Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4N0FZz-3Y3eIzNiX4082W2goRo.roa
File:                     i4N0FZz-3Y3eIzNiX4082W2goRo.roa (raw, json)
Hash identifier:          D3yWNgTDVtUf0RR07b5im4AexCS5t5UJcPSgWhdpsOM=
Subject key identifier:   8B:83:74:15:9C:FE:DD:8D:DE:23:33:62:5F:8D:3C:D9:6D:A0:A1:1A
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       01828C021349E05EBA41017F06D8D2F0E87A
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4N0FZz-3Y3eIzNiX4082W2goRo.roa
Signing time:             Thu 11 Aug 2022 08:25:22 +0000
ROA not before:           Thu 11 Aug 2022 08:25:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207713
IP address blocks:        95.215.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8c:02:13:49:e0:5e:ba:41:01:7f:06:d8:d2:f0:e8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug 11 08:25:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b8374159cfedd8dde2333625f8d3cd96da0a11a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:91:d5:b3:59:8f:33:aa:8f:35:e4:d5:ea:a5:
                    8f:11:e5:71:fd:68:86:40:56:52:83:cd:e2:b1:31:
                    eb:88:9d:05:27:fb:0c:8a:1e:c1:20:87:9e:b3:39:
                    07:57:e7:dc:f9:30:4d:3b:9d:23:8c:11:eb:30:b6:
                    8f:08:c7:a9:14:ca:2c:b0:de:7c:b8:78:51:fb:e7:
                    59:73:e0:a5:e4:42:ad:3f:14:17:bc:07:b7:21:90:
                    fc:6a:e6:a6:bd:ae:78:34:8a:32:40:1d:72:99:da:
                    d9:3b:d7:d7:2a:75:4d:ac:62:f1:71:c9:33:9c:51:
                    69:e8:b8:1e:b3:f7:5e:04:6c:49:43:db:c4:64:21:
                    ab:58:d7:88:45:5e:2f:03:f0:8f:96:f4:09:f2:18:
                    e7:56:50:e0:85:60:9e:33:dd:5f:2a:8e:a0:8d:c7:
                    fd:eb:27:07:11:eb:51:0b:e8:b7:23:81:82:9a:90:
                    8d:c4:20:4b:7f:1a:4b:2a:47:44:0b:03:fd:6c:51:
                    39:ae:2b:3f:18:4c:9f:4f:d3:0a:7b:7c:af:f5:3d:
                    89:1e:c3:1e:af:86:b7:69:1e:62:bf:bf:db:74:e4:
                    b3:61:cf:38:21:ef:1a:6d:61:73:c5:f7:06:83:ab:
                    e9:8a:9f:de:87:0d:00:61:6e:39:45:cf:8d:ad:17:
                    b9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:83:74:15:9C:FE:DD:8D:DE:23:33:62:5F:8D:3C:D9:6D:A0:A1:1A
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4N0FZz-3Y3eIzNiX4082W2goRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.215.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:b6:5a:16:32:56:86:ae:e5:5b:6c:36:59:40:2d:cf:5c:b8:
         2b:9e:e4:8c:70:68:af:3d:4f:93:9a:dc:da:df:90:4f:5c:a1:
         d9:50:43:fd:87:73:07:d9:f8:92:ed:06:5b:73:fc:54:84:aa:
         85:fe:64:d3:ea:52:5d:18:d7:e3:63:b2:6b:ef:96:30:1d:b6:
         dc:50:1b:e4:f5:34:6e:48:bf:c4:db:b4:26:76:05:b1:5e:bd:
         1d:de:6d:a7:6c:af:4c:d6:46:39:64:8d:5a:59:65:f5:7c:aa:
         e4:45:b4:f8:7d:88:81:f7:c1:2b:c4:2d:3a:ff:14:08:61:30:
         a1:2c:a7:e0:41:75:4e:f0:27:5f:61:ce:8e:bf:52:54:b0:b0:
         99:45:a6:3b:f5:4c:51:76:70:b3:bf:e3:ef:e5:69:06:09:e9:
         72:a7:0f:33:d8:4c:9c:3a:db:f6:a0:c2:59:05:fe:e4:d2:31:
         b4:15:49:4d:65:10:0b:e6:1e:c6:8e:bc:79:64:af:ce:f4:91:
         a2:f3:84:b5:fb:cc:72:de:01:93:6f:8f:92:17:69:d6:2d:56:
         3f:72:af:e0:7e:05:1f:f5:40:8d:d0:a0:2c:a0:d1:2c:a7:eb:
         ce:ff:ec:6f:41:fa:72:a7:3c:de:aa:89:0b:4b:85:82:6d:bc:
         48:df:a0:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKMAhNJ4F66QQF/BtjS8Oh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIwODExMDgyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgzNzQxNTljZmVkZDhkZGUyMzMzNjI1ZjhkM2NkOTZkYTBhMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpHVs1mPM6qPNeTV6qWPEeVx/WiG
QFZSg83isTHriJ0FJ/sMih7BIIeeszkHV+fc+TBNO50jjBHrMLaPCMepFMossN58
uHhR++dZc+Cl5EKtPxQXvAe3IZD8auamva54NIoyQB1ymdrZO9fXKnVNrGLxcckz
nFFp6Lges/deBGxJQ9vEZCGrWNeIRV4vA/CPlvQJ8hjnVlDghWCeM91fKo6gjcf9
6ycHEetRC+i3I4GCmpCNxCBLfxpLKkdECwP9bFE5ris/GEyfT9MKe3yv9T2JHsMe
r4a3aR5iv7/bdOSzYc84Ie8abWFzxfcGg6vpip/ehw0AYW45Rc+NrRe5NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuDdBWc/t2N3iMzYl+NPNltoKEaMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvaTROMEZaei0zWTNlSXpOaVg0MDgyVzJnb1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9dsMA0G
CSqGSIb3DQEBCwUAA4IBAQAStloWMlaGruVbbDZZQC3PXLgrnuSMcGivPU+Tmtza
35BPXKHZUEP9h3MH2fiS7QZbc/xUhKqF/mTT6lJdGNfjY7Jr75YwHbbcUBvk9TRu
SL/E27QmdgWxXr0d3m2nbK9M1kY5ZI1aWWX1fKrkRbT4fYiB98ErxC06/xQIYTCh
LKfgQXVO8CdfYc6Ov1JUsLCZRaY79UxRdnCzv+Pv5WkGCelypw8z2EycOtv2oMJZ
Bf7k0jG0FUlNZRAL5h7Gjrx5ZK/O9JGi84S1+8xy3gGTb4+SF2nWLVY/cq/gfgUf
9UCN0KAsoNEsp+vO/+xvQfpypzzeqokLS4WCbbxI36Cm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org