Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3m8FKNL6WPBdZlwEwfGdKA5ltBk.roa
File:                     3m8FKNL6WPBdZlwEwfGdKA5ltBk.roa (raw, json)
Hash identifier:          0Fkjoms4TmhpK7zrdq9jJAV8yz4iwf+3iW7wo+3xfk0=
Subject key identifier:   DE:6F:05:28:D2:FA:58:F0:5D:66:5C:04:C1:F1:9D:28:0E:65:B4:19
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       0F6E15
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3m8FKNL6WPBdZlwEwfGdKA5ltBk.roa
Signing time:             Sat 01 Jan 2022 01:55:30 +0000
ROA not before:           Sat 01 Jan 2022 01:55:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        195.95.204.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1011221 (0xf6e15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 01:55:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=de6f0528d2fa58f05d665c04c1f19d280e65b419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:42:4f:a1:9a:58:ab:f6:9f:ee:1b:28:42:ca:
                    62:70:d5:1e:14:a6:99:fe:e5:1a:0b:18:f9:32:5f:
                    0f:86:9d:fe:ad:d7:08:bf:b7:84:09:85:f0:b6:b9:
                    6d:2d:68:f2:a2:e8:6e:50:65:d7:87:8b:4b:cb:0c:
                    69:f7:dd:2d:5d:4d:cf:e4:ec:d4:c3:5c:ae:06:cd:
                    5b:6f:35:62:94:8d:a3:6c:e5:7a:04:71:74:42:84:
                    43:00:7e:ed:a6:8a:9f:ea:67:2e:a2:01:a3:98:4a:
                    00:fe:82:1c:08:15:8d:68:71:08:a2:50:00:b8:49:
                    e9:95:56:cc:ff:e9:db:63:2b:43:6d:be:91:48:01:
                    c2:90:82:74:f9:3e:0a:63:2d:28:65:03:94:6b:10:
                    c3:50:72:78:d5:7d:7a:f9:ee:77:59:c4:06:0a:16:
                    54:00:2c:06:bd:c2:f2:c6:88:96:97:0d:2d:a1:71:
                    b4:4a:e5:45:35:30:eb:3c:c1:9f:c6:d2:c2:80:04:
                    1b:19:3d:e4:13:5f:bf:9a:4a:4c:1a:08:27:5d:f4:
                    73:85:db:5f:ab:59:48:25:d8:29:d8:1c:70:13:b3:
                    42:52:fc:98:73:93:35:50:3c:41:48:df:2b:b5:8e:
                    b6:f4:61:92:7f:6b:f1:43:23:67:43:3b:cd:c3:63:
                    55:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:6F:05:28:D2:FA:58:F0:5D:66:5C:04:C1:F1:9D:28:0E:65:B4:19
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3m8FKNL6WPBdZlwEwfGdKA5ltBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:61:54:43:f4:bb:60:a5:97:90:ff:57:b2:87:46:ed:30:3d:
         18:f5:ee:c6:89:0d:12:6f:8a:e0:f4:78:c0:59:dc:2e:27:b4:
         83:9b:25:3b:a1:ac:e4:76:d5:0f:03:3a:9c:16:ee:f4:f4:64:
         70:96:20:19:be:76:34:05:9c:d4:6b:85:3b:0c:0b:a7:a7:df:
         d0:84:d9:75:d9:f5:5d:74:f1:ea:68:cc:12:18:c0:90:3e:8d:
         f4:90:b4:c3:5b:61:14:0f:76:8b:d1:01:0e:61:24:05:ca:dd:
         73:92:df:50:b7:a4:2e:7d:ee:ad:90:0c:1e:24:1d:f4:e9:8b:
         6c:87:77:6f:31:f3:65:80:e9:1d:88:d8:99:1e:92:bc:be:c2:
         1b:1b:23:c1:d2:90:c2:27:ec:b9:35:9d:c3:6e:c6:6d:38:35:
         88:72:56:43:1b:ca:9c:d6:6d:19:50:65:ad:48:a2:4f:8f:4a:
         a5:12:72:7d:2b:5d:bf:eb:f7:d1:c7:a0:84:a3:12:18:11:e8:
         74:e2:c5:d2:a5:34:c3:a5:fb:ee:41:8d:0e:4e:95:c8:3e:22:
         10:33:da:52:8c:db:99:a0:c5:23:b4:28:31:3a:c1:0c:36:39:
         e5:32:eb:e9:38:1e:46:59:1a:e8:90:d8:8c:30:28:cf:6f:b4:
         c3:55:9c:89
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDD24VMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRkNmNlNTEwHhcNMjIwMTAx
MDE1NTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZTZmMDUyOGQyZmE1
OGYwNWQ2NjVjMDRjMWYxOWQyODBlNjViNDE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArEJPoZpYq/af7hsoQspicNUeFKaZ/uUaCxj5Ml8Php3+rdcI
v7eECYXwtrltLWjyouhuUGXXh4tLywxp990tXU3P5OzUw1yuBs1bbzVilI2jbOV6
BHF0QoRDAH7tpoqf6mcuogGjmEoA/oIcCBWNaHEIolAAuEnplVbM/+nbYytDbb6R
SAHCkIJ0+T4KYy0oZQOUaxDDUHJ41X16+e53WcQGChZUACwGvcLyxoiWlw0toXG0
SuVFNTDrPMGfxtLCgAQbGT3kE1+/mkpMGggnXfRzhdtfq1lIJdgp2BxwE7NCUvyY
c5M1UDxBSN8rtY629GGSf2vxQyNnQzvNw2NVkwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFN5vBSjS+ljwXWZcBMHxnSgOZbQZMB8GA1UdIwQYMBaAFC6Clj/xqnCrENHT
Poax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEv
M204RktOTDZXUEJkWmx3RXdmR2RLQTVsdEJrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85
NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEvTG9LV1BfR3FjS3NR
MGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1/MMA0GCSqGSIb3DQEBCwUAA4IB
AQCjYVRD9LtgpZeQ/1eyh0btMD0Y9e7GiQ0Sb4rg9HjAWdwuJ7SDmyU7oazkdtUP
AzqcFu709GRwliAZvnY0BZzUa4U7DAunp9/QhNl12fVddPHqaMwSGMCQPo30kLTD
W2EUD3aL0QEOYSQFyt1zkt9Qt6Qufe6tkAweJB306Ytsh3dvMfNlgOkdiNiZHpK8
vsIbGyPB0pDCJ+y5NZ3DbsZtODWIclZDG8qc1m0ZUGWtSKJPj0qlEnJ9K12/6/fR
x6CEoxIYEeh04sXSpTTDpfvuQY0OTpXIPiIQM9pSjNuZoMUjtCgxOsEMNjnlMuvp
OB5GWRrokNiMMCjPb7TDVZyJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org