Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/uM15g4UBpmmvX_wE6zD9HpaiV4Y.roa
File:                     uM15g4UBpmmvX_wE6zD9HpaiV4Y.roa (raw, json)
Hash identifier:          gPftMkuzyItUQxYpdtIaMuglrAQs4sARbW9HJ9XVz9Y=
Subject key identifier:   B8:CD:79:83:85:01:A6:69:AF:5F:FC:04:EB:30:FD:1E:96:A2:57:86
Certificate issuer:       /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial:       34680D38
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/uM15g4UBpmmvX_wE6zD9HpaiV4Y.roa
Signing time:             Mon 30 May 2022 13:48:13 +0000
ROA not before:           Mon 30 May 2022 13:48:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        195.114.140.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 879234360 (0x34680d38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
        Validity
            Not Before: May 30 13:48:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b8cd79838501a669af5ffc04eb30fd1e96a25786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:2b:b0:89:75:20:da:d0:76:13:ad:3e:3d:
                    8d:5d:6b:f5:50:cd:72:33:9c:16:b9:a2:ec:61:2a:
                    82:04:93:94:a2:c9:31:ae:b0:59:32:5b:7f:1c:9f:
                    51:1f:28:44:77:51:6a:86:4b:10:e3:b3:33:db:16:
                    a3:54:19:2e:14:12:84:28:08:f6:6b:94:2c:72:44:
                    24:b0:15:bd:e0:a9:86:08:5a:3f:e6:e6:02:3e:cb:
                    39:a4:38:a9:9c:8c:08:00:4b:d5:67:ab:5b:fd:71:
                    57:a3:2e:a9:48:e7:f1:37:e6:9c:14:b6:85:57:b1:
                    66:ca:30:6b:80:8b:34:97:9b:14:9e:55:1d:e3:60:
                    52:e6:4b:96:88:d3:c2:87:ac:d3:44:32:67:dc:d6:
                    b0:01:0f:76:98:f7:90:8e:62:47:ce:39:e0:0c:8c:
                    27:4f:c2:31:bd:aa:5b:cd:c7:19:f6:ba:79:ea:15:
                    92:9c:54:0a:b1:31:84:14:6e:79:7e:55:b0:99:8b:
                    c9:01:5a:12:63:2a:e7:1c:fe:36:a9:83:f6:9b:0f:
                    e5:64:08:b1:e1:f8:0b:98:ef:6b:8e:94:53:c6:10:
                    59:6a:e7:b6:f2:35:39:1a:b0:00:2d:9a:8e:dd:9b:
                    7a:33:9f:d6:d9:86:be:46:fa:99:5f:fe:d7:72:64:
                    03:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:CD:79:83:85:01:A6:69:AF:5F:FC:04:EB:30:FD:1E:96:A2:57:86
            X509v3 Authority Key Identifier:
                keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/uM15g4UBpmmvX_wE6zD9HpaiV4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:ed:bd:a1:fe:22:ae:44:5c:56:48:ca:e4:c7:76:d9:25:19:
         56:f9:2f:5c:45:c0:e9:c5:45:53:d4:56:f8:1d:d3:c4:f8:7c:
         f3:9f:68:ff:43:d2:70:ea:7a:e7:78:b0:15:61:12:0c:ca:b5:
         8b:b6:14:0a:6b:5c:34:ca:30:ae:30:a7:3b:10:d0:87:71:64:
         f5:2b:13:eb:f4:52:88:7a:b0:7b:49:09:ad:e2:fd:46:b0:ad:
         6e:6b:aa:5c:49:f1:57:0a:51:8e:fe:e9:2b:e6:1b:65:0a:e7:
         d1:13:d1:4d:43:eb:95:16:ea:04:59:81:17:30:07:72:70:bb:
         1b:1f:a0:2a:c4:e3:44:92:44:ea:ef:5f:5e:53:df:ec:37:ca:
         a1:aa:9b:bf:4c:91:cc:2b:1e:4a:a7:8a:fe:99:61:79:50:05:
         a0:41:e8:86:0f:26:63:8b:ca:f8:8d:dc:32:38:40:fe:a1:ed:
         4d:4b:ea:52:5d:86:3f:75:e2:49:10:14:1b:fe:1c:83:d7:51:
         cd:08:e7:ae:11:01:3f:2d:b5:88:63:30:ae:88:6c:c9:43:17:
         03:2d:01:48:fb:67:8b:9a:dc:03:d2:2c:fa:8f:3d:a5:6b:c9:
         82:1f:a3:e8:19:4a:46:9f:d4:ca:49:80:27:14:33:3e:19:66:
         e7:e8:b9:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENGgNODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmM4ZGJlNTIwODNhZDMzNWM5ZjFmZGU2MDE2ZWM4YjQ5MjkzMTQwMB4XDTIyMDUz
MDEzNDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhjZDc5ODM4NTAx
YTY2OWFmNWZmYzA0ZWIzMGZkMWU5NmEyNTc4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO1K7CJdSDa0HYTrT49jV1r9VDNcjOcFrmi7GEqggSTlKLJ
Ma6wWTJbfxyfUR8oRHdRaoZLEOOzM9sWo1QZLhQShCgI9muULHJEJLAVveCphgha
P+bmAj7LOaQ4qZyMCABL1WerW/1xV6MuqUjn8TfmnBS2hVexZsowa4CLNJebFJ5V
HeNgUuZLlojTwoes00QyZ9zWsAEPdpj3kI5iR8454AyMJ0/CMb2qW83HGfa6eeoV
kpxUCrExhBRueX5VsJmLyQFaEmMq5xz+NqmD9psP5WQIseH4C5jva46UU8YQWWrn
tvI1ORqwAC2ajt2bejOf1tmGvkb6mV/+13JkAzUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS4zXmDhQGmaa9f/ATrMP0elqJXhjAfBgNVHSMEGDAWgBSryNvlIIOtM1yf
H95gFuyLSSkxQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E4amI1U0NEclROY254X2VZQmJzaTBrcE1VQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvY2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8x
L3VNMTVnNFVCcG1tdlhfd0U2ekQ5SHBhaVY0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Y2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8xL3E4amI1U0NEclRO
Y254X2VZQmJzaTBrcE1VQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNyjDANBgkqhkiG9w0BAQsFAAOC
AQEASu29of4irkRcVkjK5Md22SUZVvkvXEXA6cVFU9RW+B3TxPh8859o/0PScOp6
53iwFWESDMq1i7YUCmtcNMowrjCnOxDQh3Fk9SsT6/RSiHqwe0kJreL9RrCtbmuq
XEnxVwpRjv7pK+YbZQrn0RPRTUPrlRbqBFmBFzAHcnC7Gx+gKsTjRJJE6u9fXlPf
7DfKoaqbv0yRzCseSqeK/plheVAFoEHohg8mY4vK+I3cMjhA/qHtTUvqUl2GP3Xi
SRAUG/4cg9dRzQjnrhEBPy21iGMwrohsyUMXAy0BSPtni5rcA9Is+o89pWvJgh+j
6BlKRp/UykmAJxQzPhlm5+i5dA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:04 2024 by rpki-client on console-ams.rpki-client.org