Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/e96-TNSNSN-7dwttWJGdw9c33Q0.roa
File:                     e96-TNSNSN-7dwttWJGdw9c33Q0.roa (raw, json)
Hash identifier:          N/U5rFBhl06Tfu7c/jAkqn+3dgqmthzPdRR4zpmg7+k=
Subject key identifier:   7B:DE:BE:4C:D4:8D:48:DF:BB:77:0B:6D:58:91:9D:C3:D7:37:DD:0D
Certificate issuer:       /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial:       0182C508F88693BEA2377632FBB81FBC4607
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/e96-TNSNSN-7dwttWJGdw9c33Q0.roa
Signing time:             Mon 22 Aug 2022 10:11:15 +0000
ROA not before:           Mon 22 Aug 2022 10:11:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203678
IP address blocks:        185.125.140.0/24 maxlen: 24
                          185.125.140.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c5:08:f8:86:93:be:a2:37:76:32:fb:b8:1f:bc:46:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
        Validity
            Not Before: Aug 22 10:11:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7bdebe4cd48d48dfbb770b6d58919dc3d737dd0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:69:88:14:18:09:e5:95:24:1c:9e:21:d5:cb:
                    fb:9b:a8:36:6f:ad:f8:66:14:83:ab:e2:c6:0e:3f:
                    b3:28:c5:c2:a0:b0:b4:b9:a5:e1:f3:ca:01:4e:db:
                    4c:de:ff:2d:a1:10:86:f6:db:82:53:9b:09:da:a2:
                    3a:b7:7a:2b:d3:f0:d8:63:1a:62:25:3d:3c:56:b8:
                    1c:4c:79:8e:3c:fe:e7:77:40:9f:ee:7a:be:5d:fb:
                    64:5c:50:f3:5d:94:91:42:20:b1:aa:3a:81:c5:7f:
                    70:78:9b:e3:fb:49:63:8a:d8:d9:b8:b0:47:71:b0:
                    52:22:c8:50:4a:38:00:38:49:b0:cc:3b:b8:a8:de:
                    db:f9:2b:3a:0d:e9:9e:f1:60:2b:48:64:d7:39:44:
                    15:4c:09:d5:77:6a:be:9d:77:19:a7:b3:63:12:6b:
                    4b:8a:89:a5:d5:8b:80:da:94:24:f7:32:c4:22:46:
                    6f:9b:e2:27:1a:8b:2e:62:3b:3f:c2:c7:3b:51:a8:
                    4b:52:13:d8:fc:4d:cd:df:5e:b4:56:a4:34:61:7d:
                    55:ef:f5:ed:89:1a:20:13:fb:bc:46:9a:78:e6:50:
                    93:93:00:50:2f:c1:bc:9b:83:bc:94:ca:7e:3b:95:
                    f0:0d:d4:56:96:e3:ae:64:b7:59:43:4c:ff:a2:2a:
                    3b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:DE:BE:4C:D4:8D:48:DF:BB:77:0B:6D:58:91:9D:C3:D7:37:DD:0D
            X509v3 Authority Key Identifier:
                keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/e96-TNSNSN-7dwttWJGdw9c33Q0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a6:fc:7f:15:a1:eb:f5:20:84:a3:59:38:14:bf:ef:ad:0c:a1:
         54:7c:51:3f:c9:f6:08:83:75:92:c8:73:5b:d3:b9:1d:03:d2:
         0d:58:c2:f7:3b:25:11:d4:f3:4a:8f:44:c6:53:75:4e:49:09:
         90:f8:e0:04:00:7f:2b:53:91:c8:b8:ab:be:0a:f7:68:a0:d7:
         eb:5a:b9:f3:79:38:d4:d3:2d:cc:11:b9:55:3b:c3:3b:5d:54:
         87:d7:a9:3f:46:ed:c1:26:85:71:55:90:d7:86:b4:45:3d:cd:
         99:07:59:19:0b:fb:0e:03:16:6e:e9:4c:bd:25:a3:c6:fb:74:
         25:a1:c3:6c:4c:c0:45:38:66:3c:d5:9e:72:d7:e1:9a:91:cb:
         f6:b8:29:88:ec:8a:00:d3:bb:4f:18:a2:68:0a:bd:5f:f8:3b:
         b7:53:61:7c:51:9a:2a:52:41:a6:76:41:6c:a7:aa:55:a2:f0:
         93:6c:26:2a:49:e4:f1:5c:87:cb:4a:a8:c4:0e:c6:8d:b3:e3:
         58:4e:90:00:38:54:9b:27:4f:1a:bf:a6:75:2f:f3:ec:83:96:
         8c:9e:d2:68:a5:db:c8:c8:6a:7c:8e:b3:ba:61:d3:6c:45:b8:
         ae:93:32:be:08:08:f4:f1:9d:67:8d:4f:b7:76:b3:b3:5e:e2:
         33:2c:42:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLFCPiGk76iN3Yy+7gfvEYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjIwODIyMTAxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmRlYmU0Y2Q0OGQ0OGRmYmI3NzBiNmQ1ODkxOWRjM2Q3MzdkZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2mIFBgJ5ZUkHJ4h1cv7m6g2b634
ZhSDq+LGDj+zKMXCoLC0uaXh88oBTttM3v8toRCG9tuCU5sJ2qI6t3or0/DYYxpi
JT08VrgcTHmOPP7nd0Cf7nq+XftkXFDzXZSRQiCxqjqBxX9weJvj+0ljitjZuLBH
cbBSIshQSjgAOEmwzDu4qN7b+Ss6Deme8WArSGTXOUQVTAnVd2q+nXcZp7NjEmtL
ioml1YuA2pQk9zLEIkZvm+InGosuYjs/wsc7UahLUhPY/E3N3160VqQ0YX1V7/Xt
iRogE/u8Rpp45lCTkwBQL8G8m4O8lMp+O5XwDdRWluOuZLdZQ0z/oio77QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvevkzUjUjfu3cLbViRncPXN90NMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvZTk2LVROU05TTi03ZHd0dFdKR2R3OWMzM1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX2MMA0G
CSqGSIb3DQEBCwUAA4IBAQCm/H8Voev1IISjWTgUv++tDKFUfFE/yfYIg3WSyHNb
07kdA9INWML3OyUR1PNKj0TGU3VOSQmQ+OAEAH8rU5HIuKu+CvdooNfrWrnzeTjU
0y3MEblVO8M7XVSH16k/Ru3BJoVxVZDXhrRFPc2ZB1kZC/sOAxZu6Uy9JaPG+3Ql
ocNsTMBFOGY81Z5y1+Gakcv2uCmI7IoA07tPGKJoCr1f+Du3U2F8UZoqUkGmdkFs
p6pVovCTbCYqSeTxXIfLSqjEDsaNs+NYTpAAOFSbJ08av6Z1L/Psg5aMntJopdvI
yGp8jrO6YdNsRbiukzK+CAj08Z1njU+3drOzXuIzLEKF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:25 2024 by rpki-client on console-ams.rpki-client.org