9:25:2d:
                    f6:1d:ee:c1:b8:95:0a:49:6c:a7:1c:9d:2b:0c:5b:
                    c3:16:37:67:e8:12:0e:52:2c:ba:da:71:0b:8f:e7:
                    e4:b6:70:78:50:be:6d:e7:57:b9:b4:03:b3:ee:a5:
                    18:67:f4:4e:84:33:c2:15:97:b5:4d:a4:23:a5:26:
                    a2:24:c5:c4:a5:a2:0f:dd:87:da:74:00:d4:42:b4:
                    da:1c:d3:18:f0:a0:45:b3:59:5d:8a:29:be:2c:58:
                    a4:80:c3:49:92:54:52:86:70:bf:bc:9f:dc:bb:b6:
                    d2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:98:5B:B2:54:52:76:49:CE:E6:A6:AA:A0:AE:79:F4:B0:0A:91:51
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/TphbslRSdknO5qaqoK559LAKkVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.152.0/24
                  95.181.158.0/24
                  95.181.164.0/24
                  95.181.171.0/24
                  185.12.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:3c:2d:1e:e4:b8:c5:78:1d:25:6c:74:05:ac:f0:a0:9a:08:
         64:08:66:5e:53:46:60:87:3d:fa:df:a9:0d:78:13:af:0c:da:
         8d:94:3d:c5:80:46:5f:87:8d:dd:5c:d7:1b:e6:0a:f2:1d:b1:
         91:50:fc:b9:5b:f4:3a:1b:f7:f2:7b:0a:a7:a8:88:2f:ab:3a:
         bb:10:b6:73:cc:5d:ed:37:3b:de:51:b7:55:e3:a3:68:fd:71:
         12:2b:ae:8b:06:35:74:62:14:e0:3f:13:a4:d3:a1:86:21:47:
         ed:f0:67:29:83:9b:c1:d2:5f:86:f0:6b:a2:50:27:a3:aa:a3:
         57:be:10:db:22:c2:15:5c:02:ef:e7:a8:dc:5a:64:0e:7d:d2:
         27:2e:9b:b7:c9:fa:2d:38:db:14:06:db:9d:bf:25:3f:cb:aa:
         c9:b4:ff:98:e9:55:d1:8d:d6:b7:bb:4f:a5:a7:e8:5c:96:76:
         3f:03:65:14:1a:73:1c:90:4a:fd:cb:ba:24:96:4f:11:26:93:
         eb:30:1d:f3:70:af:36:7e:9b:6b:6e:63:5d:60:e9:59:ad:b2:
         69:c3:95:76:fb:25:18:32:4e:f7:81:ac:25:8e:5d:96:cb:04:
         ea:7f:37:28:b6:52:a3:b3:77:b0:18:03:91:1c:05:b6:10:e0:
         dd:d4:0a:7a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAxwi5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjM3NjlmODY0NGE1YTcxOGFlNjJiMDU4ZGQxZmI2MmNiNWEzYzIwMB4XDTIyMDEw
MTA4NTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU5ODViYjI1NDUy
NzY0OWNlZTZhNmFhYTBhZTc5ZjRiMDBhOTE1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkBAC3w4yi3eXuFulG9z6LwN2LqLHtwmmR1+CNNVRl+XQ5x
hTMWLQUHTrb1dEhQspFK2liGye9bZGPifilOvekD+UPFHULwlpTyVoCHb1g8bP7l
N2mB6ljuahTTeey2KL+jva27ephK5fgmMXJDYbmdk79to1JNLjn/9bWD8+Hj7ai5
RYaThfX0LceyT3WyeP0+6SUt9h3uwbiVCklspxydKwxbwxY3Z+gSDlIsutpxC4/n
5LZweFC+bedXubQDs+6lGGf0ToQzwhWXtU2kI6UmoiTFxKWiD92H2nQA1EK02hzT
GPCgRbNZXYopvixYpIDDSZJUUoZwv7yf3Lu20l0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBROmFuyVFJ2Sc7mpqqgrnn0sAqRUTAfBgNVHSMEGDAWgBQ2N2n4ZEpacYrm
KwWN0ftiy1o8IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05qZHAtR1JLV25HSzVpc0ZqZEg3WXN0YVBDQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMGY4ZmVhLWYwMGEtNDQxNS1iMzk2LTM5OWZjOTY5M2IyMi8x
L1RwaGJzbFJTZGtuTzVxYXFvSzU1OUxBS2tWRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MGY4ZmVhLWYwMGEtNDQxNS1iMzk2LTM5OWZjOTY5M2IyMi8xL05qZHAtR1JLV25H
SzVpc0ZqZEg3WXN0YVBDQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAF+1mAMEAF+1ngMEAF+1pAMEAF+1
qwMEArkMfDANBgkqhkiG9w0BAQsFAAOCAQEAUzwtHuS4xXgdJWx0BazwoJoIZAhm
XlNGYIc9+t+pDXgTrwzajZQ9xYBGX4eN3VzXG+YK8h2xkVD8uVv0Ohv38nsKp6iI
L6s6uxC2c8xd7Tc73lG3VeOjaP1xEiuuiwY1dGIU4D8TpNOhhiFH7fBnKYObwdJf
hvBrolAno6qjV74Q2yLCFVwC7+eo3FpkDn3SJy6bt8n6LTjbFAbbnb8lP8uqybT/
mOlV0Y3Wt7tPpafoXJZ2PwNlFBpzHJBK/cu6JJZPESaT6zAd83CvNn6ba25jXWDp
Wa2yacOVdvslGDJO94GsJY5dlssE6n83KLZSo7N3sBgDkRwFthDg3dQKeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:35 2024 by rpki-client on console-ams.rpki-client.org