Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/YbvTaqLDd07GLej95DPzSLUX2-0.roa
File:                     YbvTaqLDd07GLej95DPzSLUX2-0.roa (raw, json)
Hash identifier:          xGmuufS5gVQLEkPyTchttRyWrh/oKHFoCTLw3DJpP1w=
Subject key identifier:   61:BB:D3:6A:A2:C3:77:4E:C6:2D:E8:FD:E4:33:F3:48:B5:17:DB:ED
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       08C080EB
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/YbvTaqLDd07GLej95DPzSLUX2-0.roa
Signing time:             Thu 19 May 2022 12:57:30 +0000
ROA not before:           Thu 19 May 2022 12:57:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        95.214.176.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146833643 (0x8c080eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: May 19 12:57:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61bbd36aa2c3774ec62de8fde433f348b517dbed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5e:c3:d7:55:54:bd:4e:26:6a:69:42:42:57:
                    06:0f:ab:af:44:c9:35:24:d9:50:e5:48:a9:08:51:
                    65:da:ae:ef:3d:8b:fd:6e:68:5f:18:c6:7f:35:b9:
                    9d:26:80:5e:49:27:34:8d:ba:46:f7:3b:6f:8c:88:
                    69:77:e4:c0:c5:39:4c:84:21:32:9f:bf:aa:37:04:
                    9a:a0:dd:af:15:24:42:e2:ea:80:d4:5f:58:15:56:
                    39:aa:40:b0:cc:e0:75:bf:25:f1:36:cf:e2:c8:8d:
                    d9:29:47:b2:26:f4:73:a6:39:9d:74:bc:db:f3:53:
                    36:55:1b:c9:20:a6:a8:08:4b:63:69:db:45:75:2d:
                    81:67:d6:46:5a:1d:55:4e:18:8f:e6:bc:63:a6:51:
                    b3:45:d5:a5:88:34:e9:6f:06:2a:0d:5a:8a:69:dd:
                    96:cf:2c:6e:5f:a7:1a:46:d1:b5:f4:b2:52:f4:e9:
                    04:b5:f5:b3:03:5d:09:08:3c:6c:f7:d1:c8:03:eb:
                    c3:25:19:b2:21:bc:a7:d3:69:52:d7:d4:2a:88:84:
                    d2:ca:89:9c:50:c5:2b:cc:b0:9e:b1:9f:34:35:8d:
                    41:1f:7b:92:09:f3:d2:d1:ab:7b:20:67:cd:69:dd:
                    f6:c0:85:73:fd:56:e7:47:47:f5:93:6f:d9:de:e2:
                    6a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:BB:D3:6A:A2:C3:77:4E:C6:2D:E8:FD:E4:33:F3:48:B5:17:DB:ED
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/YbvTaqLDd07GLej95DPzSLUX2-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c7:d4:6b:fa:9d:f9:ba:79:79:62:67:86:2a:82:4c:e8:cc:00:
         45:30:af:31:fd:74:f7:b2:98:ac:e4:18:77:b5:e9:9d:ba:1e:
         b0:b0:48:1d:b2:93:e7:5c:3f:f9:b7:cf:fb:a4:08:f2:56:de:
         ba:80:55:d9:19:29:a1:0d:fa:cf:ae:5d:db:31:90:d2:41:92:
         ef:65:4d:f1:d9:ed:a5:42:3f:41:41:46:5f:91:48:fc:3a:af:
         44:0e:46:80:80:fb:d7:43:48:46:ba:4d:a1:be:c2:a7:87:58:
         a6:a7:e4:8c:58:d2:41:67:76:66:ed:02:e9:ad:f3:9e:96:ac:
         f7:66:5e:00:e9:32:38:ea:c5:36:40:e9:aa:9a:bc:6c:57:35:
         83:0e:5c:8a:b9:74:8a:c7:6f:15:11:13:5b:a9:79:35:ed:e3:
         be:62:fa:c7:ed:0d:88:d8:f6:08:39:bc:61:90:55:17:58:b1:
         0c:57:eb:13:ad:b0:ee:c8:fb:fd:07:b5:60:73:1a:8a:86:bc:
         86:a3:34:39:50:e2:48:0e:b2:28:43:f7:82:04:9f:4a:e5:37:
         14:eb:8c:95:b8:e9:87:69:5f:a0:a1:71:12:1e:49:fd:bb:15:
         70:5d:27:86:80:d7:87:c4:a5:34:e8:81:26:a5:1d:06:e2:55:
         46:7d:08:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMCA6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDUx
OTEyNTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFiYmQzNmFhMmMz
Nzc0ZWM2MmRlOGZkZTQzM2YzNDhiNTE3ZGJlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBew9dVVL1OJmppQkJXBg+rr0TJNSTZUOVIqQhRZdqu7z2L
/W5oXxjGfzW5nSaAXkknNI26Rvc7b4yIaXfkwMU5TIQhMp+/qjcEmqDdrxUkQuLq
gNRfWBVWOapAsMzgdb8l8TbP4siN2SlHsib0c6Y5nXS82/NTNlUbySCmqAhLY2nb
RXUtgWfWRlodVU4Yj+a8Y6ZRs0XVpYg06W8GKg1aimndls8sbl+nGkbRtfSyUvTp
BLX1swNdCQg8bPfRyAPrwyUZsiG8p9NpUtfUKoiE0sqJnFDFK8ywnrGfNDWNQR97
kgnz0tGreyBnzWnd9sCFc/1W50dH9ZNv2d7iap0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhu9NqosN3TsYt6P3kM/NItRfb7TAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L1lidlRhcUxEZDA3R0xlajk1RFB6U0xVWDItMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl/WsDANBgkqhkiG9w0BAQsFAAOC
AQEAx9Rr+p35unl5YmeGKoJM6MwARTCvMf1097KYrOQYd7XpnboesLBIHbKT51w/
+bfP+6QI8lbeuoBV2RkpoQ36z65d2zGQ0kGS72VN8dntpUI/QUFGX5FI/DqvRA5G
gID710NIRrpNob7Cp4dYpqfkjFjSQWd2Zu0C6a3znpas92ZeAOkyOOrFNkDpqpq8
bFc1gw5cirl0isdvFRETW6l5Ne3jvmL6x+0NiNj2CDm8YZBVF1ixDFfrE62w7sj7
/Qe1YHMaioa8hqM0OVDiSA6yKEP3ggSfSuU3FOuMlbjph2lfoKFxEh5J/bsVcF0n
hoDXh8SlNOiBJqUdBuJVRn0Iag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:43 2024 by rpki-client on console-ams.rpki-client.org