Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/cTx14NgXeLWQN4mmIKzqZ5ZXHtk.roa
File:                     cTx14NgXeLWQN4mmIKzqZ5ZXHtk.roa (raw, json)
Hash identifier:          0+p+SiHpVHVbb8xvCCcMTsTNWSkbIhYML3w8c9hclDQ=
Subject key identifier:   71:3C:75:E0:D8:17:78:B5:90:37:89:A6:20:AC:EA:67:96:57:1E:D9
Certificate issuer:       /CN=b59909ed171b38c1fdc4362229e78d69851de11c
Certificate serial:       1572C883
Authority key identifier: B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/cTx14NgXeLWQN4mmIKzqZ5ZXHtk.roa
Signing time:             Sat 01 Jan 2022 03:57:46 +0000
ROA not before:           Sat 01 Jan 2022 03:57:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39833
IP address blocks:        195.170.166.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359843971 (0x1572c883)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b59909ed171b38c1fdc4362229e78d69851de11c
        Validity
            Not Before: Jan  1 03:57:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=713c75e0d81778b5903789a620acea6796571ed9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b7:49:00:60:d4:ba:4f:42:c9:36:56:cb:69:
                    2c:28:34:aa:85:9b:45:8d:b2:88:f6:95:8c:a4:9c:
                    36:1a:76:14:87:fd:51:ee:b4:a7:d4:ee:75:13:5e:
                    2f:a5:96:cc:36:aa:05:a1:78:e8:b0:86:3b:35:b6:
                    77:98:9b:fe:0e:90:e7:6a:b2:3e:38:44:72:8d:72:
                    fd:72:66:97:f0:e2:fa:be:64:6a:a6:ee:8c:de:69:
                    b0:7d:f1:4a:ad:fb:04:e1:bb:42:cf:60:9e:f0:83:
                    eb:ac:ea:16:83:66:54:84:47:2b:d4:c3:6d:0b:20:
                    d3:a2:4b:9d:7f:3c:f3:5d:e9:01:8f:26:0d:c7:be:
                    69:5c:eb:0f:fb:06:db:c4:66:7e:2c:5b:d6:47:f9:
                    70:33:44:1e:0f:f9:70:18:3d:1c:eb:aa:ac:19:96:
                    47:08:40:8c:1f:2a:b5:d4:56:01:a4:bd:7d:d5:c3:
                    77:ef:96:b9:a1:21:00:73:a8:c6:bf:dd:1f:99:a3:
                    37:b7:b3:b7:1a:cf:95:73:a9:8d:17:dd:9e:28:6c:
                    1d:5a:c4:f5:df:20:71:3b:53:5d:19:82:24:e9:b6:
                    63:dc:41:17:74:be:d3:a8:3d:9a:c6:d9:43:f4:58:
                    ca:86:4c:0f:e9:09:2d:56:8a:26:c6:83:a1:54:b3:
                    23:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:3C:75:E0:D8:17:78:B5:90:37:89:A6:20:AC:EA:67:96:57:1E:D9
            X509v3 Authority Key Identifier:
                keyid:B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/cTx14NgXeLWQN4mmIKzqZ5ZXHtk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:3f:ca:e7:1f:f4:70:3f:79:e6:0b:29:f9:94:07:17:7e:ea:
         d7:e0:8c:1a:4c:6f:8c:98:c4:be:7f:0b:2f:49:70:9c:66:4b:
         b6:50:2c:ce:b5:da:55:be:1e:4b:62:1b:22:e8:78:54:4b:4b:
         e9:bd:98:2d:e7:72:1e:c8:41:05:9c:0b:c6:c6:26:53:77:aa:
         8a:c4:68:19:05:3e:28:52:5a:f8:ff:10:f6:89:10:32:42:ff:
         71:27:dd:19:0c:e3:a8:86:8d:cf:10:31:f4:d8:3b:a8:a3:34:
         dc:b0:be:58:49:33:0c:df:bd:1c:53:ed:eb:62:8d:a0:9c:0c:
         2f:98:0b:2e:9e:51:f5:f4:d3:59:94:4b:72:7d:67:4b:7c:e9:
         38:1c:e7:0b:ff:b7:f1:e7:9d:3c:f8:3a:dc:cf:58:20:41:d7:
         48:87:e6:18:e8:ef:b4:d8:cd:6e:2b:6d:cc:1e:c1:a3:c4:2b:
         40:fc:c6:cc:b6:fe:c8:01:6b:7b:42:03:f3:42:e6:5a:13:c8:
         04:6c:0b:6c:81:86:7e:f8:24:b6:b5:f2:cf:da:24:c5:1c:57:
         59:79:7d:9f:04:82:ce:d4:00:c4:2c:db:30:b2:3c:aa:18:aa:
         23:a4:2c:5d:2e:50:a2:e3:9f:f3:75:0f:76:a9:14:66:51:6a:
         76:5b:1a:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFXLIgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTk5MDllZDE3MWIzOGMxZmRjNDM2MjIyOWU3OGQ2OTg1MWRlMTFjMB4XDTIyMDEw
MTAzNTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzEzYzc1ZTBkODE3
NzhiNTkwMzc4OWE2MjBhY2VhNjc5NjU3MWVkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANC3SQBg1LpPQsk2VstpLCg0qoWbRY2yiPaVjKScNhp2FIf9
Ue60p9TudRNeL6WWzDaqBaF46LCGOzW2d5ib/g6Q52qyPjhEco1y/XJml/Di+r5k
aqbujN5psH3xSq37BOG7Qs9gnvCD66zqFoNmVIRHK9TDbQsg06JLnX88813pAY8m
Dce+aVzrD/sG28Rmfixb1kf5cDNEHg/5cBg9HOuqrBmWRwhAjB8qtdRWAaS9fdXD
d++WuaEhAHOoxr/dH5mjN7eztxrPlXOpjRfdnihsHVrE9d8gcTtTXRmCJOm2Y9xB
F3S+06g9msbZQ/RYyoZMD+kJLVaKJsaDoVSzI0MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxPHXg2Bd4tZA3iaYgrOpnllce2TAfBgNVHSMEGDAWgBS1mQntFxs4wf3E
NiIp541phR3hHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Raa0o3UmNiT01IOXhEWWlLZWVOYVlVZDRSdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOWVlOTgwLTY3YTItNGQzYy1iNmNhLWZkZTA3MzU4OGYwZi8x
L2NUeDE0TmdYZUxXUU40bW1JS3pxWjVaWEh0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OWVlOTgwLTY3YTItNGQzYy1iNmNhLWZkZTA3MzU4OGYwZi8xL3Raa0o3UmNiT01I
OXhEWWlLZWVOYVlVZDRSdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOqpjANBgkqhkiG9w0BAQsFAAOC
AQEACz/K5x/0cD955gsp+ZQHF37q1+CMGkxvjJjEvn8LL0lwnGZLtlAszrXaVb4e
S2IbIuh4VEtL6b2YLedyHshBBZwLxsYmU3eqisRoGQU+KFJa+P8Q9okQMkL/cSfd
GQzjqIaNzxAx9Ng7qKM03LC+WEkzDN+9HFPt62KNoJwML5gLLp5R9fTTWZRLcn1n
S3zpOBznC/+38eedPPg63M9YIEHXSIfmGOjvtNjNbittzB7Bo8QrQPzGzLb+yAFr
e0ID80LmWhPIBGwLbIGGfvgktrXyz9okxRxXWXl9nwSCztQAxCzbMLI8qhiqI6Qs
XS5QouOf83UPdqkUZlFqdlsaRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org