Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/ec592f-2434-4d1c-b775-99b9f33de3b0/1/zu6JKg6oInSj07QAxI5b0h4PhRg.roa
File:                     zu6JKg6oInSj07QAxI5b0h4PhRg.roa (raw, json)
Hash identifier:          PSJf+JN3hTeB+eyVgADS5S3Lc8VyPbJiC4z4m/ZVQ58=
Subject key identifier:   CE:EE:89:2A:0E:A8:22:74:A3:D3:B4:00:C4:8E:5B:D2:1E:0F:85:18
Certificate issuer:       /CN=36e1533c3ff94b18c308f1b1c95ba44eb1f0ec77
Certificate serial:       0572C3D3
Authority key identifier: 36:E1:53:3C:3F:F9:4B:18:C3:08:F1:B1:C9:5B:A4:4E:B1:F0:EC:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NuFTPD_5SxjDCPGxyVukTrHw7Hc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/ec592f-2434-4d1c-b775-99b9f33de3b0/1/zu6JKg6oInSj07QAxI5b0h4PhRg.roa
Signing time:             Sat 01 Jan 2022 16:06:53 +0000
ROA not before:           Sat 01 Jan 2022 16:06:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25460
IP address blocks:        88.214.36.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91407315 (0x572c3d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e1533c3ff94b18c308f1b1c95ba44eb1f0ec77
        Validity
            Not Before: Jan  1 16:06:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ceee892a0ea82274a3d3b400c48e5bd21e0f8518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e4:75:0c:2e:c1:40:f8:bf:a8:de:7d:19:94:
                    2c:6a:d9:dd:2e:dd:e2:15:74:95:b5:d9:a1:b0:a9:
                    0c:59:15:41:4e:2b:5e:1b:61:e3:9e:09:88:a1:47:
                    84:6f:8a:46:5b:a3:39:5a:48:d8:11:41:d5:3e:85:
                    da:bc:b7:e3:5d:05:07:fb:2f:14:78:cc:05:61:02:
                    f2:1d:6a:72:86:3e:e6:60:62:e3:55:6a:20:92:46:
                    31:74:8a:6b:d7:1b:57:31:ec:78:ae:7e:57:92:57:
                    29:7e:ac:dc:bb:e3:e2:8f:0f:b1:63:b6:37:37:50:
                    30:d5:52:5a:fe:e5:0c:6d:a5:7f:40:01:92:d8:54:
                    41:26:f2:7c:59:0c:3e:ce:36:07:2a:8c:0d:e2:bb:
                    fd:42:a4:ba:2a:64:3d:db:f0:5f:4e:ce:72:b8:42:
                    7b:0f:58:6e:29:5a:44:3f:18:20:be:03:c6:2b:dc:
                    3b:bd:98:2e:e4:af:59:d4:93:86:6a:c7:03:1c:58:
                    b1:73:3c:7f:50:89:58:04:8d:a7:f9:64:21:cc:c3:
                    92:a0:89:63:3c:a3:6a:d1:df:0a:35:75:ee:2e:4f:
                    3b:9e:e1:81:73:52:9c:0a:71:e3:80:45:12:43:25:
                    0f:18:b5:45:57:ed:d9:2d:7f:4d:dd:7c:9e:f6:cc:
                    dc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:EE:89:2A:0E:A8:22:74:A3:D3:B4:00:C4:8E:5B:D2:1E:0F:85:18
            X509v3 Authority Key Identifier:
                keyid:36:E1:53:3C:3F:F9:4B:18:C3:08:F1:B1:C9:5B:A4:4E:B1:F0:EC:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuFTPD_5SxjDCPGxyVukTrHw7Hc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ec592f-2434-4d1c-b775-99b9f33de3b0/1/zu6JKg6oInSj07QAxI5b0h4PhRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/ec592f-2434-4d1c-b775-99b9f33de3b0/1/NuFTPD_5SxjDCPGxyVukTrHw7Hc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.214.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:b9:a8:3d:2b:e7:2d:5a:aa:75:3c:24:7b:66:d3:f4:d6:42:
         41:1c:c0:b4:e4:02:2e:9d:74:30:fe:f0:55:44:c3:36:01:d0:
         51:e5:6a:b2:29:87:87:dd:e2:e3:ce:64:c2:2c:30:83:eb:08:
         41:1c:ba:10:2d:94:f7:c8:af:79:24:f2:13:0e:0e:37:b2:47:
         86:cc:50:b7:0b:4e:1c:c4:78:3c:cd:96:df:d7:a8:e9:f1:35:
         84:ed:21:a8:fb:07:2c:f7:71:7a:6f:0d:a5:0a:7b:1b:81:2b:
         0e:a7:a3:75:69:8f:80:40:e6:02:b0:a7:1b:f5:ef:28:f5:9a:
         3c:47:d0:71:35:ef:e7:22:88:18:01:5a:da:44:54:33:34:54:
         18:63:40:dc:f8:df:f3:f5:1a:e8:10:e1:8a:e8:6c:73:7a:42:
         d0:97:80:69:a8:dc:3c:92:41:20:46:10:37:53:d2:b4:11:33:
         34:24:12:2d:38:9b:aa:6e:ee:bb:8f:79:ec:8e:8b:06:08:46:
         cd:a3:c9:a5:a5:3c:16:3c:55:28:35:b1:75:30:45:25:5a:6d:
         40:9d:d4:6c:3b:71:2e:09:1d:00:09:39:2a:98:3c:5b:b8:fc:
         15:fb:29:b1:13:5d:05:4c:82:e2:b0:41:a6:8c:f9:61:cf:fd:
         f4:06:1a:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXLD0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmUxNTMzYzNmZjk0YjE4YzMwOGYxYjFjOTViYTQ0ZWIxZjBlYzc3MB4XDTIyMDEw
MTE2MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VlZTg5MmEwZWE4
MjI3NGEzZDNiNDAwYzQ4ZTViZDIxZTBmODUxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7kdQwuwUD4v6jefRmULGrZ3S7d4hV0lbXZobCpDFkVQU4r
Xhth454JiKFHhG+KRlujOVpI2BFB1T6F2ry3410FB/svFHjMBWEC8h1qcoY+5mBi
41VqIJJGMXSKa9cbVzHseK5+V5JXKX6s3Lvj4o8PsWO2NzdQMNVSWv7lDG2lf0AB
kthUQSbyfFkMPs42ByqMDeK7/UKkuipkPdvwX07OcrhCew9YbilaRD8YIL4Dxivc
O72YLuSvWdSThmrHAxxYsXM8f1CJWASNp/lkIczDkqCJYzyjatHfCjV17i5PO57h
gXNSnApx44BFEkMlDxi1RVft2S1/Td18nvbM3NcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTO7okqDqgidKPTtADEjlvSHg+FGDAfBgNVHSMEGDAWgBQ24VM8P/lLGMMI
8bHJW6ROsfDsdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L051RlRQRF81U3hqRENQR3h5VnVrVHJIdzdIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvZWM1OTJmLTI0MzQtNGQxYy1iNzc1LTk5YjlmMzNkZTNiMC8x
L3p1NkpLZzZvSW5TajA3UUF4STViMGg0UGhSZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
ZWM1OTJmLTI0MzQtNGQxYy1iNzc1LTk5YjlmMzNkZTNiMC8xL051RlRQRF81U3hq
RENQR3h5VnVrVHJIdzdIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAljWJDANBgkqhkiG9w0BAQsFAAOC
AQEAfbmoPSvnLVqqdTwke2bT9NZCQRzAtOQCLp10MP7wVUTDNgHQUeVqsimHh93i
485kwiwwg+sIQRy6EC2U98iveSTyEw4ON7JHhsxQtwtOHMR4PM2W39eo6fE1hO0h
qPsHLPdxem8NpQp7G4ErDqejdWmPgEDmArCnG/XvKPWaPEfQcTXv5yKIGAFa2kRU
MzRUGGNA3Pjf8/Ua6BDhiuhsc3pC0JeAaajcPJJBIEYQN1PStBEzNCQSLTibqm7u
u4957I6LBghGzaPJpaU8FjxVKDWxdTBFJVptQJ3UbDtxLgkdAAk5Kpg8W7j8Ffsp
sRNdBUyC4rBBpoz5Yc/99AYagQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:43 2024 by rpki-client on console-fra.rpki-client.org