Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/QTaibtAH-VVyPGXTHKnCjYG-Zww.roa
File:                     QTaibtAH-VVyPGXTHKnCjYG-Zww.roa (raw, json)
Hash identifier:          7/0wDJNCrf19bVIVuj88wT/eky3qQNItFwSIXhMNe9M=
Subject key identifier:   41:36:A2:6E:D0:07:F9:55:72:3C:65:D3:1C:A9:C2:8D:81:BE:67:0C
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       08EFEC97
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/QTaibtAH-VVyPGXTHKnCjYG-Zww.roa
Signing time:             Sat 01 Jan 2022 08:05:21 +0000
ROA not before:           Sat 01 Jan 2022 08:05:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61975
IP address blocks:        95.158.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149941399 (0x8efec97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  1 08:05:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4136a26ed007f955723c65d31ca9c28d81be670c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f2:5f:7b:42:55:a1:92:39:ab:30:c7:1f:38:
                    c9:73:e1:64:81:9e:c2:1a:f7:87:a1:a3:58:d4:28:
                    98:59:bf:9f:c3:fe:e4:b7:5b:c2:da:13:1b:6d:2a:
                    01:4f:ad:29:ba:f2:26:d8:59:e7:0f:ae:b3:d0:e0:
                    b4:95:9a:e0:83:d0:90:05:f5:2a:7a:c2:d8:68:ea:
                    1d:f0:be:7c:9c:b5:38:24:82:5c:db:5f:76:ae:d5:
                    75:7c:d2:c3:59:01:90:8e:c0:0e:c4:3d:08:c9:74:
                    de:ba:3a:e7:2a:01:3c:0c:98:1a:b7:22:31:96:25:
                    ea:d6:ff:19:d3:a8:78:00:28:b5:99:1e:81:98:86:
                    a7:9c:0b:ba:d3:8d:b2:69:92:13:cf:40:b3:5a:a2:
                    43:c4:2d:8a:5d:43:37:d8:c6:1b:83:b1:ad:b6:f0:
                    a9:26:40:5b:a0:8a:ac:21:66:00:f3:0c:30:da:8d:
                    8d:ef:c8:a3:1d:69:05:b9:4b:10:80:0f:0a:af:33:
                    4a:cf:ee:dd:f3:2a:c1:f5:c5:44:a1:04:db:99:e6:
                    c0:e8:29:52:f4:07:d6:1e:d5:88:75:82:65:29:d6:
                    6a:7e:e0:61:dc:a1:3f:b9:45:59:a6:54:99:b5:08:
                    3c:d2:2c:af:9a:dc:0d:6a:07:41:2a:12:3a:64:c1:
                    fe:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:36:A2:6E:D0:07:F9:55:72:3C:65:D3:1C:A9:C2:8D:81:BE:67:0C
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/QTaibtAH-VVyPGXTHKnCjYG-Zww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.158.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:84:88:f4:6f:c5:f6:31:76:fd:33:0e:50:eb:5b:55:fe:d5:
         67:f4:96:42:91:07:aa:aa:0b:b7:e1:b4:fd:2e:8a:a5:69:47:
         76:be:d1:76:e0:5f:9e:aa:ed:ad:ca:34:72:2e:7e:37:44:2b:
         4e:c7:2b:0c:df:d5:87:c1:a3:ce:3d:65:7c:e0:a5:04:07:74:
         c6:c6:a8:97:03:22:67:1d:6b:c0:3f:85:7a:2c:b4:5d:2e:7c:
         77:77:83:0b:52:48:68:bd:7f:9c:ca:61:d7:c9:0d:19:20:90:
         ac:38:c8:62:b0:48:8b:9b:72:b2:2c:cf:23:6e:a1:8a:11:0b:
         3a:93:54:fc:aa:b4:58:88:30:f2:ae:f1:31:04:a6:55:75:fb:
         ad:f0:be:46:24:34:b8:cd:bf:53:85:1d:e6:eb:5e:6e:19:04:
         28:b4:13:10:ff:aa:e6:ef:8f:b1:b9:56:31:ca:2c:fc:b1:a4:
         7d:61:ea:87:31:61:2d:bb:36:08:0e:86:ef:72:26:a4:94:25:
         bd:95:b6:81:98:15:9d:15:93:74:f1:24:7a:59:1f:ed:04:33:
         33:9c:3f:78:ad:45:e4:d3:88:ff:d6:4e:bd:78:79:23:55:0d:
         95:f1:ad:b8:44:b1:11:b3:0d:87:43:28:49:65:3a:b5:3c:62:
         b6:b7:38:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECO/slzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDEzNmEyNmVkMDA3
Zjk1NTcyM2M2NWQzMWNhOWMyOGQ4MWJlNjcwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvyX3tCVaGSOaswxx84yXPhZIGewhr3h6GjWNQomFm/n8P+
5LdbwtoTG20qAU+tKbryJthZ5w+us9DgtJWa4IPQkAX1KnrC2GjqHfC+fJy1OCSC
XNtfdq7VdXzSw1kBkI7ADsQ9CMl03ro65yoBPAyYGrciMZYl6tb/GdOoeAAotZke
gZiGp5wLutONsmmSE89As1qiQ8Qtil1DN9jGG4OxrbbwqSZAW6CKrCFmAPMMMNqN
je/Iox1pBblLEIAPCq8zSs/u3fMqwfXFRKEE25nmwOgpUvQH1h7ViHWCZSnWan7g
YdyhP7lFWaZUmbUIPNIsr5rcDWoHQSoSOmTB/r0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRBNqJu0Af5VXI8ZdMcqcKNgb5nDDAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L1FUYWlidEFILVZWeVBHWFRIS25DallHLVp3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+eqTANBgkqhkiG9w0BAQsFAAOC
AQEARISI9G/F9jF2/TMOUOtbVf7VZ/SWQpEHqqoLt+G0/S6KpWlHdr7RduBfnqrt
rco0ci5+N0QrTscrDN/Vh8Gjzj1lfOClBAd0xsaolwMiZx1rwD+Feiy0XS58d3eD
C1JIaL1/nMph18kNGSCQrDjIYrBIi5tysizPI26hihELOpNU/Kq0WIgw8q7xMQSm
VXX7rfC+RiQ0uM2/U4Ud5utebhkEKLQTEP+q5u+PsblWMcos/LGkfWHqhzFhLbs2
CA6G73ImpJQlvZW2gZgVnRWTdPEkelkf7QQzM5w/eK1F5NOI/9ZOvXh5I1UNlfGt
uESxEbMNh0MoSWU6tTxitrc4UQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org