Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/KjngAWNkigdbjuE8gV0fPv8W5MU.roa
File:                     KjngAWNkigdbjuE8gV0fPv8W5MU.roa (raw, json)
Hash identifier:          apy00tbaGjY0hzS2ry0fNuQJsTqvpl07YPtvczkug0A=
Subject key identifier:   2A:39:E0:01:63:64:8A:07:5B:8E:E1:3C:81:5D:1F:3E:FF:16:E4:C5
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       0185160C6C8C455FD047BE91BFDE187ED718
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/KjngAWNkigdbjuE8gV0fPv8W5MU.roa
Signing time:             Thu 15 Dec 2022 13:49:50 +0000
ROA not before:           Thu 15 Dec 2022 13:49:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        195.95.205.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:16:0c:6c:8c:45:5f:d0:47:be:91:bf:de:18:7e:d7:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Dec 15 13:49:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2a39e00163648a075b8ee13c815d1f3eff16e4c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3f:50:c7:c9:87:9a:7c:64:3b:59:fa:7d:64:
                    71:5a:c9:cf:9c:19:df:e5:9e:d7:45:8f:b4:e8:ce:
                    61:3a:b9:0a:f1:ba:51:20:fb:2b:b3:03:59:cf:20:
                    73:6f:5a:13:e6:70:d6:d2:6f:28:36:76:75:7b:1b:
                    ea:71:7b:df:26:53:2b:a6:fc:7a:92:42:82:6f:19:
                    a5:d1:7b:4d:ec:84:97:b6:4c:83:d9:be:3d:01:90:
                    20:c6:98:ed:ff:fd:f9:cb:7e:c3:f5:96:32:58:8b:
                    43:f8:2b:ff:4e:15:0c:70:e5:70:3f:02:93:0f:bd:
                    57:24:5f:fe:ab:1e:cf:93:5c:91:ea:c0:2a:6f:31:
                    cf:94:02:9f:47:c4:8a:3c:4f:61:b4:50:d7:65:83:
                    4a:86:46:a2:f6:65:bb:92:28:ab:70:dc:c3:42:a2:
                    a9:b9:cc:10:25:95:b5:b9:4b:98:75:35:85:f2:e9:
                    25:65:2f:2d:70:14:20:c7:5e:a1:ca:ee:94:9b:26:
                    fe:3d:aa:97:32:ed:b0:b6:97:3f:07:6c:5b:3a:52:
                    52:83:70:46:30:7a:87:6d:36:01:f2:ee:bc:65:e9:
                    c4:f1:7a:13:8e:cb:8b:a7:15:73:33:f1:93:45:40:
                    a6:1d:06:21:f3:d8:ee:7a:9f:f6:7a:33:c7:a5:4a:
                    9a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:39:E0:01:63:64:8A:07:5B:8E:E1:3C:81:5D:1F:3E:FF:16:E4:C5
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/KjngAWNkigdbjuE8gV0fPv8W5MU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:4f:9c:1f:1e:e3:7b:52:5b:2f:bf:b6:c4:8c:06:97:8e:fc:
         7e:82:21:66:09:8d:42:18:c8:e4:ca:ac:85:c4:77:df:f1:16:
         be:1a:98:c6:aa:8d:75:13:5d:0c:0a:5a:67:02:da:b7:fb:bd:
         a5:3a:6b:b6:68:08:a6:4a:9b:fd:11:ad:63:a4:c4:1d:3b:7d:
         12:b8:27:a5:cd:22:e1:ee:42:04:5c:42:34:70:e2:d9:cf:df:
         8e:45:04:59:3b:cb:a1:c8:02:47:b5:d5:ac:54:52:a3:b7:c3:
         51:56:b1:73:28:4d:d0:2b:79:2d:7f:09:a0:37:c0:b5:03:40:
         d9:c6:d2:c3:0b:49:71:c3:7b:b7:89:5e:41:8e:54:1f:5f:de:
         94:91:51:59:eb:f8:2f:4f:53:6b:5d:ba:02:ba:a7:53:c0:23:
         d8:2a:22:9f:67:41:24:9e:0c:50:c4:c5:7e:b0:a0:79:52:dd:
         46:b3:c8:41:e3:29:b2:dd:18:09:b6:96:72:18:2a:d5:c0:62:
         63:fe:b4:ae:56:19:f3:ab:7f:ff:0f:e0:01:85:6f:85:26:da:
         12:6f:22:94:36:c7:84:23:b6:59:d4:28:a6:f5:0d:3b:1d:98:
         16:65:92:78:e2:f0:8a:e2:7e:c7:cc:f3:5a:2f:0d:31:4a:cb:
         28:f1:8a:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUWDGyMRV/QR76Rv94YftcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjIxMjE1MTM0OTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5ZTAwMTYzNjQ4YTA3NWI4ZWUxM2M4MTVkMWYzZWZmMTZlNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz9Qx8mHmnxkO1n6fWRxWsnPnBnf
5Z7XRY+06M5hOrkK8bpRIPsrswNZzyBzb1oT5nDW0m8oNnZ1exvqcXvfJlMrpvx6
kkKCbxml0XtN7ISXtkyD2b49AZAgxpjt//35y37D9ZYyWItD+Cv/ThUMcOVwPwKT
D71XJF/+qx7Pk1yR6sAqbzHPlAKfR8SKPE9htFDXZYNKhkai9mW7kiircNzDQqKp
ucwQJZW1uUuYdTWF8uklZS8tcBQgx16hyu6Umyb+PaqXMu2wtpc/B2xbOlJSg3BG
MHqHbTYB8u68ZenE8XoTjsuLpxVzM/GTRUCmHQYh89juep/2ejPHpUqaBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCo54AFjZIoHW47hPIFdHz7/FuTFMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvS2puZ0FXTmtpZ2RianVFOGdWMGZQdjhXNU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/NMA0G
CSqGSIb3DQEBCwUAA4IBAQCuT5wfHuN7Ulsvv7bEjAaXjvx+giFmCY1CGMjkyqyF
xHff8Ra+GpjGqo11E10MClpnAtq3+72lOmu2aAimSpv9Ea1jpMQdO30SuCelzSLh
7kIEXEI0cOLZz9+ORQRZO8uhyAJHtdWsVFKjt8NRVrFzKE3QK3ktfwmgN8C1A0DZ
xtLDC0lxw3u3iV5BjlQfX96UkVFZ6/gvT1NrXboCuqdTwCPYKiKfZ0EkngxQxMV+
sKB5Ut1Gs8hB4ymy3RgJtpZyGCrVwGJj/rSuVhnzq3//D+ABhW+FJtoSbyKUNseE
I7ZZ1Cim9Q07HZgWZZJ44vCK4n7HzPNaLw0xSsso8Yrp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org