Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/cHrBBUysVVlM4hRB9tu3FUaNi6k.roa
File:                     cHrBBUysVVlM4hRB9tu3FUaNi6k.roa (raw, json)
Hash identifier:          129Xyf0GCkMn/5B8ojRlTFuKCLkGLgu72hlwuNf6qHU=
Subject key identifier:   70:7A:C1:05:4C:AC:55:59:4C:E2:14:41:F6:DB:B7:15:46:8D:8B:A9
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01853FADF06E9E6D4855E1ADB6A5A2DC3B82
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/cHrBBUysVVlM4hRB9tu3FUaNi6k.roa
Signing time:             Fri 23 Dec 2022 15:50:41 +0000
ROA not before:           Fri 23 Dec 2022 15:50:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14576
IP address blocks:        95.181.148.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3f:ad:f0:6e:9e:6d:48:55:e1:ad:b6:a5:a2:dc:3b:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Dec 23 15:50:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=707ac1054cac55594ce21441f6dbb715468d8ba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:37:f5:74:ea:39:40:7d:3b:f4:0a:65:a8:bf:
                    a8:86:9a:62:07:22:a6:e1:d6:f5:90:37:08:aa:8b:
                    a8:dd:bf:f2:1b:68:5e:eb:55:f2:2c:ed:49:7a:63:
                    db:d5:35:02:c2:a5:af:43:b1:81:58:e0:42:e1:a9:
                    21:00:6b:bb:e3:55:f4:41:6d:cc:a1:32:e3:2c:50:
                    16:1d:ea:7a:a8:29:90:e1:e3:bc:28:e7:53:8a:10:
                    87:19:94:a2:2f:6f:bb:88:70:ca:94:d3:61:92:34:
                    a0:f3:7e:26:a7:03:97:88:4b:24:e0:8e:c5:36:2a:
                    dd:e0:60:b5:6f:29:49:40:c7:e3:f7:48:02:b8:58:
                    dd:49:c8:e7:e7:92:33:4e:44:5b:a8:f2:ff:a1:cd:
                    3d:79:b7:ce:1c:d2:fc:a3:63:d1:02:76:85:89:59:
                    76:aa:fd:86:c4:43:cf:cb:c7:a2:5e:db:92:e1:0a:
                    ca:08:c2:56:78:71:91:a0:f9:8f:bd:a8:a7:7f:68:
                    06:00:d0:e7:6a:96:60:d1:92:56:a5:13:50:5a:7c:
                    04:f7:d6:fc:b6:3c:b6:75:e5:72:c8:f8:7e:d6:32:
                    4f:9e:a5:bf:d3:54:0d:7c:ca:f5:b8:a2:57:1b:7c:
                    a6:b0:fc:86:c0:b9:d8:6b:86:07:87:4e:20:ea:39:
                    95:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:7A:C1:05:4C:AC:55:59:4C:E2:14:41:F6:DB:B7:15:46:8D:8B:A9
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/cHrBBUysVVlM4hRB9tu3FUaNi6k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:68:da:6b:85:6e:df:40:a3:0e:de:2c:de:89:5c:60:f8:4f:
         76:12:57:a8:ef:55:0d:c8:b9:3d:ac:63:a8:8e:37:68:98:4b:
         b7:4b:dc:6e:cc:ce:28:7b:43:43:03:ed:c4:90:53:01:ee:aa:
         17:82:03:87:58:38:18:ae:70:71:20:8b:cb:d0:42:ba:0b:d9:
         8b:b8:d9:e5:87:2b:0c:ba:43:de:84:4d:87:9f:4f:02:a8:fd:
         62:98:75:18:a3:d9:0d:d9:31:6e:e1:a9:6b:04:21:88:07:c3:
         94:e6:70:a7:3c:19:b0:68:a2:c1:01:da:cb:56:7f:a2:d2:16:
         78:ce:bf:00:b7:ce:0e:c2:54:bc:40:b4:ac:42:7a:5b:2f:c3:
         88:b4:50:83:6a:b7:e8:e5:ad:67:44:d1:ac:6c:00:83:98:8b:
         a3:19:72:00:67:75:f4:3e:14:14:37:d8:db:f4:7c:56:4e:54:
         44:49:63:19:c6:00:69:ca:b0:64:0b:58:e5:49:c6:e0:31:66:
         49:0a:c3:5c:7f:3c:ea:f7:43:df:5f:c3:07:44:e6:ea:e7:e4:
         4d:2d:c4:61:ce:aa:c3:a9:58:80:26:dc:75:a9:e8:d7:00:74:
         f3:c2:fd:73:5c:a3:3a:ee:da:f0:b5:6c:bd:d7:c4:d2:be:16:
         ce:b4:e5:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/rfBunm1IVeGttqWi3DuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjIxMjIzMTU1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdhYzEwNTRjYWM1NTU5NGNlMjE0NDFmNmRiYjcxNTQ2OGQ4YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTf1dOo5QH079AplqL+ohppiByKm
4db1kDcIqouo3b/yG2he61XyLO1JemPb1TUCwqWvQ7GBWOBC4akhAGu741X0QW3M
oTLjLFAWHep6qCmQ4eO8KOdTihCHGZSiL2+7iHDKlNNhkjSg834mpwOXiEsk4I7F
Nird4GC1bylJQMfj90gCuFjdScjn55IzTkRbqPL/oc09ebfOHNL8o2PRAnaFiVl2
qv2GxEPPy8eiXtuS4QrKCMJWeHGRoPmPvainf2gGANDnapZg0ZJWpRNQWnwE99b8
tjy2deVyyPh+1jJPnqW/01QNfMr1uKJXG3ymsPyGwLnYa4YHh04g6jmVDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHB6wQVMrFVZTOIUQfbbtxVGjYupMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvY0hyQkJVeXNWVmxNNGhSQjl0dTNGVWFOaTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX7WUMA0G
CSqGSIb3DQEBCwUAA4IBAQAdaNprhW7fQKMO3izeiVxg+E92Eleo71UNyLk9rGOo
jjdomEu3S9xuzM4oe0NDA+3EkFMB7qoXggOHWDgYrnBxIIvL0EK6C9mLuNnlhysM
ukPehE2Hn08CqP1imHUYo9kN2TFu4alrBCGIB8OU5nCnPBmwaKLBAdrLVn+i0hZ4
zr8At84OwlS8QLSsQnpbL8OItFCDarfo5a1nRNGsbACDmIujGXIAZ3X0PhQUN9jb
9HxWTlRESWMZxgBpyrBkC1jlScbgMWZJCsNcfzzq90PfX8MHRObq5+RNLcRhzqrD
qViAJtx1qejXAHTzwv1zXKM67trwtWy918TSvhbOtOVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org