Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/SvWXfNamz_DUg7DOr1Bz6aixJX4.roa
File:                     SvWXfNamz_DUg7DOr1Bz6aixJX4.roa (raw, json)
Hash identifier:          FT1cYftuP7PjTG/sumi3Iz0vSrxq9NDucV4t7LEg1Jo=
Subject key identifier:   4A:F5:97:7C:D6:A6:CF:F0:D4:83:B0:CE:AF:50:73:E9:A8:B1:25:7E
Certificate issuer:       /CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
Certificate serial:       08FB9891
Authority key identifier: EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/SvWXfNamz_DUg7DOr1Bz6aixJX4.roa
Signing time:             Sat 01 Jan 2022 02:01:41 +0000
ROA not before:           Sat 01 Jan 2022 02:01:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43201
IP address blocks:        195.158.222.0/23 maxlen: 23
                          195.158.220.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150706321 (0x8fb9891)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
        Validity
            Not Before: Jan  1 02:01:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4af5977cd6a6cff0d483b0ceaf5073e9a8b1257e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:74:70:58:b4:ce:ac:bf:0c:d9:c3:99:e1:b1:
                    8b:e7:e8:72:d9:0f:cf:8b:40:bf:76:3e:1b:e1:2c:
                    d9:8c:c6:ac:73:2f:8c:b6:1e:48:09:8a:8e:f1:e0:
                    cf:24:fc:d3:e5:b8:83:1a:80:4b:8e:e6:a8:27:50:
                    3c:2d:5b:04:c8:d5:b3:4b:38:a6:4a:e8:39:78:69:
                    fd:10:6a:c7:15:b8:08:8d:a7:92:37:9c:d9:4e:7f:
                    63:c9:e2:41:cc:58:a9:3d:74:6c:7c:22:ba:8c:07:
                    19:76:07:5d:69:3e:a0:4d:02:f6:0b:91:62:cf:d1:
                    82:f8:5d:5c:e9:cf:bb:64:9f:ef:49:b2:00:66:08:
                    57:5a:87:ee:3a:fb:1a:70:c6:fe:a4:31:ed:9d:f5:
                    45:3d:e2:49:28:df:50:e8:f1:6b:55:75:3b:d3:f6:
                    27:f8:d2:5c:3b:f5:63:c3:bb:41:3a:48:e0:ad:61:
                    09:71:b5:02:bd:cc:f2:fd:4f:eb:7d:1d:cf:89:4f:
                    44:d1:67:08:0c:01:99:0d:81:7f:bc:b3:73:fc:71:
                    0b:d0:68:46:d0:52:6d:0c:3f:18:6b:25:56:5a:f9:
                    ed:7c:73:fb:46:6a:34:86:49:87:9a:8a:5c:3a:da:
                    84:c0:f5:00:83:31:81:a0:74:33:89:f0:1e:56:00:
                    ff:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F5:97:7C:D6:A6:CF:F0:D4:83:B0:CE:AF:50:73:E9:A8:B1:25:7E
            X509v3 Authority Key Identifier:
                keyid:EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/SvWXfNamz_DUg7DOr1Bz6aixJX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/69-nwK1-9nTdW0GUlg8v_UEV8mE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.158.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:e3:61:f8:93:41:32:ba:2d:17:6c:a7:98:21:6a:dd:d9:e8:
         62:82:43:4c:fd:96:76:ec:87:96:ea:3f:f3:fb:45:65:23:07:
         3b:53:10:d4:2a:c0:48:80:63:81:d4:6f:24:1d:c3:b8:7e:17:
         f1:c0:65:be:1b:a4:5a:2f:e8:94:ee:f5:2a:35:fe:d0:aa:eb:
         24:3b:b5:99:4e:3e:db:40:f2:fc:53:1c:ea:2e:75:57:0f:49:
         52:a1:59:5a:9c:ff:6a:54:22:db:46:e0:e8:60:1f:11:a7:9d:
         13:7b:b0:f5:66:72:3c:27:2f:98:65:df:61:8a:42:28:a8:d1:
         9a:ac:0f:5a:bf:6f:3c:30:ab:b9:68:75:e7:7f:f7:9c:af:da:
         55:b5:2e:bf:57:64:fb:b0:ad:59:22:d5:bb:03:b2:a5:0e:e7:
         e7:d1:ad:a6:6c:89:1d:c0:fc:36:c0:4f:ae:1c:c7:48:25:ec:
         d2:68:b0:be:3c:b3:b4:11:20:e6:f5:e1:7b:f4:87:fd:4d:f1:
         9c:e4:c7:40:f8:a2:f4:57:88:11:69:c3:2b:ae:6e:ec:53:89:
         2a:3c:53:99:3c:5b:a5:3c:60:7f:14:1b:be:3c:60:ba:a6:1a:
         f4:8e:66:c7:4b:0c:1b:94:70:4c:07:cf:6e:66:e0:44:7e:06:
         86:c6:54:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPuYkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmRmYTdjMGFkN2VmNjc0ZGQ1YjQxOTQ5NjBmMmZmZDQxMTVmMjYxMB4XDTIyMDEw
MTAyMDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFmNTk3N2NkNmE2
Y2ZmMGQ0ODNiMGNlYWY1MDczZTlhOGIxMjU3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANF0cFi0zqy/DNnDmeGxi+foctkPz4tAv3Y+G+Es2YzGrHMv
jLYeSAmKjvHgzyT80+W4gxqAS47mqCdQPC1bBMjVs0s4pkroOXhp/RBqxxW4CI2n
kjec2U5/Y8niQcxYqT10bHwiuowHGXYHXWk+oE0C9guRYs/RgvhdXOnPu2Sf70my
AGYIV1qH7jr7GnDG/qQx7Z31RT3iSSjfUOjxa1V1O9P2J/jSXDv1Y8O7QTpI4K1h
CXG1Ar3M8v1P630dz4lPRNFnCAwBmQ2Bf7yzc/xxC9BoRtBSbQw/GGslVlr57Xxz
+0ZqNIZJh5qKXDrahMD1AIMxgaB0M4nwHlYA/3sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRK9Zd81qbP8NSDsM6vUHPpqLElfjAfBgNVHSMEGDAWgBTr36fArX72dN1b
QZSWDy/9QRXyYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY5LW53SzEtOW5UZFcwR1VsZzh2X1VFVjhtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvNDM0ZmVkLTg3N2QtNGEwZi1hMjU2LTg1MzQ1ZjY2MDY1NS8x
L1N2V1hmTmFtel9EVWc3RE9yMUJ6NmFpeEpYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
NDM0ZmVkLTg3N2QtNGEwZi1hMjU2LTg1MzQ1ZjY2MDY1NS8xLzY5LW53SzEtOW5U
ZFcwR1VsZzh2X1VFVjhtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsOe3DANBgkqhkiG9w0BAQsFAAOC
AQEACuNh+JNBMrotF2ynmCFq3dnoYoJDTP2WduyHluo/8/tFZSMHO1MQ1CrASIBj
gdRvJB3DuH4X8cBlvhukWi/olO71KjX+0KrrJDu1mU4+20Dy/FMc6i51Vw9JUqFZ
Wpz/alQi20bg6GAfEaedE3uw9WZyPCcvmGXfYYpCKKjRmqwPWr9vPDCruWh153/3
nK/aVbUuv1dk+7CtWSLVuwOypQ7n59GtpmyJHcD8NsBPrhzHSCXs0miwvjyztBEg
5vXhe/SH/U3xnOTHQPii9FeIEWnDK65u7FOJKjxTmTxbpTxgfxQbvjxguqYa9I5m
x0sMG5RwTAfPbmbgRH4GhsZUBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:45 2024 by rpki-client on console-fra.rpki-client.org