Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/0-pUWy8w0EDIwjgVY3Pg5YIXjsY.roa
File:                     0-pUWy8w0EDIwjgVY3Pg5YIXjsY.roa (raw, json)
Hash identifier:          J75iqEvCLhL/C2C+auCBZwYHgJ0KETQXf+Yipu4yl7U=
Subject key identifier:   D3:EA:54:5B:2F:30:D0:40:C8:C2:38:15:63:73:E0:E5:82:17:8E:C6
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01853EE743F4B874C92C21C3BEB23AC74A2A
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/0-pUWy8w0EDIwjgVY3Pg5YIXjsY.roa
Signing time:             Fri 23 Dec 2022 12:13:41 +0000
ROA not before:           Fri 23 Dec 2022 12:13:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12685
IP address blocks:        185.95.231.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3e:e7:43:f4:b8:74:c9:2c:21:c3:be:b2:3a:c7:4a:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Dec 23 12:13:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3ea545b2f30d040c8c238156373e0e582178ec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cc:d8:f9:08:b3:83:37:dc:9e:60:d6:f8:fe:
                    93:b4:02:10:84:c6:38:e5:73:9f:3e:78:a9:e2:d6:
                    de:0a:4f:c4:9b:7a:b8:26:3b:4b:7c:6b:e2:f1:f8:
                    32:85:b3:f0:7b:85:5c:38:4e:81:6d:04:64:c3:61:
                    f8:57:e0:bd:1f:c8:0e:34:3a:3d:5c:3d:b4:9a:74:
                    b6:1e:02:b8:47:c3:65:6c:3e:f8:35:d9:7d:b2:df:
                    98:91:b3:4b:b1:55:3f:cf:74:72:77:a3:c5:f1:63:
                    2a:8f:66:4b:c2:ec:b8:e0:97:1a:71:6b:d2:bb:3f:
                    64:5b:ea:34:62:75:2f:24:5f:f0:fd:80:0c:0c:41:
                    11:33:a5:13:6c:f9:54:54:c0:26:aa:11:ec:c0:29:
                    ab:6b:f3:d4:4a:24:d6:dd:ac:e6:ea:cd:e0:a6:ae:
                    f6:1c:34:b7:02:d5:fa:dd:28:46:6e:dc:eb:8c:6a:
                    f9:c8:04:e1:73:2a:19:92:46:ae:92:0c:00:29:a2:
                    02:ff:6f:7a:c3:25:bd:40:57:ec:3c:9e:74:04:1f:
                    7b:af:c9:69:f9:ef:d0:38:17:e1:a7:18:c7:a1:d6:
                    62:b1:15:64:f5:11:ca:b4:c2:c4:12:e9:4d:a9:59:
                    23:72:0b:7f:0f:c5:f5:03:33:c7:7e:f8:84:6b:2d:
                    e8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:EA:54:5B:2F:30:D0:40:C8:C2:38:15:63:73:E0:E5:82:17:8E:C6
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/0-pUWy8w0EDIwjgVY3Pg5YIXjsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:08:fe:ed:38:e3:43:5c:97:45:57:21:f2:b8:65:97:24:f4:
         96:07:94:c1:ec:e5:3f:4d:8d:83:a3:5a:b6:a3:2e:ce:4e:ca:
         a5:ed:8a:8c:d2:a0:1f:5b:99:c3:11:2b:ca:85:e4:db:27:ed:
         c7:5b:45:d1:cc:14:08:9a:fe:a5:ff:c2:42:ea:01:18:6c:3f:
         04:6e:4e:c7:dc:dd:4f:4b:ab:97:61:a9:7c:c1:10:58:6e:e0:
         59:7a:12:29:f4:6a:81:e2:de:d1:95:03:88:12:38:8f:c6:e0:
         cc:34:9f:3c:8d:98:82:2f:11:1d:f4:4e:c6:c8:58:a5:be:26:
         2f:cd:03:f8:2a:a1:2a:87:bc:c0:3a:48:20:e6:a9:93:d1:b2:
         e2:2d:53:5c:47:d2:4c:e7:29:4b:c5:49:b7:7f:7c:24:75:9c:
         f7:78:03:94:ad:7b:5c:00:c5:69:fc:e1:44:d9:03:51:ec:43:
         ad:e1:15:96:5f:17:25:89:48:1e:d0:46:b7:cb:33:c6:64:f4:
         f5:04:b3:5b:74:60:03:0b:4d:09:92:26:95:45:25:99:e9:07:
         73:9d:53:d1:72:2e:7e:a3:cf:67:12:1a:58:99:1a:ec:53:2e:
         70:8d:2f:80:00:99:ae:d8:cc:2f:1a:b5:75:8d:e7:3b:1c:bf:
         f4:18:38:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU+50P0uHTJLCHDvrI6x0oqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIxMjIzMTIxMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VhNTQ1YjJmMzBkMDQwYzhjMjM4MTU2MzczZTBlNTgyMTc4ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuszY+QizgzfcnmDW+P6TtAIQhMY4
5XOfPnip4tbeCk/Em3q4JjtLfGvi8fgyhbPwe4VcOE6BbQRkw2H4V+C9H8gONDo9
XD20mnS2HgK4R8NlbD74Ndl9st+YkbNLsVU/z3Ryd6PF8WMqj2ZLwuy44JcacWvS
uz9kW+o0YnUvJF/w/YAMDEERM6UTbPlUVMAmqhHswCmra/PUSiTW3azm6s3gpq72
HDS3AtX63ShGbtzrjGr5yAThcyoZkkaukgwAKaIC/296wyW9QFfsPJ50BB97r8lp
+e/QOBfhpxjHodZisRVk9RHKtMLEEulNqVkjcgt/D8X1AzPHfviEay3onQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPqVFsvMNBAyMI4FWNz4OWCF47GMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMC1wVVd5OHcwRURJd2pnVlkzUGc1WUlYanNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV/nMA0G
CSqGSIb3DQEBCwUAA4IBAQCECP7tOONDXJdFVyHyuGWXJPSWB5TB7OU/TY2Do1q2
oy7OTsql7YqM0qAfW5nDESvKheTbJ+3HW0XRzBQImv6l/8JC6gEYbD8Ebk7H3N1P
S6uXYal8wRBYbuBZehIp9GqB4t7RlQOIEjiPxuDMNJ88jZiCLxEd9E7GyFilviYv
zQP4KqEqh7zAOkgg5qmT0bLiLVNcR9JM5ylLxUm3f3wkdZz3eAOUrXtcAMVp/OFE
2QNR7EOt4RWWXxcliUge0Ea3yzPGZPT1BLNbdGADC00JkiaVRSWZ6QdznVPRci5+
o89nEhpYmRrsUy5wjS+AAJmu2MwvGrV1jec7HL/0GDiJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org