Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/Ubb8f17jemZvHriHXJRMTXbXUok.roa
File:                     Ubb8f17jemZvHriHXJRMTXbXUok.roa (raw, json)
Hash identifier:          oi0wWPYUzneDwOsj7jKl3Peq/gmXcf92iOLvodqVxQY=
Subject key identifier:   51:B6:FC:7F:5E:E3:7A:66:6F:1E:B8:87:5C:94:4C:4D:76:D7:52:89
Certificate issuer:       /CN=33c5b0d7c0a9cd24b73cdcb92c8746e85a4a5b8f
Certificate serial:       018539D1E5534204E1213D4994AAC8D51A0F
Authority key identifier: 33:C5:B0:D7:C0:A9:CD:24:B7:3C:DC:B9:2C:87:46:E8:5A:4A:5B:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M8Ww18CpzSS3PNy5LIdG6FpKW48.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/Ubb8f17jemZvHriHXJRMTXbXUok.roa
Signing time:             Thu 22 Dec 2022 12:32:15 +0000
ROA not before:           Thu 22 Dec 2022 12:32:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396073
IP address blocks:        195.149.107.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:39:d1:e5:53:42:04:e1:21:3d:49:94:aa:c8:d5:1a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33c5b0d7c0a9cd24b73cdcb92c8746e85a4a5b8f
        Validity
            Not Before: Dec 22 12:32:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51b6fc7f5ee37a666f1eb8875c944c4d76d75289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:08:2f:e1:6c:2a:cf:13:fd:2a:53:d5:3d:35:
                    46:80:08:6f:04:fe:9a:0d:2e:ef:d2:c1:97:d7:2a:
                    06:b8:e1:a5:a6:bf:cb:8c:1d:78:71:b5:75:77:49:
                    4d:cd:ff:f8:d9:57:50:8c:b6:b7:e5:49:fc:23:70:
                    e6:0f:0e:87:cf:3f:a7:5e:2c:36:5c:75:d4:d3:b6:
                    c4:3e:5b:f7:b1:c3:55:9e:32:28:b6:4e:2f:20:28:
                    1c:9e:37:6d:35:23:3d:92:ad:da:89:67:b4:4c:ea:
                    90:8d:ee:f1:9a:3d:80:92:dc:f2:1f:ed:47:de:c9:
                    2d:55:a4:95:22:22:af:6e:e9:ba:31:0e:a5:c7:db:
                    79:80:94:88:61:fd:9e:4e:ce:52:40:ab:20:4a:c5:
                    a8:f2:bd:e9:b5:90:2e:39:69:1d:c7:83:88:28:59:
                    80:71:7d:23:0e:f1:5b:81:ea:ec:c6:37:c2:e7:3c:
                    21:d3:73:b6:c6:09:98:cd:a8:43:c1:6f:86:28:c5:
                    84:66:b9:dc:a0:01:59:37:6a:37:03:86:e2:b8:f2:
                    ac:46:53:22:21:7a:72:b1:45:f2:df:9c:4b:79:07:
                    31:f0:89:24:f8:3f:8f:ee:6d:2c:40:49:e2:8d:52:
                    e5:28:38:cd:56:a4:bf:80:39:49:7f:cc:e7:37:8c:
                    91:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B6:FC:7F:5E:E3:7A:66:6F:1E:B8:87:5C:94:4C:4D:76:D7:52:89
            X509v3 Authority Key Identifier:
                keyid:33:C5:B0:D7:C0:A9:CD:24:B7:3C:DC:B9:2C:87:46:E8:5A:4A:5B:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8Ww18CpzSS3PNy5LIdG6FpKW48.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/Ubb8f17jemZvHriHXJRMTXbXUok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/M8Ww18CpzSS3PNy5LIdG6FpKW48.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.149.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:19:5a:b1:c7:f3:5d:71:05:c6:6a:71:ff:88:bf:1f:c7:51:
         36:2f:f7:a8:fa:6e:c9:bc:f8:95:b1:d6:0e:37:5f:0f:7c:77:
         c6:12:87:5f:63:4e:0f:56:5b:fd:93:92:14:85:4c:e8:f7:c4:
         4d:36:0c:c0:ab:ff:8d:13:d0:d6:aa:d0:66:48:32:51:cb:60:
         c5:48:45:ab:94:f2:0a:b9:c3:c0:45:aa:a3:f9:e4:80:2d:73:
         7d:7e:f3:69:d3:be:64:ac:9a:f0:79:75:83:ac:7a:5a:ac:1c:
         2f:7f:58:32:0b:df:6b:1d:ee:e6:28:74:ef:a6:22:2d:d1:2c:
         c2:a0:ff:b7:81:2c:3c:45:41:f3:9f:a2:6b:6f:ad:8e:09:95:
         c9:2f:69:54:a2:0c:b1:86:94:80:5e:60:12:d9:6c:72:eb:fb:
         61:b0:42:e5:96:b8:78:7d:bc:f6:ee:21:48:89:40:26:b3:f6:
         5a:32:06:e0:b6:31:92:3e:66:9d:e1:00:d2:04:df:24:d0:7a:
         77:ae:c2:bc:66:49:d6:17:35:50:43:2f:19:26:01:ee:4f:d8:
         a2:23:ec:22:31:eb:9e:32:a3:db:d7:6e:64:08:48:e3:9c:2f:
         25:33:de:74:97:a3:cd:15:64:2c:02:1e:26:7c:80:2c:77:90:
         75:8a:94:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU50eVTQgThIT1JlKrI1RoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzViMGQ3YzBhOWNkMjRiNzNjZGNiOTJjODc0NmU4NWE0
YTViOGYwHhcNMjIxMjIyMTIzMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWI2ZmM3ZjVlZTM3YTY2NmYxZWI4ODc1Yzk0NGM0ZDc2ZDc1Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAgv4WwqzxP9KlPVPTVGgAhvBP6a
DS7v0sGX1yoGuOGlpr/LjB14cbV1d0lNzf/42VdQjLa35Un8I3DmDw6Hzz+nXiw2
XHXU07bEPlv3scNVnjIotk4vICgcnjdtNSM9kq3aiWe0TOqQje7xmj2AktzyH+1H
3sktVaSVIiKvbum6MQ6lx9t5gJSIYf2eTs5SQKsgSsWo8r3ptZAuOWkdx4OIKFmA
cX0jDvFbgersxjfC5zwh03O2xgmYzahDwW+GKMWEZrncoAFZN2o3A4biuPKsRlMi
IXpysUXy35xLeQcx8Ikk+D+P7m0sQEnijVLlKDjNVqS/gDlJf8znN4yRDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFG2/H9e43pmbx64h1yUTE1211KJMB8GA1UdIwQY
MBaAFDPFsNfAqc0ktzzcuSyHRuhaSluPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThXdzE4Q3B6U1MzUE55NUxJZEc2RnBLVzQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8yNTgxZjQtODQxMC00YTQzLTkxODYt
MGZhYjIyNjllYThlLzEvVWJiOGYxN2plbVp2SHJpSFhKUk1UWGJYVW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8yNTgxZjQtODQxMC00YTQzLTkxODYtMGZhYjIyNjllYThl
LzEvTThXdzE4Q3B6U1MzUE55NUxJZEc2RnBLVzQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VrMA0G
CSqGSIb3DQEBCwUAA4IBAQCpGVqxx/NdcQXGanH/iL8fx1E2L/eo+m7JvPiVsdYO
N18PfHfGEodfY04PVlv9k5IUhUzo98RNNgzAq/+NE9DWqtBmSDJRy2DFSEWrlPIK
ucPARaqj+eSALXN9fvNp075krJrweXWDrHparBwvf1gyC99rHe7mKHTvpiIt0SzC
oP+3gSw8RUHzn6Jrb62OCZXJL2lUogyxhpSAXmAS2Wxy6/thsELllrh4fbz27iFI
iUAms/ZaMgbgtjGSPmad4QDSBN8k0Hp3rsK8ZknWFzVQQy8ZJgHuT9iiI+wiMeue
MqPb125kCEjjnC8lM950l6PNFWQsAh4mfIAsd5B1ipSk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:53 2024 by rpki-client on console-ams.rpki-client.org