Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/cT7uhNcUQicegJq2SAGMhrAW1uE.roa
File:                     cT7uhNcUQicegJq2SAGMhrAW1uE.roa (raw, json)
Hash identifier:          aOoNZufqWgDqDtf2Ne8pckooe3EjNwEm/7vxwj6u26A=
Subject key identifier:   71:3E:EE:84:D7:14:42:27:1E:80:9A:B6:48:01:8C:86:B0:16:D6:E1
Certificate issuer:       /CN=792304cece7fb6551d621e257743753d7d3e7eba
Certificate serial:       03E870A1
Authority key identifier: 79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/cT7uhNcUQicegJq2SAGMhrAW1uE.roa
Signing time:             Sat 01 Jan 2022 10:55:09 +0000
ROA not before:           Sat 01 Jan 2022 10:55:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59574
IP address blocks:        185.204.110.0/24 maxlen: 24
                          95.215.231.0/24 maxlen: 24
                          95.215.230.0/24 maxlen: 24
                          95.215.230.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65564833 (0x3e870a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=792304cece7fb6551d621e257743753d7d3e7eba
        Validity
            Not Before: Jan  1 10:55:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=713eee84d71442271e809ab648018c86b016d6e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a8:18:ef:37:c6:9c:ea:93:de:ae:7d:95:0d:
                    51:c3:4e:4a:d2:7e:3d:ff:a3:f2:b3:56:83:e9:70:
                    c8:c8:27:9c:24:12:0a:f3:b2:82:12:6a:43:14:66:
                    21:bf:a9:01:c8:a2:eb:52:bc:2b:c4:62:8a:ff:28:
                    47:33:88:c2:bc:8a:c2:4e:a2:95:31:d7:61:b6:ee:
                    ca:d4:fe:36:ef:b8:08:c3:bd:54:14:31:0d:67:1c:
                    f5:e1:b7:ed:9a:f1:c1:6f:13:fa:0f:12:03:5c:a1:
                    16:93:a3:22:e0:62:8a:46:3b:2f:38:93:a9:f7:a9:
                    77:a9:8f:c4:8a:3a:12:98:d6:d7:26:20:93:f7:8d:
                    3d:da:fb:88:e1:36:a4:7b:ee:4a:28:4a:74:19:23:
                    67:a8:3a:bd:f0:6a:26:87:75:d8:c4:c2:a9:78:36:
                    db:ef:41:1c:76:f0:dc:83:b9:ec:88:2f:ac:1a:03:
                    0f:ea:6b:ac:5a:c2:35:6a:49:db:55:0d:5b:2a:e5:
                    17:c7:dd:7a:7b:56:98:40:04:36:62:90:29:9e:23:
                    21:52:61:d6:78:9f:0c:1d:83:2f:79:f9:b5:42:40:
                    6c:81:59:da:27:6b:5e:81:66:8c:2e:2e:37:16:c1:
                    1c:f2:96:a9:94:b2:ac:f0:87:fc:d8:50:a8:66:13:
                    d2:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:3E:EE:84:D7:14:42:27:1E:80:9A:B6:48:01:8C:86:B0:16:D6:E1
            X509v3 Authority Key Identifier:
                keyid:79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/cT7uhNcUQicegJq2SAGMhrAW1uE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/eSMEzs5_tlUdYh4ld0N1PX0-fro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.230.0/23
                  185.204.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:cc:19:b8:3b:0c:a7:42:72:3c:91:81:62:2f:3a:88:bb:df:
         29:61:2b:e5:ff:c1:20:a9:1f:81:40:e6:e8:d3:1f:c0:08:b0:
         1b:fc:67:38:52:a9:08:2e:ee:8c:ec:03:be:fb:8f:1b:1e:4a:
         0f:a2:0a:85:bd:d4:e3:f6:16:bb:fa:77:c5:e3:11:60:8f:df:
         17:30:3f:c3:2c:c7:1d:c1:5b:cd:30:ff:c9:a8:46:dc:0c:e4:
         a8:d6:cc:63:69:ad:c5:71:a2:7b:a5:a5:a9:27:47:7f:41:ae:
         5d:b3:ed:7c:db:c3:02:37:98:7d:cf:61:8d:29:d7:12:81:e5:
         4e:4b:bc:ae:a6:ba:b7:e4:b8:80:28:98:02:33:86:da:08:cb:
         c7:11:ba:d3:49:29:5b:da:09:df:4c:e0:ee:6b:1a:63:47:0f:
         19:d4:ed:a9:eb:ac:5a:06:e4:24:52:45:ed:fc:2d:2f:24:f1:
         fe:e3:a6:3d:f8:77:2f:ca:d8:3e:25:18:b2:54:2f:e6:d5:0f:
         51:d5:3d:53:3d:55:2f:54:62:fd:0a:e6:c6:7a:d9:79:ca:4b:
         80:d5:d5:9c:cc:68:2b:78:34:31:57:ff:94:c0:95:56:0e:27:
         43:36:0f:a9:81:77:7a:0a:49:70:4d:70:0f:60:9f:9f:65:23:
         bd:b4:58:96
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA+hwoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTIzMDRjZWNlN2ZiNjU1MWQ2MjFlMjU3NzQzNzUzZDdkM2U3ZWJhMB4XDTIyMDEw
MTEwNTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzEzZWVlODRkNzE0
NDIyNzFlODA5YWI2NDgwMThjODZiMDE2ZDZlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+oGO83xpzqk96ufZUNUcNOStJ+Pf+j8rNWg+lwyMgnnCQS
CvOyghJqQxRmIb+pAcii61K8K8Riiv8oRzOIwryKwk6ilTHXYbbuytT+Nu+4CMO9
VBQxDWcc9eG37ZrxwW8T+g8SA1yhFpOjIuBiikY7LziTqfepd6mPxIo6EpjW1yYg
k/eNPdr7iOE2pHvuSihKdBkjZ6g6vfBqJod12MTCqXg22+9BHHbw3IO57IgvrBoD
D+prrFrCNWpJ21UNWyrlF8fdentWmEAENmKQKZ4jIVJh1nifDB2DL3n5tUJAbIFZ
2idrXoFmjC4uNxbBHPKWqZSyrPCH/NhQqGYT0icCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRxPu6E1xRCJx6AmrZIAYyGsBbW4TAfBgNVHSMEGDAWgBR5IwTOzn+2VR1i
HiV3Q3U9fT5+ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VTTUV6czVfdGxVZFloNGxkME4xUFgwLWZyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZTg0YjVkLTM1MTEtNDRlOS05MjYxLWVkODJhZTdkYmQ1OS8x
L2NUN3VoTmNVUWljZWdKcTJTQUdNaHJBVzF1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZTg0YjVkLTM1MTEtNDRlOS05MjYxLWVkODJhZTdkYmQ1OS8xL2VTTUV6czVfdGxV
ZFloNGxkME4xUFgwLWZyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAV/X5gMEALnMbjANBgkqhkiG9w0B
AQsFAAOCAQEAP8wZuDsMp0JyPJGBYi86iLvfKWEr5f/BIKkfgUDm6NMfwAiwG/xn
OFKpCC7ujOwDvvuPGx5KD6IKhb3U4/YWu/p3xeMRYI/fFzA/wyzHHcFbzTD/yahG
3AzkqNbMY2mtxXGie6WlqSdHf0GuXbPtfNvDAjeYfc9hjSnXEoHlTku8rqa6t+S4
gCiYAjOG2gjLxxG600kpW9oJ30zg7msaY0cPGdTtqeusWgbkJFJF7fwtLyTx/uOm
Pfh3L8rYPiUYslQv5tUPUdU9Uz1VL1Ri/QrmxnrZecpLgNXVnMxoK3g0MVf/lMCV
Vg4nQzYPqYF3egpJcE1wD2Cfn2UjvbRYlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:35 2024 by rpki-client on console-ams.rpki-client.org