Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/SSChl8PchOqVChiJVsdfvztWpf4.roa
File:                     SSChl8PchOqVChiJVsdfvztWpf4.roa (raw, json)
Hash identifier:          0yozbOdw+wJ78/zoJG+Ozzb16NxBYlkT/15H0BDEKSU=
Subject key identifier:   49:20:A1:97:C3:DC:84:EA:95:0A:18:89:56:C7:5F:BF:3B:56:A5:FE
Certificate issuer:       /CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
Certificate serial:       0350076C
Authority key identifier: 1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/SSChl8PchOqVChiJVsdfvztWpf4.roa
Signing time:             Sat 01 Jan 2022 03:57:47 +0000
ROA not before:           Sat 01 Jan 2022 03:57:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29549
IP address blocks:        195.177.206.0/24 maxlen: 24
                          195.177.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55576428 (0x350076c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
        Validity
            Not Before: Jan  1 03:57:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4920a197c3dc84ea950a188956c75fbf3b56a5fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:92:90:ec:f3:c4:a4:cf:41:c7:58:c2:7c:19:
                    c1:f7:94:10:75:e0:ab:52:d9:96:3f:8e:4e:cc:61:
                    57:a5:5b:eb:a5:d5:cc:9f:90:aa:34:a9:6f:e8:61:
                    47:36:e7:04:2f:2a:04:b3:99:34:bd:20:71:a8:32:
                    97:58:5b:d8:87:e5:94:cc:94:6e:83:78:40:16:36:
                    8c:12:c6:f6:b0:d3:ed:8f:c2:24:c7:bc:f3:8f:d2:
                    7b:c4:da:61:d1:e7:df:dc:05:8d:c8:e7:c9:55:63:
                    38:61:2d:9a:6d:3d:bc:42:63:57:e6:0e:9d:cf:7b:
                    61:a9:4c:91:41:56:4c:d3:54:b3:9b:ab:71:06:d9:
                    1d:b6:06:10:14:fd:9c:bc:65:bb:86:41:c0:99:0d:
                    0d:6b:1e:ba:c2:b6:d0:cf:89:66:7c:d9:b3:02:50:
                    73:ec:3d:ca:1c:a6:a4:3e:69:87:d2:be:39:44:c9:
                    75:58:c1:3c:70:9f:67:ef:8c:15:0d:77:e9:1a:0c:
                    23:4d:c3:9f:63:68:96:77:46:98:09:c8:15:3a:d4:
                    00:b1:07:41:99:b7:7c:d6:59:1d:1c:08:4d:f3:30:
                    fb:72:d0:0b:22:4a:10:9d:41:43:4e:04:3c:b8:41:
                    7d:02:82:b8:a3:0e:09:55:6b:38:99:47:c5:f3:a6:
                    24:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:20:A1:97:C3:DC:84:EA:95:0A:18:89:56:C7:5F:BF:3B:56:A5:FE
            X509v3 Authority Key Identifier:
                keyid:1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/SSChl8PchOqVChiJVsdfvztWpf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/G28HR08S96M-XCG8L_uwdaF70T8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.177.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:8f:a7:05:68:aa:fe:69:45:40:98:59:b2:47:a5:c5:4d:16:
         76:70:8b:fc:d9:ee:a0:17:66:80:05:ed:d2:0a:18:ab:7a:78:
         ca:f8:5d:a5:f2:fe:9e:58:c0:83:5c:5d:9e:be:e8:9b:7d:08:
         bf:64:1f:3c:a9:81:dd:3d:7a:72:f4:cf:fb:2b:8b:28:48:00:
         15:fb:f8:20:b2:b7:7d:ae:8a:b4:9e:ab:55:f8:88:be:c0:f5:
         f9:91:db:ce:03:51:35:e9:95:f0:7d:f4:5c:29:62:bc:2a:77:
         00:62:c0:f9:ea:b2:e5:15:cb:b4:46:23:53:c1:f1:ba:1b:74:
         de:71:8b:d2:20:6d:78:d1:65:61:4f:1c:25:04:55:d3:22:19:
         89:e8:8d:10:24:6e:76:40:6e:43:44:73:1c:bb:5c:e0:64:cd:
         64:4a:d9:e9:58:23:43:20:17:1a:34:2e:2b:4c:77:46:8e:9f:
         a1:a9:0c:24:ad:29:73:3a:d5:09:7a:3e:97:a2:27:2f:cc:69:
         be:58:66:9d:2d:26:cb:67:05:8c:33:df:e2:63:42:3d:f7:34:
         c0:79:8c:25:15:2c:cb:ca:f6:3f:af:20:02:72:f6:ad:74:1b:
         26:81:d0:3d:86:8e:2f:c4:ff:84:c8:84:5b:98:a6:1a:61:3a:
         e7:7e:73:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1AHbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjZmMDc0NzRmMTJmN2EzM2U1YzIxYmMyZmZiYjA3NWExN2JkMTNmMB4XDTIyMDEw
MTAzNTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkyMGExOTdjM2Rj
ODRlYTk1MGExODg5NTZjNzVmYmYzYjU2YTVmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiSkOzzxKTPQcdYwnwZwfeUEHXgq1LZlj+OTsxhV6Vb66XV
zJ+QqjSpb+hhRzbnBC8qBLOZNL0gcagyl1hb2IfllMyUboN4QBY2jBLG9rDT7Y/C
JMe884/Se8TaYdHn39wFjcjnyVVjOGEtmm09vEJjV+YOnc97YalMkUFWTNNUs5ur
cQbZHbYGEBT9nLxlu4ZBwJkNDWseusK20M+JZnzZswJQc+w9yhympD5ph9K+OUTJ
dVjBPHCfZ++MFQ136RoMI03Dn2NolndGmAnIFTrUALEHQZm3fNZZHRwITfMw+3LQ
CyJKEJ1BQ04EPLhBfQKCuKMOCVVrOJlHxfOmJIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRJIKGXw9yE6pUKGIlWx1+/O1al/jAfBgNVHSMEGDAWgBQbbwdHTxL3oz5c
Ibwv+7B1oXvRPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0cyOEhSMDhTOTZNLVhDRzhMX3V3ZGFGNzBUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvNjU1MDA2LTYyNzUtNGQyNC1iM2RiLTAyYzQ3YjllYTQ5ZC8x
L1NTQ2hsOFBjaE9xVkNoaUpWc2Rmdnp0V3BmNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
NjU1MDA2LTYyNzUtNGQyNC1iM2RiLTAyYzQ3YjllYTQ5ZC8xL0cyOEhSMDhTOTZN
LVhDRzhMX3V3ZGFGNzBUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcOxzjANBgkqhkiG9w0BAQsFAAOC
AQEAFo+nBWiq/mlFQJhZskelxU0WdnCL/NnuoBdmgAXt0goYq3p4yvhdpfL+nljA
g1xdnr7om30Iv2QfPKmB3T16cvTP+yuLKEgAFfv4ILK3fa6KtJ6rVfiIvsD1+ZHb
zgNRNemV8H30XClivCp3AGLA+eqy5RXLtEYjU8Hxuht03nGL0iBteNFlYU8cJQRV
0yIZieiNECRudkBuQ0RzHLtc4GTNZErZ6VgjQyAXGjQuK0x3Ro6foakMJK0pczrV
CXo+l6InL8xpvlhmnS0my2cFjDPf4mNCPfc0wHmMJRUsy8r2P68gAnL2rXQbJoHQ
PYaOL8T/hMiEW5imGmE6535zpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:02 2024 by rpki-client on console-ams.rpki-client.org