Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/MUYDOQ9ekNTFk8wUdItFRkuomF4.roa
File:                     MUYDOQ9ekNTFk8wUdItFRkuomF4.roa (raw, json)
Hash identifier:          o+mT4gR5vm7m0fP7vg7FusCck4Bimgf+qsAlZNBRhOQ=
Subject key identifier:   31:46:03:39:0F:5E:90:D4:C5:93:CC:14:74:8B:45:46:4B:A8:98:5E
Certificate issuer:       /CN=cced992030531e7e8b518aefd9e267cc528eda9a
Certificate serial:       012A9F70
Authority key identifier: CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/MUYDOQ9ekNTFk8wUdItFRkuomF4.roa
Signing time:             Tue 17 May 2022 15:39:29 +0000
ROA not before:           Tue 17 May 2022 15:39:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        195.170.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19570544 (0x12a9f70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cced992030531e7e8b518aefd9e267cc528eda9a
        Validity
            Not Before: May 17 15:39:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=314603390f5e90d4c593cc14748b45464ba8985e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3f:3c:ce:5b:7f:02:4a:bd:2c:7f:75:0c:ae:
                    35:47:c7:e7:1f:81:4d:ec:78:bc:8e:0c:84:45:54:
                    76:1c:22:c4:98:af:4b:9d:87:b5:65:07:67:19:ab:
                    3d:c9:f0:b8:44:b2:bd:24:dd:4d:61:0b:5a:9f:90:
                    79:ec:1e:1d:d0:78:0d:2d:db:96:2c:e8:f5:b6:1c:
                    39:ff:46:7a:19:a9:a7:8e:55:d0:ea:0a:a2:6e:00:
                    e0:d6:8b:20:26:b2:63:17:b9:7c:8e:bf:1a:49:4e:
                    27:9a:3d:ac:ad:62:00:e5:ab:e5:dd:59:34:4e:f0:
                    79:fc:01:af:4b:76:1c:27:a0:46:b7:56:07:70:f9:
                    7a:9d:65:39:7a:2f:72:65:50:7b:98:08:27:44:25:
                    fa:19:3d:d9:34:32:a3:b5:ee:c6:4c:5f:b3:d6:6a:
                    6c:d5:ec:e7:74:da:52:a6:ea:fe:96:4b:d3:19:bb:
                    18:29:76:e8:19:ba:6d:35:10:6c:cf:e9:df:b5:7e:
                    65:10:6a:2d:e6:dd:28:37:05:ef:3e:27:ee:f0:31:
                    1c:38:78:57:d0:27:20:2c:5e:60:ac:79:82:ad:fc:
                    73:7a:25:48:a6:b4:9a:f8:05:4b:bb:b4:eb:78:8d:
                    39:47:62:47:86:b8:72:b1:b3:35:83:1c:8c:74:f0:
                    21:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:46:03:39:0F:5E:90:D4:C5:93:CC:14:74:8B:45:46:4B:A8:98:5E
            X509v3 Authority Key Identifier:
                keyid:CC:ED:99:20:30:53:1E:7E:8B:51:8A:EF:D9:E2:67:CC:52:8E:DA:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO2ZIDBTHn6LUYrv2eJnzFKO2po.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/MUYDOQ9ekNTFk8wUdItFRkuomF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a05e77-f301-4125-9118-e4d1f0a27b21/1/zO2ZIDBTHn6LUYrv2eJnzFKO2po.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:81:e9:c9:c7:be:67:3f:f5:df:d2:d2:5c:ea:63:70:75:e4:
         30:35:17:1f:bd:7f:3c:cb:36:89:18:94:09:33:07:bc:f8:85:
         1c:5d:77:e7:32:70:b2:6a:b2:17:39:7a:9e:43:03:ea:fa:63:
         e9:22:1f:36:2e:ca:a3:6b:ac:30:b5:e0:99:4b:32:73:86:d0:
         7f:f7:cf:11:e3:c1:54:24:53:30:2a:5f:cb:9a:88:95:78:50:
         0c:6f:10:01:b0:73:21:b5:99:0f:17:49:9a:46:a8:b6:23:35:
         76:b2:32:56:e3:86:d5:8b:d8:9c:9e:6d:3b:e6:ae:0d:af:9a:
         70:1b:04:88:8f:58:c1:0e:36:ab:2e:2a:fe:86:16:44:4e:a3:
         ee:ea:b5:f5:7a:91:78:77:db:e3:39:63:fe:3d:72:76:25:bc:
         19:4e:a0:70:5e:57:ba:ce:ac:f7:a2:3e:a6:3c:1a:15:2a:4b:
         54:7a:f4:b4:44:ee:fb:41:18:c9:d0:cc:be:cc:ed:17:11:f9:
         7f:39:92:35:81:76:45:62:af:93:41:ea:a4:53:3f:d8:ec:7d:
         c2:c5:18:90:ca:4f:6a:2d:12:17:6f:2e:1b:a2:ea:d8:d9:23:
         02:95:e7:2e:16:72:89:16:79:dc:3d:92:cf:b1:1d:5c:8f:ec:
         72:bf:66:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASqfcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2VkOTkyMDMwNTMxZTdlOGI1MThhZWZkOWUyNjdjYzUyOGVkYTlhMB4XDTIyMDUx
NzE1MzkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE0NjAzMzkwZjVl
OTBkNGM1OTNjYzE0NzQ4YjQ1NDY0YmE4OTg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY/PM5bfwJKvSx/dQyuNUfH5x+BTex4vI4MhEVUdhwixJiv
S52HtWUHZxmrPcnwuESyvSTdTWELWp+QeeweHdB4DS3blizo9bYcOf9Gehmpp45V
0OoKom4A4NaLICayYxe5fI6/GklOJ5o9rK1iAOWr5d1ZNE7wefwBr0t2HCegRrdW
B3D5ep1lOXovcmVQe5gIJ0Ql+hk92TQyo7Xuxkxfs9ZqbNXs53TaUqbq/pZL0xm7
GCl26Bm6bTUQbM/p37V+ZRBqLebdKDcF7z4n7vAxHDh4V9AnICxeYKx5gq38c3ol
SKa0mvgFS7u063iNOUdiR4a4crGzNYMcjHTwIYUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxRgM5D16Q1MWTzBR0i0VGS6iYXjAfBgNVHSMEGDAWgBTM7ZkgMFMefotR
iu/Z4mfMUo7amjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pPMlpJREJUSG42TFVZcnYyZUpuekZLTzJwby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvYTA1ZTc3LWYzMDEtNDEyNS05MTE4LWU0ZDFmMGEyN2IyMS8x
L01VWURPUTlla05URms4d1VkSXRGUmt1b21GNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
YTA1ZTc3LWYzMDEtNDEyNS05MTE4LWU0ZDFmMGEyN2IyMS8xL3pPMlpJREJUSG42
TFVZcnYyZUpuekZLTzJwby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOqozANBgkqhkiG9w0BAQsFAAOC
AQEAhYHpyce+Zz/139LSXOpjcHXkMDUXH71/PMs2iRiUCTMHvPiFHF135zJwsmqy
Fzl6nkMD6vpj6SIfNi7Ko2usMLXgmUsyc4bQf/fPEePBVCRTMCpfy5qIlXhQDG8Q
AbBzIbWZDxdJmkaotiM1drIyVuOG1YvYnJ5tO+auDa+acBsEiI9YwQ42qy4q/oYW
RE6j7uq19XqReHfb4zlj/j1ydiW8GU6gcF5Xus6s96I+pjwaFSpLVHr0tETu+0EY
ydDMvsztFxH5fzmSNYF2RWKvk0HqpFM/2Ox9wsUYkMpPai0SF28uG6Lq2NkjApXn
LhZyiRZ53D2Sz7EdXI/scr9m1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:47 2024 by rpki-client on console-ams.rpki-client.org