Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/u5KLsKVsMsGCkm36ozdK7P6KNKo.roa
File:                     u5KLsKVsMsGCkm36ozdK7P6KNKo.roa (raw, json)
Hash identifier:          ltYqRa36ypyJs/aWsYPIfwO0xca8nLmuVz/q1SPLTYU=
Subject key identifier:   BB:92:8B:B0:A5:6C:32:C1:82:92:6D:FA:A3:37:4A:EC:FE:8A:34:AA
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01833B51E615584D3AD050978A5ADA433FE9
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/u5KLsKVsMsGCkm36ozdK7P6KNKo.roa
Signing time:             Wed 14 Sep 2022 09:26:06 +0000
ROA not before:           Wed 14 Sep 2022 09:26:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26548
IP address blocks:        95.181.148.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:3b:51:e6:15:58:4d:3a:d0:50:97:8a:5a:da:43:3f:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Sep 14 09:26:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bb928bb0a56c32c182926dfaa3374aecfe8a34aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ed:b1:85:b3:96:50:62:02:86:1b:44:86:b5:
                    a9:0c:7b:c5:f9:71:a6:fc:1e:07:e6:e4:bd:84:be:
                    8d:8b:ce:80:36:7b:fc:d0:19:b0:2c:40:b3:ec:a7:
                    c0:dc:e6:29:99:e2:b0:a9:b3:5b:90:e3:cf:41:d3:
                    73:87:6f:0e:eb:bc:ad:b3:bd:33:02:c2:e0:fa:1f:
                    b2:de:ae:39:9d:1f:c7:95:79:5c:9c:10:5a:29:a0:
                    7a:48:28:0f:b3:eb:78:4a:b0:62:42:b4:bd:bf:7e:
                    84:c3:0f:81:c4:99:e1:9c:f5:ff:d5:48:92:49:77:
                    74:0a:d3:cd:61:1e:d1:bd:11:b1:93:cf:90:c1:e0:
                    93:ff:f7:86:cf:ef:3d:3d:66:19:56:e5:52:ed:e9:
                    64:77:e4:8b:22:a1:9b:e8:d4:70:4c:47:b3:85:06:
                    37:2f:9d:c2:0f:00:f5:c0:23:f3:0c:db:5c:bb:bf:
                    ec:aa:2e:82:5b:2e:19:bd:7c:10:2a:ef:80:18:ad:
                    ac:93:e0:09:30:c2:f5:46:6c:a7:d7:3f:fc:e3:cd:
                    da:16:17:5a:18:ce:70:6a:de:37:2f:1e:4c:8e:4d:
                    c1:eb:8e:23:77:c4:96:d1:7d:c9:bb:36:b9:c7:62:
                    51:f2:bc:8f:73:5e:39:00:89:79:de:20:5d:32:33:
                    d3:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:92:8B:B0:A5:6C:32:C1:82:92:6D:FA:A3:37:4A:EC:FE:8A:34:AA
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/u5KLsKVsMsGCkm36ozdK7P6KNKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:3b:0a:cc:b7:df:ed:b3:3b:e0:b8:f7:ed:a8:0e:a4:a0:b8:
         32:74:51:e8:d5:62:82:0d:01:3a:b2:3a:0a:4b:9d:57:19:b3:
         82:ee:0e:88:79:d2:9e:27:f2:dd:e8:3a:a1:6e:56:81:3c:91:
         51:32:a5:35:1c:f4:0a:67:04:ba:57:5d:b9:b7:a0:5d:87:5d:
         9a:f2:fb:97:00:4e:b6:2e:56:3d:ad:27:40:96:67:ff:5b:a4:
         7a:ab:b7:17:10:04:02:e5:7e:20:49:fd:d8:d9:e6:01:a8:92:
         69:58:8d:5f:03:d4:3c:53:f1:e7:5b:3c:07:d5:d7:d4:0b:a7:
         04:ed:93:bd:41:66:71:ce:5b:2b:c5:d9:75:73:7c:5c:52:28:
         f6:fd:a3:8d:c1:db:8f:c0:79:ba:d7:09:c6:1d:4b:18:fc:70:
         33:ac:4e:0c:b8:bc:d2:39:3d:36:49:e7:a9:95:bf:d4:92:db:
         df:95:d3:f9:6b:34:a7:ab:f8:41:c5:22:77:eb:19:0f:a9:33:
         0f:09:ea:97:3a:94:81:d6:73:5d:72:2a:b1:5e:10:0d:6d:9c:
         af:49:a2:0e:de:67:f7:6e:9f:9a:9c:91:e2:eb:36:28:e7:47:
         7f:33:01:9b:4e:4a:37:34:fa:ef:d9:f5:21:d4:18:db:01:a1:
         5f:61:3c:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM7UeYVWE060FCXilraQz/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjIwOTE0MDkyNjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkyOGJiMGE1NmMzMmMxODI5MjZkZmFhMzM3NGFlY2ZlOGEzNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+2xhbOWUGIChhtEhrWpDHvF+XGm
/B4H5uS9hL6Ni86ANnv80BmwLECz7KfA3OYpmeKwqbNbkOPPQdNzh28O67yts70z
AsLg+h+y3q45nR/HlXlcnBBaKaB6SCgPs+t4SrBiQrS9v36Eww+BxJnhnPX/1UiS
SXd0CtPNYR7RvRGxk8+QweCT//eGz+89PWYZVuVS7elkd+SLIqGb6NRwTEezhQY3
L53CDwD1wCPzDNtcu7/sqi6CWy4ZvXwQKu+AGK2sk+AJMML1Rmyn1z/8483aFhda
GM5wat43Lx5Mjk3B644jd8SW0X3Juza5x2JR8ryPc145AIl53iBdMjPTQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuSi7ClbDLBgpJt+qM3Suz+ijSqMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvdTVLTHNLVnNNc0dDa20zNm96ZEs3UDZLTktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX7WUMA0G
CSqGSIb3DQEBCwUAA4IBAQBXOwrMt9/tszvguPftqA6koLgydFHo1WKCDQE6sjoK
S51XGbOC7g6IedKeJ/Ld6DqhblaBPJFRMqU1HPQKZwS6V125t6Bdh12a8vuXAE62
LlY9rSdAlmf/W6R6q7cXEAQC5X4gSf3Y2eYBqJJpWI1fA9Q8U/HnWzwH1dfUC6cE
7ZO9QWZxzlsrxdl1c3xcUij2/aONwduPwHm61wnGHUsY/HAzrE4MuLzSOT02Seep
lb/UktvfldP5azSnq/hBxSJ36xkPqTMPCeqXOpSB1nNdciqxXhANbZyvSaIO3mf3
bp+anJHi6zYo50d/MwGbTko3NPrv2fUh1BjbAaFfYTxt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:35 2024 by rpki-client on console-ams.rpki-client.org