Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/s3NzOm_zCKRnsh5dCNuT79xMZ4M.roa
File:                     s3NzOm_zCKRnsh5dCNuT79xMZ4M.roa (raw, json)
Hash identifier:          OrutgJ8X1Z5bjPZI+Z6DTtB6xgTVYTFARvUQuG931EE=
Subject key identifier:   B3:73:73:3A:6F:F3:08:A4:67:B2:1E:5D:08:DB:93:EF:DC:4C:67:83
Certificate issuer:       /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial:       0181D7A47732BE0761B9FF174C20A9B088E4
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/s3NzOm_zCKRnsh5dCNuT79xMZ4M.roa
Signing time:             Thu 07 Jul 2022 07:51:28 +0000
ROA not before:           Thu 07 Jul 2022 07:51:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        95.214.176.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d7:a4:77:32:be:07:61:b9:ff:17:4c:20:a9:b0:88:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
        Validity
            Not Before: Jul  7 07:51:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b373733a6ff308a467b21e5d08db93efdc4c6783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c0:77:b5:02:9b:f8:f0:2c:42:de:9f:d0:0c:
                    94:06:4a:83:78:13:45:f0:91:72:c6:93:e1:33:56:
                    99:10:84:85:07:0a:53:a4:a8:33:d4:b4:5e:db:c2:
                    b2:84:9d:c0:f8:04:45:9c:d0:e3:f5:6f:53:41:32:
                    18:f5:2f:44:a3:58:ac:78:7b:a8:f0:6a:25:db:98:
                    52:f7:3c:3c:42:a8:16:00:ad:bc:ff:7c:15:a8:e3:
                    65:94:c0:1e:a3:9a:3d:ba:b9:c0:24:06:b5:80:64:
                    27:4a:47:e9:53:37:3c:1f:5f:82:c7:b9:95:01:b6:
                    96:90:d1:b6:80:7d:b7:04:4e:54:3f:a4:ed:6f:81:
                    e2:cc:2e:05:de:cc:0f:85:fe:96:ff:11:3e:7a:e5:
                    47:d1:7f:9d:85:ce:ba:3c:cb:b7:d0:ba:66:34:9f:
                    5c:40:4b:35:ad:18:b4:ba:a4:e3:3a:01:37:4b:37:
                    62:01:03:12:d0:f6:70:d9:34:dd:1a:dc:4f:94:42:
                    ed:16:f4:a4:26:86:42:5a:e0:32:93:0d:2d:b3:86:
                    f5:df:f9:7f:b1:67:f0:6b:a1:a7:cc:b2:98:30:ed:
                    c4:ef:bd:a1:24:f7:f5:c8:48:f9:4f:00:4e:03:59:
                    57:13:fc:25:c3:ef:46:0d:31:40:47:38:84:76:8f:
                    7d:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:73:73:3A:6F:F3:08:A4:67:B2:1E:5D:08:DB:93:EF:DC:4C:67:83
            X509v3 Authority Key Identifier:
                keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/s3NzOm_zCKRnsh5dCNuT79xMZ4M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.214.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:74:44:ee:cd:23:f8:14:ac:f0:5a:d6:45:54:5e:38:d1:df:
         37:95:ce:aa:c8:73:33:a2:eb:0f:a7:06:60:74:b7:70:da:df:
         48:ac:36:f0:e5:cc:ad:68:4c:65:a8:17:c9:d8:1b:39:16:58:
         8d:c3:79:ff:06:1b:78:f0:27:43:8e:d2:f2:f8:01:c3:cd:19:
         ca:53:c6:ca:b9:3f:76:29:41:63:89:38:48:cc:69:2e:a3:f6:
         33:27:fc:0c:6b:28:a5:c1:dc:3c:a4:9e:11:11:8c:3e:f5:53:
         57:68:05:e1:16:7e:00:1f:dd:43:96:88:fe:21:16:9a:1d:96:
         27:bb:a4:d3:d7:d5:d3:e2:73:41:4c:43:18:00:7d:fd:c2:dd:
         fc:2c:03:1d:97:32:88:69:77:ef:f2:63:e1:df:2c:54:2b:c5:
         65:b5:05:b9:9e:8e:66:ea:60:51:d2:41:ed:89:38:b9:d3:95:
         f0:84:ba:d4:0a:8f:35:97:ce:ba:8e:44:b9:b3:b8:23:5a:c8:
         d0:a6:71:34:75:37:7a:63:68:14:28:ed:2b:a0:67:0e:68:03:
         08:23:a3:ab:3e:00:66:84:3d:d7:b2:36:97:05:1a:41:22:88:
         14:7e:03:1e:13:b5:12:b3:11:5d:d6:e5:b6:09:e6:01:9f:2d:
         3c:85:2d:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHXpHcyvgdhuf8XTCCpsIjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjIwNzA3MDc1MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzczNzMzYTZmZjMwOGE0NjdiMjFlNWQwOGRiOTNlZmRjNGM2NzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMB3tQKb+PAsQt6f0AyUBkqDeBNF
8JFyxpPhM1aZEISFBwpTpKgz1LRe28KyhJ3A+ARFnNDj9W9TQTIY9S9Eo1iseHuo
8Gol25hS9zw8QqgWAK28/3wVqONllMAeo5o9urnAJAa1gGQnSkfpUzc8H1+Cx7mV
AbaWkNG2gH23BE5UP6Ttb4HizC4F3swPhf6W/xE+euVH0X+dhc66PMu30LpmNJ9c
QEs1rRi0uqTjOgE3SzdiAQMS0PZw2TTdGtxPlELtFvSkJoZCWuAykw0ts4b13/l/
sWfwa6GnzLKYMO3E772hJPf1yEj5TwBOA1lXE/wlw+9GDTFARziEdo99+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNzczpv8wikZ7IeXQjbk+/cTGeDMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvczNOek9tX3pDS1Juc2g1ZENOdVQ3OXhNWjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9awMA0G
CSqGSIb3DQEBCwUAA4IBAQCgdETuzSP4FKzwWtZFVF440d83lc6qyHMzousPpwZg
dLdw2t9IrDbw5cytaExlqBfJ2Bs5FliNw3n/Bht48CdDjtLy+AHDzRnKU8bKuT92
KUFjiThIzGkuo/YzJ/wMayilwdw8pJ4REYw+9VNXaAXhFn4AH91Dloj+IRaaHZYn
u6TT19XT4nNBTEMYAH39wt38LAMdlzKIaXfv8mPh3yxUK8VltQW5no5m6mBR0kHt
iTi505XwhLrUCo81l866jkS5s7gjWsjQpnE0dTd6Y2gUKO0roGcOaAMII6OrPgBm
hD3XsjaXBRpBIogUfgMeE7USsxFd1uW2CeYBny08hS1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:49 2024 by rpki-client on console-ams.rpki-client.org