Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/340eb5-7be0-4bc9-bf2d-b473ce7807ca/1/DNowEcTBlp2o7YWdn8AThJVP8Kk.roa
File:                     DNowEcTBlp2o7YWdn8AThJVP8Kk.roa (raw, json)
Hash identifier:          ugjrIXVhdk4FiAhbZvUWb0KVZORg28DD4ZfWfqa3Ras=
Subject key identifier:   0C:DA:30:11:C4:C1:96:9D:A8:ED:85:9D:9F:C0:13:84:95:4F:F0:A9
Certificate issuer:       /CN=082b303cb49e73e2d2a404583d5f8377ceb02545
Certificate serial:       045E749E
Authority key identifier: 08:2B:30:3C:B4:9E:73:E2:D2:A4:04:58:3D:5F:83:77:CE:B0:25:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CCswPLSec-LSpARYPV-Dd86wJUU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/340eb5-7be0-4bc9-bf2d-b473ce7807ca/1/DNowEcTBlp2o7YWdn8AThJVP8Kk.roa
Signing time:             Sat 01 Jan 2022 08:54:25 +0000
ROA not before:           Sat 01 Jan 2022 08:54:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212865
IP address blocks:        95.214.148.0/22 maxlen: 24
                          194.69.196.0/23 maxlen: 24
                          2.59.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73299102 (0x45e749e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=082b303cb49e73e2d2a404583d5f8377ceb02545
        Validity
            Not Before: Jan  1 08:54:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0cda3011c4c1969da8ed859d9fc01384954ff0a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:21:2e:3d:8b:36:1c:e2:83:86:61:50:ff:59:
                    59:55:fe:a0:f2:9a:4e:91:e2:6d:45:9d:7a:86:21:
                    a5:6f:20:eb:1a:11:97:04:4b:f2:8d:83:2a:49:ac:
                    f3:02:de:e9:0e:99:9e:9b:39:bc:59:e9:1c:a4:ec:
                    c1:f5:15:f7:91:37:3a:dd:b8:33:6c:c5:3f:dd:fe:
                    ca:5d:7f:1e:08:12:b0:4b:22:12:7e:e7:80:6b:72:
                    c2:a5:a4:c3:7b:e8:79:3e:94:fd:dd:51:a0:37:65:
                    eb:e8:1e:ad:ba:70:d4:9b:cf:69:75:9a:3c:9f:6a:
                    48:2c:60:2c:b9:7d:b8:d0:16:23:fb:13:63:fd:cc:
                    27:91:74:3a:d3:b8:9c:d6:1d:97:0a:97:c6:c8:c0:
                    5d:f4:1f:fb:0d:26:d2:36:5f:6b:62:03:33:05:74:
                    86:d5:f1:e5:e7:21:77:f5:00:74:10:74:22:57:a5:
                    f0:44:98:b6:e0:80:68:23:52:cc:a8:ce:f2:30:eb:
                    b3:8f:43:bd:2a:c7:4f:6f:4f:60:62:7a:4f:5c:86:
                    12:6f:00:83:bb:85:a5:3c:97:8e:4c:fd:0c:d0:71:
                    1e:7e:6d:b8:c4:4b:79:64:3a:e7:54:7d:01:77:5a:
                    a3:46:eb:28:b1:38:b7:89:98:b2:6e:3f:46:97:ae:
                    18:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DA:30:11:C4:C1:96:9D:A8:ED:85:9D:9F:C0:13:84:95:4F:F0:A9
            X509v3 Authority Key Identifier:
                keyid:08:2B:30:3C:B4:9E:73:E2:D2:A4:04:58:3D:5F:83:77:CE:B0:25:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CCswPLSec-LSpARYPV-Dd86wJUU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/340eb5-7be0-4bc9-bf2d-b473ce7807ca/1/DNowEcTBlp2o7YWdn8AThJVP8Kk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/340eb5-7be0-4bc9-bf2d-b473ce7807ca/1/CCswPLSec-LSpARYPV-Dd86wJUU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.120.0/22
                  95.214.148.0/22
                  194.69.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:c9:08:65:9e:a4:a7:4e:00:2a:06:d8:d7:ed:7e:f9:92:b9:
         97:f9:75:ed:0f:3b:96:e3:bd:40:74:b0:b8:0b:15:84:2f:c9:
         e8:5a:13:e1:be:09:f2:04:80:d7:bb:a8:26:a5:e9:32:91:5a:
         53:9c:32:89:c5:44:a7:40:ab:12:26:94:6b:a9:42:99:b1:30:
         b9:08:08:a4:df:63:98:db:27:7f:11:e1:5d:f2:2c:49:f4:67:
         52:4b:62:96:82:fc:08:3c:45:30:4b:c2:e2:9d:eb:0b:a9:4e:
         41:eb:9e:ee:b3:ff:9a:9b:7a:07:69:47:e9:76:4c:bb:72:1d:
         6d:f3:c4:67:dd:62:b8:15:63:7d:03:fc:5c:b2:54:b4:36:e7:
         eb:74:47:6e:76:94:e9:f7:b6:1e:89:49:bb:41:08:1e:1d:d8:
         12:e7:9b:07:e7:30:af:48:ec:0d:b2:ee:f5:07:ef:58:30:b1:
         d9:e6:3c:62:ea:82:57:f0:c9:90:97:cc:79:a7:35:98:b3:01:
         62:5a:0a:50:20:66:e9:76:42:6b:72:cf:d6:60:9e:3f:2d:78:
         36:51:67:af:20:24:79:9a:da:7e:8c:40:e9:17:5a:85:97:4e:
         3b:c9:c2:9b:b1:dc:2d:aa:aa:e8:ed:57:2a:5f:21:48:47:44:
         78:ee:33:f0
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBF50njANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODJiMzAzY2I0OWU3M2UyZDJhNDA0NTgzZDVmODM3N2NlYjAyNTQ1MB4XDTIyMDEw
MTA4NTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNkYTMwMTFjNGMx
OTY5ZGE4ZWQ4NTlkOWZjMDEzODQ5NTRmZjBhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkhLj2LNhzig4ZhUP9ZWVX+oPKaTpHibUWdeoYhpW8g6xoR
lwRL8o2DKkms8wLe6Q6Znps5vFnpHKTswfUV95E3Ot24M2zFP93+yl1/HggSsEsi
En7ngGtywqWkw3voeT6U/d1RoDdl6+gerbpw1JvPaXWaPJ9qSCxgLLl9uNAWI/sT
Y/3MJ5F0OtO4nNYdlwqXxsjAXfQf+w0m0jZfa2IDMwV0htXx5echd/UAdBB0Ilel
8ESYtuCAaCNSzKjO8jDrs49DvSrHT29PYGJ6T1yGEm8Ag7uFpTyXjkz9DNBxHn5t
uMRLeWQ651R9AXdao0brKLE4t4mYsm4/RpeuGP8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQM2jARxMGWnajthZ2fwBOElU/wqTAfBgNVHSMEGDAWgBQIKzA8tJ5z4tKk
BFg9X4N3zrAlRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NDc3dQTFNlYy1MU3BBUllQVi1EZDg2d0pVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvMzQwZWI1LTdiZTAtNGJjOS1iZjJkLWI0NzNjZTc4MDdjYS8x
L0ROb3dFY1RCbHAybzdZV2RuOEFUaEpWUDhLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
MzQwZWI1LTdiZTAtNGJjOS1iZjJkLWI0NzNjZTc4MDdjYS8xL0NDc3dQTFNlYy1M
U3BBUllQVi1EZDg2d0pVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgI7eAMEAl/WlAMEAcJFxDANBgkq
hkiG9w0BAQsFAAOCAQEAj8kIZZ6kp04AKgbY1+1++ZK5l/l17Q87luO9QHSwuAsV
hC/J6FoT4b4J8gSA17uoJqXpMpFaU5wyicVEp0CrEiaUa6lCmbEwuQgIpN9jmNsn
fxHhXfIsSfRnUktiloL8CDxFMEvC4p3rC6lOQeue7rP/mpt6B2lH6XZMu3IdbfPE
Z91iuBVjfQP8XLJUtDbn63RHbnaU6fe2HolJu0EIHh3YEuebB+cwr0jsDbLu9Qfv
WDCx2eY8YuqCV/DJkJfMeac1mLMBYloKUCBm6XZCa3LP1mCePy14NlFnryAkeZra
foxA6RdahZdOO8nCm7HcLaqq6O1XKl8hSEdEeO4z8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org