Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/EpWXFdPzf_lrVjxyY6JuIZyKFUc.roa
File:                     EpWXFdPzf_lrVjxyY6JuIZyKFUc.roa (raw, json)
Hash identifier:          5ebkYGpeGuHQlghAxtMoNLjU8iJ32KM9kGdi78xiM4k=
Subject key identifier:   12:95:97:15:D3:F3:7F:F9:6B:56:3C:72:63:A2:6E:21:9C:8A:15:47
Certificate issuer:       /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial:       330840FD
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/EpWXFdPzf_lrVjxyY6JuIZyKFUc.roa
Signing time:             Sat 01 Jan 2022 09:58:39 +0000
ROA not before:           Sat 01 Jan 2022 09:58:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35123
IP address blocks:        195.225.52.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 856178941 (0x330840fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
        Validity
            Not Before: Jan  1 09:58:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12959715d3f37ff96b563c7263a26e219c8a1547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:13:b4:11:91:75:54:27:af:6d:65:a4:e4:53:
                    81:bd:c4:0b:14:6e:ea:0c:0d:4b:d0:8b:27:7b:fb:
                    54:84:9c:28:69:2f:18:b9:d7:77:5d:d4:7d:63:72:
                    5c:7c:bb:09:8e:d1:8b:75:f8:7a:b4:1f:38:61:0c:
                    b0:b9:6f:5a:68:20:d2:7e:30:20:29:63:3a:54:46:
                    09:18:87:1a:08:e1:7e:be:49:42:36:8a:63:2c:69:
                    e8:f6:9c:53:35:62:d9:94:8a:b4:7d:91:db:52:ac:
                    42:cd:b8:cd:b0:12:b3:27:c4:45:11:8b:06:dc:36:
                    30:db:70:79:da:34:4f:fa:c6:c6:e2:c9:3a:ec:ba:
                    98:70:96:e8:f1:55:9b:6a:fc:72:60:3c:d6:7e:1b:
                    3f:89:a7:d6:7c:10:3d:df:11:18:a4:cb:4c:f2:35:
                    c1:d1:0f:44:86:b8:6e:44:3c:97:3f:41:44:22:9d:
                    8e:1a:0c:12:16:3c:3d:3b:58:36:ee:1f:53:51:35:
                    64:79:99:ad:c7:a9:ce:77:ef:37:89:8e:21:cd:51:
                    95:33:01:a4:7d:2d:bb:f9:ad:b0:a4:8c:b6:f9:59:
                    21:7f:4f:13:a4:1e:b6:11:8e:be:c8:fa:5c:af:c6:
                    e0:5f:e0:bb:c4:e2:62:de:02:26:4b:a6:f4:92:99:
                    40:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:95:97:15:D3:F3:7F:F9:6B:56:3C:72:63:A2:6E:21:9C:8A:15:47
            X509v3 Authority Key Identifier:
                keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/EpWXFdPzf_lrVjxyY6JuIZyKFUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         19:11:5f:86:69:51:79:c2:09:17:18:42:3d:a5:08:dc:1b:7d:
         97:9d:13:90:1d:92:eb:90:eb:bb:9b:44:5c:0a:da:b6:60:a6:
         2b:1e:5d:ab:e8:eb:dd:61:23:5d:df:04:6a:68:e7:e3:b9:e0:
         81:85:48:d5:f3:94:3a:a5:1a:19:3d:d3:c8:a0:14:cb:38:d4:
         70:9f:60:a9:49:5c:29:ca:1d:e2:ec:bb:7d:ca:31:1a:b0:31:
         50:85:24:5c:d7:c2:f7:1f:e6:03:0b:f0:57:48:f3:50:00:d8:
         d8:82:95:41:d5:74:cb:ef:7b:d8:f5:a3:44:ca:9e:a3:25:29:
         48:53:41:05:aa:31:a3:49:68:3a:72:58:60:78:02:0c:fb:fe:
         b4:47:f8:a7:74:e5:20:17:11:a0:9d:56:10:40:a6:42:20:2c:
         e9:b5:4f:27:c0:08:08:95:7f:61:2b:b4:7e:f6:df:3b:09:a7:
         c5:61:3b:24:75:c1:ed:23:79:a0:4e:c0:98:3a:1b:d1:ac:ae:
         7b:58:f6:b6:a8:2e:09:52:a6:ea:fa:58:87:a8:a5:14:84:6a:
         c0:4e:ce:7d:1b:74:70:a5:ba:72:73:bb:69:fe:52:31:91:3b:
         e6:3f:70:ef:ad:76:16:64:b0:3d:d0:c1:b4:95:1c:0e:1a:38:
         d1:d9:76:65
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMwhA/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmM4ZGJlNTIwODNhZDMzNWM5ZjFmZGU2MDE2ZWM4YjQ5MjkzMTQwMB4XDTIyMDEw
MTA5NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTI5NTk3MTVkM2Yz
N2ZmOTZiNTYzYzcyNjNhMjZlMjE5YzhhMTU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwTtBGRdVQnr21lpORTgb3ECxRu6gwNS9CLJ3v7VIScKGkv
GLnXd13UfWNyXHy7CY7Ri3X4erQfOGEMsLlvWmgg0n4wICljOlRGCRiHGgjhfr5J
QjaKYyxp6PacUzVi2ZSKtH2R21KsQs24zbASsyfERRGLBtw2MNtwedo0T/rGxuLJ
Ouy6mHCW6PFVm2r8cmA81n4bP4mn1nwQPd8RGKTLTPI1wdEPRIa4bkQ8lz9BRCKd
jhoMEhY8PTtYNu4fU1E1ZHmZrcepznfvN4mOIc1RlTMBpH0tu/mtsKSMtvlZIX9P
E6QethGOvsj6XK/G4F/gu8TiYt4CJkum9JKZQN8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQSlZcV0/N/+WtWPHJjom4hnIoVRzAfBgNVHSMEGDAWgBSryNvlIIOtM1yf
H95gFuyLSSkxQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E4amI1U0NEclROY254X2VZQmJzaTBrcE1VQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvY2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8x
L0VwV1hGZFB6Zl9sclZqeHlZNkp1SVp5S0ZVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Y2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8xL3E4amI1U0NEclRO
Y254X2VZQmJzaTBrcE1VQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcPhNDANBgkqhkiG9w0BAQsFAAOC
AQEAGRFfhmlRecIJFxhCPaUI3Bt9l50TkB2S65Dru5tEXAratmCmKx5dq+jr3WEj
Xd8Eamjn47nggYVI1fOUOqUaGT3TyKAUyzjUcJ9gqUlcKcod4uy7fcoxGrAxUIUk
XNfC9x/mAwvwV0jzUADY2IKVQdV0y+972PWjRMqeoyUpSFNBBaoxo0loOnJYYHgC
DPv+tEf4p3TlIBcRoJ1WEECmQiAs6bVPJ8AICJV/YSu0fvbfOwmnxWE7JHXB7SN5
oE7AmDob0ayue1j2tqguCVKm6vpYh6ilFIRqwE7OfRt0cKW6cnO7af5SMZE75j9w
7612FmSwPdDBtJUcDho40dl2ZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:04 2024 by rpki-client on console-ams.rpki-client.org