Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/780d86-4ebd-4d6b-8d8f-0e41861beb2f/1/JU3sVV0NYS2j12z_ikFaBZX4AC0.roa
File:                     JU3sVV0NYS2j12z_ikFaBZX4AC0.roa (raw, json)
Hash identifier:          VW4rY89kH35RWsk+TVN6M/QmYiMeKyq8O9JChRXcIz0=
Subject key identifier:   25:4D:EC:55:5D:0D:61:2D:A3:D7:6C:FF:8A:41:5A:05:95:F8:00:2D
Certificate issuer:       /CN=b64b25cadc4c48166fa9bbd5de8671c220415b67
Certificate serial:       09067F32
Authority key identifier: B6:4B:25:CA:DC:4C:48:16:6F:A9:BB:D5:DE:86:71:C2:20:41:5B:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tkslytxMSBZvqbvV3oZxwiBBW2c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/780d86-4ebd-4d6b-8d8f-0e41861beb2f/1/JU3sVV0NYS2j12z_ikFaBZX4AC0.roa
Signing time:             Sat 01 Jan 2022 11:53:39 +0000
ROA not before:           Sat 01 Jan 2022 11:53:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39734
IP address blocks:        195.60.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151420722 (0x9067f32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b64b25cadc4c48166fa9bbd5de8671c220415b67
        Validity
            Not Before: Jan  1 11:53:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=254dec555d0d612da3d76cff8a415a0595f8002d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:96:84:da:08:50:b0:48:53:b0:73:d1:56:be:
                    cf:4a:a7:7c:52:76:3d:61:46:86:1d:0c:cf:c8:1c:
                    6d:61:a6:06:02:c4:b3:82:70:92:f7:36:b2:5b:46:
                    c5:f6:51:ec:51:71:92:84:4e:49:2f:04:69:58:2c:
                    f3:f4:74:30:50:7d:ca:0b:3c:63:cc:1e:ff:3f:b6:
                    97:67:cd:e6:ca:81:d9:7c:ad:25:29:39:47:a2:b3:
                    40:ef:97:78:a1:7f:f7:07:2d:6f:26:01:c2:7f:14:
                    1c:95:fc:a3:46:eb:7d:77:db:84:6a:d2:bb:2a:1d:
                    cf:05:92:d1:9a:55:1c:8f:74:ba:f1:55:e0:da:88:
                    40:9a:37:be:78:01:54:f2:8c:6b:1e:96:d5:23:41:
                    e3:f6:fb:57:38:6f:37:72:44:01:99:f1:72:3a:19:
                    db:b7:3b:84:a6:a7:87:4b:10:84:02:7d:25:34:5c:
                    04:ab:6a:1a:2b:57:95:32:01:65:9b:bc:03:4c:47:
                    6f:a8:cb:8e:50:0a:ce:5b:39:87:e4:88:69:26:5d:
                    bf:ad:9c:02:c9:89:0d:bd:4b:30:02:d7:2b:9a:ae:
                    6f:e1:7d:c0:e2:e6:35:17:5f:a0:74:4f:e9:d0:ad:
                    50:d1:f5:6c:79:14:05:00:90:d7:36:73:4d:28:7d:
                    26:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4D:EC:55:5D:0D:61:2D:A3:D7:6C:FF:8A:41:5A:05:95:F8:00:2D
            X509v3 Authority Key Identifier:
                keyid:B6:4B:25:CA:DC:4C:48:16:6F:A9:BB:D5:DE:86:71:C2:20:41:5B:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkslytxMSBZvqbvV3oZxwiBBW2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/780d86-4ebd-4d6b-8d8f-0e41861beb2f/1/JU3sVV0NYS2j12z_ikFaBZX4AC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/780d86-4ebd-4d6b-8d8f-0e41861beb2f/1/tkslytxMSBZvqbvV3oZxwiBBW2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.60.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:de:84:02:c8:07:a9:7d:e1:80:c6:25:07:2d:b4:13:92:58:
         c5:f3:50:0d:da:c9:37:e7:cc:a4:77:d1:15:a5:23:74:56:33:
         0f:fe:35:f2:fe:3d:71:8c:38:79:5f:b5:98:17:b9:0a:b3:12:
         68:24:5f:0f:45:aa:dc:ff:9c:35:4e:f8:f8:a3:90:d9:b0:54:
         25:3a:f1:18:2e:20:4e:42:6b:13:df:b0:c3:5f:bd:70:e2:54:
         38:26:68:d1:25:8f:2d:7d:13:6a:5d:77:a0:89:59:de:e9:14:
         f8:fe:b9:33:a4:80:94:24:80:fb:50:69:89:0c:0b:6c:31:2e:
         7b:96:fc:dd:9e:56:ec:f6:6d:80:73:bb:b9:a0:5f:21:3e:e4:
         45:dd:78:ef:d8:4e:ec:54:d2:0a:4e:0d:53:91:7f:5f:fa:54:
         af:be:0b:42:09:ad:be:ab:e2:f4:55:d5:47:1c:bf:72:78:3d:
         57:6f:de:9a:17:e1:24:0c:a7:06:cb:56:82:b5:15:21:a9:c9:
         39:a6:a0:c2:d2:44:6c:51:a0:e0:1b:84:c0:f6:7b:82:c1:85:
         de:22:51:7f:36:69:e9:2f:50:df:96:fa:42:5a:0d:46:c2:74:
         26:7c:c6:f6:77:51:a5:ac:19:2b:64:fb:19:59:22:40:d4:d3:
         6e:5d:53:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQZ/MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjRiMjVjYWRjNGM0ODE2NmZhOWJiZDVkZTg2NzFjMjIwNDE1YjY3MB4XDTIyMDEw
MTExNTMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU0ZGVjNTU1ZDBk
NjEyZGEzZDc2Y2ZmOGE0MTVhMDU5NWY4MDAyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGWhNoIULBIU7Bz0Va+z0qnfFJ2PWFGhh0Mz8gcbWGmBgLE
s4Jwkvc2sltGxfZR7FFxkoROSS8EaVgs8/R0MFB9ygs8Y8we/z+2l2fN5sqB2Xyt
JSk5R6KzQO+XeKF/9wctbyYBwn8UHJX8o0brfXfbhGrSuyodzwWS0ZpVHI90uvFV
4NqIQJo3vngBVPKMax6W1SNB4/b7VzhvN3JEAZnxcjoZ27c7hKanh0sQhAJ9JTRc
BKtqGitXlTIBZZu8A0xHb6jLjlAKzls5h+SIaSZdv62cAsmJDb1LMALXK5qub+F9
wOLmNRdfoHRP6dCtUNH1bHkUBQCQ1zZzTSh9JuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlTexVXQ1hLaPXbP+KQVoFlfgALTAfBgNVHSMEGDAWgBS2SyXK3ExIFm+p
u9XehnHCIEFbZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Rrc2x5dHhNU0JadnFidlYzb1p4d2lCQlcyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNzgwZDg2LTRlYmQtNGQ2Yi04ZDhmLTBlNDE4NjFiZWIyZi8x
L0pVM3NWVjBOWVMyajEyel9pa0ZhQlpYNEFDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NzgwZDg2LTRlYmQtNGQ2Yi04ZDhmLTBlNDE4NjFiZWIyZi8xL3Rrc2x5dHhNU0Ja
dnFidlYzb1p4d2lCQlcyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMM8SzANBgkqhkiG9w0BAQsFAAOC
AQEAk96EAsgHqX3hgMYlBy20E5JYxfNQDdrJN+fMpHfRFaUjdFYzD/418v49cYw4
eV+1mBe5CrMSaCRfD0Wq3P+cNU74+KOQ2bBUJTrxGC4gTkJrE9+ww1+9cOJUOCZo
0SWPLX0Tal13oIlZ3ukU+P65M6SAlCSA+1BpiQwLbDEue5b83Z5W7PZtgHO7uaBf
IT7kRd1479hO7FTSCk4NU5F/X/pUr74LQgmtvqvi9FXVRxy/cng9V2/emhfhJAyn
BstWgrUVIanJOaagwtJEbFGg4BuEwPZ7gsGF3iJRfzZp6S9Q35b6QloNRsJ0JnzG
9ndRpawZK2T7GVkiQNTTbl1T1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:45 2024 by rpki-client on console-fra.rpki-client.org