Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/0SlkOpzUo3KrbDOXYjvHm9Xsh_I.roa
File:                     0SlkOpzUo3KrbDOXYjvHm9Xsh_I.roa (raw, json)
Hash identifier:          KZa9+69uCxWWIr2nm0DyDIYZ0lbcljOVx30GVkTCO8A=
Subject key identifier:   D1:29:64:3A:9C:D4:A3:72:AB:6C:33:97:62:3B:C7:9B:D5:EC:87:F2
Certificate issuer:       /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial:       08119550
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/0SlkOpzUo3KrbDOXYjvHm9Xsh_I.roa
Signing time:             Sat 01 Jan 2022 13:01:20 +0000
ROA not before:           Sat 01 Jan 2022 13:01:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205595
IP address blocks:        37.228.95.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135370064 (0x8119550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
        Validity
            Not Before: Jan  1 13:01:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d129643a9cd4a372ab6c3397623bc79bd5ec87f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ff:df:5a:bb:f8:86:9d:63:4d:52:b7:8c:af:
                    78:42:8a:2e:aa:69:45:d4:15:fd:19:be:da:f1:91:
                    6a:e1:66:63:26:9b:4a:4a:56:92:1f:fc:52:58:93:
                    1a:5e:10:52:2b:a0:51:98:a1:f9:4d:52:0e:ab:5b:
                    08:50:f6:c2:14:59:1d:9c:a5:19:74:5e:c3:cc:92:
                    9b:29:5a:62:a1:e6:ac:eb:1b:27:76:ce:56:cc:8e:
                    92:6f:5a:71:3d:87:6f:cf:37:68:4b:9b:3d:0f:a1:
                    41:e1:36:a0:0b:2e:5d:7f:99:87:7d:f5:88:2f:04:
                    ae:70:e0:a4:a4:25:4a:f0:8d:e7:a4:43:3f:dd:1e:
                    b8:37:c3:d9:54:3a:5e:01:f6:be:f1:a5:18:47:09:
                    40:f3:bd:69:73:1b:b3:58:12:0a:20:18:d9:fc:e6:
                    13:52:7b:f6:4c:7f:c5:e6:e0:9d:61:99:a8:e1:9e:
                    8a:65:80:91:44:e2:54:03:61:e8:0a:ca:ae:b9:80:
                    97:d6:dd:17:9d:ca:22:b1:78:30:3e:29:50:6e:1a:
                    bd:13:e3:56:d0:77:7b:b4:41:8d:d2:ca:07:ca:42:
                    3f:52:e8:22:00:a0:63:6e:41:6d:d9:44:89:dd:66:
                    ba:ed:b6:05:eb:9c:43:e1:f2:47:64:30:fe:a0:4d:
                    f1:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:29:64:3A:9C:D4:A3:72:AB:6C:33:97:62:3B:C7:9B:D5:EC:87:F2
            X509v3 Authority Key Identifier:
                keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/0SlkOpzUo3KrbDOXYjvHm9Xsh_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.228.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:70:4e:a9:3d:a8:0b:3f:8d:35:9c:45:77:08:ab:40:d0:81:
         ae:93:34:18:b0:ad:69:84:7c:cd:8f:5c:1a:df:b0:3c:4a:a0:
         3d:3e:bd:ee:93:d4:60:fd:e4:49:b4:75:a5:03:70:9d:a3:a2:
         5e:ca:0f:35:99:63:4e:6b:5e:93:7a:fe:41:6a:d0:5a:9c:8a:
         54:a0:6a:a4:30:15:f5:8f:11:16:0f:18:92:74:03:08:77:86:
         f0:fc:6f:67:67:ba:87:5b:91:ca:26:a9:7d:4e:a0:27:5b:f5:
         9c:fb:61:24:20:77:9a:72:3e:3f:d7:bc:e1:5f:90:93:06:67:
         08:8f:af:35:f2:55:6c:d7:9c:7f:85:c0:3d:f5:43:9a:79:63:
         18:38:95:9d:40:c7:e2:5b:4d:58:17:8c:fa:fb:3d:f3:3f:86:
         14:c3:bf:5e:08:bc:a9:4e:31:dc:12:ca:17:7c:cf:26:29:49:
         eb:ea:82:f6:85:a5:b4:d5:de:00:0b:dc:7f:03:c5:ee:21:10:
         d4:d8:f2:18:ef:f9:2d:2a:b0:f0:4c:bb:20:b4:5f:43:ca:70:
         8a:43:27:df:77:ad:fd:d3:54:32:50:65:66:7c:c3:d2:3e:da:
         c2:5d:e8:06:8c:90:2c:b3:cc:ce:cb:d3:b0:19:66:5c:1c:e0:
         a1:4c:d7:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBGVUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODkxYzQ0ODg2OTllNmQwMjRlMzljYzRkNjFlZWVhYmQzODAxMGZhMB4XDTIyMDEw
MTEzMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEyOTY0M2E5Y2Q0
YTM3MmFiNmMzMzk3NjIzYmM3OWJkNWVjODdmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK//31q7+IadY01St4yveEKKLqppRdQV/Rm+2vGRauFmYyab
SkpWkh/8UliTGl4QUiugUZih+U1SDqtbCFD2whRZHZylGXRew8ySmylaYqHmrOsb
J3bOVsyOkm9acT2Hb883aEubPQ+hQeE2oAsuXX+Zh331iC8ErnDgpKQlSvCN56RD
P90euDfD2VQ6XgH2vvGlGEcJQPO9aXMbs1gSCiAY2fzmE1J79kx/xebgnWGZqOGe
imWAkUTiVANh6ArKrrmAl9bdF53KIrF4MD4pUG4avRPjVtB3e7RBjdLKB8pCP1Lo
IgCgY25BbdlEid1muu22BeucQ+HyR2Qw/qBN8eMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRKWQ6nNSjcqtsM5diO8eb1eyH8jAfBgNVHSMEGDAWgBSYkcRIhpnm0CTj
nMTWHu6r04AQ+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21KSEVTSWFaNXRBazQ1ekUxaDd1cTlPQUVQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8x
LzBTbGtPcHpVbzNLcmJET1hZanZIbTlYc2hfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8xL21KSEVTSWFaNXRB
azQ1ekUxaDd1cTlPQUVQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACXkXzANBgkqhkiG9w0BAQsFAAOC
AQEAm3BOqT2oCz+NNZxFdwirQNCBrpM0GLCtaYR8zY9cGt+wPEqgPT697pPUYP3k
SbR1pQNwnaOiXsoPNZljTmtek3r+QWrQWpyKVKBqpDAV9Y8RFg8YknQDCHeG8Pxv
Z2e6h1uRyiapfU6gJ1v1nPthJCB3mnI+P9e84V+QkwZnCI+vNfJVbNecf4XAPfVD
mnljGDiVnUDH4ltNWBeM+vs98z+GFMO/Xgi8qU4x3BLKF3zPJilJ6+qC9oWltNXe
AAvcfwPF7iEQ1NjyGO/5LSqw8Ey7ILRfQ8pwikMn33et/dNUMlBlZnzD0j7awl3o
BoyQLLPMzsvTsBlmXBzgoUzXKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:32 2024 by rpki-client on console-fra.rpki-client.org