Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/Nfn0sjWh8cjTOiwuQmmMjZ5XwlQ.roa
File:                     Nfn0sjWh8cjTOiwuQmmMjZ5XwlQ.roa (raw, json)
Hash identifier:          QhR6JTuOMSuedTB6SYB7qTdqyjNLrNO9KQWMEydB8NI=
Subject key identifier:   35:F9:F4:B2:35:A1:F1:C8:D3:3A:2C:2E:42:69:8C:8D:9E:57:C2:54
Certificate issuer:       /CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
Certificate serial:       EF34
Authority key identifier: F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/Nfn0sjWh8cjTOiwuQmmMjZ5XwlQ.roa
Signing time:             Fri 08 Apr 2022 07:53:09 +0000
ROA not before:           Fri 08 Apr 2022 07:53:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29130
IP address blocks:        195.47.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61236 (0xef34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
        Validity
            Not Before: Apr  8 07:53:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=35f9f4b235a1f1c8d33a2c2e42698c8d9e57c254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3f:27:92:f5:cf:4d:59:80:17:06:1d:e1:3c:
                    71:73:84:ab:1a:c7:55:ce:25:59:da:3e:cf:2c:bb:
                    59:b0:bd:d5:31:a3:26:a6:76:52:b8:81:c9:71:a7:
                    90:bd:be:4e:2e:2a:0f:df:7d:f3:c4:87:87:f6:9f:
                    b8:f8:d8:aa:3a:65:65:1e:ce:d9:18:18:81:ff:46:
                    9b:64:8c:f7:d4:30:07:c0:b0:ff:1f:73:1f:57:8d:
                    ed:36:24:50:fd:a9:40:eb:8f:0c:ed:7a:70:f6:59:
                    03:47:b0:a3:cd:c1:03:1e:91:8f:b5:74:b4:9a:7b:
                    27:e8:4b:e4:29:91:18:98:63:55:9e:10:91:3e:ec:
                    db:2b:16:67:23:35:59:7a:38:74:aa:b5:1b:a3:57:
                    9e:c7:2d:52:7d:ac:5b:fd:12:ea:0c:16:94:e3:aa:
                    0d:56:e2:e3:ef:43:6e:ca:82:05:62:d2:19:f6:3c:
                    60:a3:a1:de:28:65:44:e5:ac:2c:29:d0:8e:b3:69:
                    f0:71:5e:11:4c:c5:cf:10:ee:9a:59:16:d0:6d:42:
                    d0:10:e7:8b:1f:9f:b6:a3:b5:aa:cc:93:a0:0b:44:
                    26:f6:e6:be:bd:f3:ef:36:1d:fb:5d:24:9f:e0:1d:
                    d8:56:1b:04:7a:a3:c0:98:3c:27:23:a5:9e:1c:25:
                    7e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F9:F4:B2:35:A1:F1:C8:D3:3A:2C:2E:42:69:8C:8D:9E:57:C2:54
            X509v3 Authority Key Identifier:
                keyid:F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/Nfn0sjWh8cjTOiwuQmmMjZ5XwlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/9692mJ7UZP2aVIn_9_uYzC0vk-Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.47.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:af:5b:4d:ae:0d:8a:f8:ed:bf:20:99:ac:06:73:bf:18:75:
         c2:f6:c6:6d:57:3d:6f:c2:a8:81:48:8f:e0:eb:09:1d:a2:f6:
         e3:42:58:74:07:0e:df:16:d3:e8:1d:a8:2f:58:1f:c4:72:7c:
         27:0d:db:00:89:9a:68:17:0c:7f:bb:62:55:77:65:2f:68:94:
         24:8a:f8:60:c8:76:63:c1:9a:96:72:77:74:43:36:e9:55:b5:
         05:0a:8f:e3:78:47:0a:36:4a:6a:86:d2:fe:7a:65:b8:ea:f5:
         3a:82:24:4a:13:04:8f:8c:8d:35:25:60:65:05:44:48:1b:e2:
         72:46:08:ce:ac:a5:98:6c:00:42:c4:db:0d:ea:41:42:57:da:
         0c:be:1f:47:69:0a:7d:b1:dd:c5:f7:4c:46:31:c2:af:d3:c7:
         64:9d:1a:68:ea:98:4f:d1:98:d1:e8:f6:0a:8b:20:7a:18:4e:
         ab:d7:3d:ca:43:24:9b:bb:10:e1:2e:be:e3:e0:49:7b:79:e5:
         1b:59:57:0c:42:e1:31:22:87:2b:1e:c3:b8:53:c5:eb:3b:db:
         29:51:95:91:17:36:dc:2a:10:c1:10:e6:c5:10:4d:9b:77:ee:
         58:03:0d:1b:fd:a7:0e:b8:f7:9d:04:4b:a6:fc:51:8c:f5:87:
         74:52:07:51
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAO80MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY3
YWY3Njk4OWVkNDY0ZmQ5YTU0ODlmZmY3ZmI5OGNjMmQyZjkzZTQwHhcNMjIwNDA4
MDc1MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNWY5ZjRiMjM1YTFm
MWM4ZDMzYTJjMmU0MjY5OGM4ZDllNTdjMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtz8nkvXPTVmAFwYd4Txxc4SrGsdVziVZ2j7PLLtZsL3VMaMm
pnZSuIHJcaeQvb5OLioP333zxIeH9p+4+NiqOmVlHs7ZGBiB/0abZIz31DAHwLD/
H3MfV43tNiRQ/alA648M7Xpw9lkDR7CjzcEDHpGPtXS0mnsn6EvkKZEYmGNVnhCR
PuzbKxZnIzVZejh0qrUbo1eexy1Sfaxb/RLqDBaU46oNVuLj70NuyoIFYtIZ9jxg
o6HeKGVE5awsKdCOs2nwcV4RTMXPEO6aWRbQbULQEOeLH5+2o7WqzJOgC0Qm9ua+
vfPvNh37XSSf4B3YVhsEeqPAmDwnI6WeHCV+3wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDX59LI1ofHI0zosLkJpjI2eV8JUMB8GA1UdIwQYMBaAFPevdpie1GT9mlSJ
//f7mMwtL5PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OTY5Mm1KN1VaUDJhVkluXzlfdVl6QzB2ay1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS9kNjYzY2EtYWRmNi00MWMyLTkzYzEtNjBiMWRlNmMzOGQxLzEv
TmZuMHNqV2g4Y2pUT2l3dVFtbU1qWjVYd2xRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9k
NjYzY2EtYWRmNi00MWMyLTkzYzEtNjBiMWRlNmMzOGQxLzEvOTY5Mm1KN1VaUDJh
VkluXzlfdVl6QzB2ay1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/4MA0GCSqGSIb3DQEBCwUAA4IB
AQAur1tNrg2K+O2/IJmsBnO/GHXC9sZtVz1vwqiBSI/g6wkdovbjQlh0Bw7fFtPo
HagvWB/EcnwnDdsAiZpoFwx/u2JVd2UvaJQkivhgyHZjwZqWcnd0QzbpVbUFCo/j
eEcKNkpqhtL+emW46vU6giRKEwSPjI01JWBlBURIG+JyRgjOrKWYbABCxNsN6kFC
V9oMvh9HaQp9sd3F90xGMcKv08dknRpo6phP0ZjR6PYKiyB6GE6r1z3KQySbuxDh
Lr7j4El7eeUbWVcMQuExIocrHsO4U8XrO9spUZWRFzbcKhDBEObFEE2bd+5YAw0b
/acOuPedBEum/FGM9Yd0UgdR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:33 2024 by rpki-client on console-fra.rpki-client.org