Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/g1zvq9EFCM7JbludWFcr3Ozamkk.roa
File:                     g1zvq9EFCM7JbludWFcr3Ozamkk.roa (raw, json)
Hash identifier:          DGcFMo3k+DvES3YDmEw4wyvZmfREEtxZ4g9OB8zEPXQ=
Subject key identifier:   83:5C:EF:AB:D1:05:08:CE:C9:6E:5B:9D:58:57:2B:DC:EC:DA:9A:49
Certificate issuer:       /CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
Certificate serial:       0BBA6163
Authority key identifier: 94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/g1zvq9EFCM7JbludWFcr3Ozamkk.roa
Signing time:             Sat 01 Jan 2022 05:52:18 +0000
ROA not before:           Sat 01 Jan 2022 05:52:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47382
IP address blocks:        195.43.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196764003 (0xbba6163)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=942f565ed16d8c337a8c8ab3cdc572ef1150f5a9
        Validity
            Not Before: Jan  1 05:52:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=835cefabd10508cec96e5b9d58572bdcecda9a49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f0:4d:25:fa:e2:3d:4a:f0:4d:00:53:1c:e8:
                    ee:7c:2f:5b:f7:e6:2b:b7:db:54:be:7d:60:53:5f:
                    54:6c:ab:70:6c:14:ff:31:34:27:07:73:25:14:2d:
                    60:cf:51:fc:81:a6:be:40:e0:7d:6b:73:00:65:66:
                    c4:3b:84:5a:4b:79:72:91:ec:b5:a1:a2:af:96:9f:
                    38:d2:b3:e7:21:51:53:bf:bb:46:e1:0d:4b:f6:b0:
                    43:a6:4d:2f:ea:ac:1c:c5:b9:79:ba:d0:14:47:bd:
                    73:71:9a:67:d1:a6:32:06:2b:d0:32:81:98:d7:42:
                    aa:76:7f:a7:39:17:b3:cd:39:79:03:82:db:ab:a3:
                    e4:c7:d8:0a:d1:70:f3:7f:ad:22:0c:74:aa:39:38:
                    e6:70:a8:e5:21:e0:16:ee:55:27:ee:93:3a:c1:85:
                    49:e9:ca:67:92:4b:46:51:82:a6:98:3d:54:90:98:
                    d2:0b:5e:ce:4b:1c:61:a6:b8:e2:95:88:2f:8a:a0:
                    e0:65:e6:eb:da:ab:00:bd:66:5f:06:88:a0:b2:5d:
                    43:31:0a:11:b1:cc:37:c5:17:1b:46:5d:70:a5:2d:
                    33:58:0b:75:26:55:f3:5e:c8:df:89:e3:98:61:bb:
                    fd:12:4a:87:83:fe:29:b1:66:2f:d2:70:6d:f5:9b:
                    a0:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:5C:EF:AB:D1:05:08:CE:C9:6E:5B:9D:58:57:2B:DC:EC:DA:9A:49
            X509v3 Authority Key Identifier:
                keyid:94:2F:56:5E:D1:6D:8C:33:7A:8C:8A:B3:CD:C5:72:EF:11:50:F5:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/g1zvq9EFCM7JbludWFcr3Ozamkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f1649-0c9d-405d-a134-66d253432f5f/1/lC9WXtFtjDN6jIqzzcVy7xFQ9ak.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:23:d1:b8:ed:21:c1:6e:b7:87:4b:8e:9d:6a:16:53:0d:22:
         f4:51:82:9a:e3:a3:14:c0:81:79:93:8d:60:fc:fb:49:70:a7:
         7d:0a:f5:37:92:b9:66:b8:9a:3b:be:77:cd:23:78:10:91:6d:
         53:12:33:c6:90:15:60:1a:c9:99:87:91:cb:1e:33:a0:9e:29:
         ea:f5:86:9a:78:bc:db:53:a0:7b:c8:54:d9:c9:0e:be:5f:21:
         42:3a:d6:15:a5:b8:7a:4a:2d:00:7c:80:d8:48:94:32:1d:99:
         b2:92:2f:19:53:e3:e6:82:64:ec:9b:99:b0:20:25:71:c2:a4:
         ac:26:8a:a5:35:65:09:9d:40:a8:87:c9:fc:e3:b0:b5:bb:a9:
         6d:08:74:5f:26:3b:aa:ea:c7:f7:53:72:2b:01:5a:be:df:b6:
         25:3a:2f:2b:10:ea:36:76:0d:37:13:84:20:31:20:cd:90:fa:
         15:96:6b:c2:ad:53:6a:ea:b1:4b:c4:26:2e:30:0b:25:99:e7:
         c5:f5:45:27:75:8e:4b:48:6c:0c:6c:9b:9d:41:ab:5e:d6:c4:
         22:29:bd:0b:13:08:73:a7:f2:e9:93:01:02:c4:fc:48:91:47:
         16:8e:90:46:e8:74:af:e8:f6:95:42:05:94:93:ef:34:56:db:
         06:97:1b:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7phYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDJmNTY1ZWQxNmQ4YzMzN2E4YzhhYjNjZGM1NzJlZjExNTBmNWE5MB4XDTIyMDEw
MTA1NTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM1Y2VmYWJkMTA1
MDhjZWM5NmU1YjlkNTg1NzJiZGNlY2RhOWE0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3wTSX64j1K8E0AUxzo7nwvW/fmK7fbVL59YFNfVGyrcGwU
/zE0JwdzJRQtYM9R/IGmvkDgfWtzAGVmxDuEWkt5cpHstaGir5afONKz5yFRU7+7
RuENS/awQ6ZNL+qsHMW5ebrQFEe9c3GaZ9GmMgYr0DKBmNdCqnZ/pzkXs805eQOC
26uj5MfYCtFw83+tIgx0qjk45nCo5SHgFu5VJ+6TOsGFSenKZ5JLRlGCppg9VJCY
0gtezkscYaa44pWIL4qg4GXm69qrAL1mXwaIoLJdQzEKEbHMN8UXG0ZdcKUtM1gL
dSZV817I34njmGG7/RJKh4P+KbFmL9JwbfWboPUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSDXO+r0QUIzsluW51YVyvc7NqaSTAfBgNVHSMEGDAWgBSUL1Ze0W2MM3qM
irPNxXLvEVD1qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xDOVdYdEZ0akRONmpJcXp6Y1Z5N3hGUTlhay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvN2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8x
L2cxenZxOUVGQ003SmJsdWRXRmNyM096YW1ray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
N2YxNjQ5LTBjOWQtNDA1ZC1hMTM0LTY2ZDI1MzQzMmY1Zi8xL2xDOVdYdEZ0akRO
NmpJcXp6Y1Z5N3hGUTlhay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMrljANBgkqhkiG9w0BAQsFAAOC
AQEAdCPRuO0hwW63h0uOnWoWUw0i9FGCmuOjFMCBeZONYPz7SXCnfQr1N5K5Zria
O753zSN4EJFtUxIzxpAVYBrJmYeRyx4zoJ4p6vWGmni821Oge8hU2ckOvl8hQjrW
FaW4ekotAHyA2EiUMh2ZspIvGVPj5oJk7JuZsCAlccKkrCaKpTVlCZ1AqIfJ/OOw
tbupbQh0XyY7qurH91NyKwFavt+2JTovKxDqNnYNNxOEIDEgzZD6FZZrwq1Tauqx
S8QmLjALJZnnxfVFJ3WOS0hsDGybnUGrXtbEIim9CxMIc6fy6ZMBAsT8SJFHFo6Q
Ruh0r+j2lUIFlJPvNFbbBpcbPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:05 2024 by rpki-client on console-ams.rpki-client.org