Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Z1pUMvRpf0n4kzuDzRU77qutkoA.roa
File:                     Z1pUMvRpf0n4kzuDzRU77qutkoA.roa (raw, json)
Hash identifier:          lxe4UZA6fOKxaY/YjW78Znnzcqmz/eQ3DCUxPJwbAas=
Subject key identifier:   67:5A:54:32:F4:69:7F:49:F8:93:3B:83:CD:15:3B:EE:AB:AD:92:80
Certificate issuer:       /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial:       136A1B54
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Z1pUMvRpf0n4kzuDzRU77qutkoA.roa
Signing time:             Sat 01 Jan 2022 15:02:11 +0000
ROA not before:           Sat 01 Jan 2022 15:02:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47796
IP address blocks:        176.122.210.0/24 maxlen: 24
                          176.122.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 325720916 (0x136a1b54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
        Validity
            Not Before: Jan  1 15:02:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=675a5432f4697f49f8933b83cd153beeabad9280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:30:80:a1:1d:7d:81:72:f2:58:10:2d:98:c9:
                    cc:5d:d1:4b:f8:59:13:6d:9e:57:2f:8b:41:98:b6:
                    2f:40:63:fe:23:86:70:c3:8a:2f:70:08:e5:8e:af:
                    33:c3:64:2c:18:e9:ff:36:60:d2:fe:07:a7:96:9e:
                    a4:09:11:19:61:09:cd:82:0b:28:98:ce:65:91:d4:
                    e9:4c:a2:bb:72:30:96:4d:f7:a5:28:bf:65:7a:b0:
                    c3:d8:e0:55:ee:e8:58:fb:31:3f:9d:45:b7:f2:71:
                    d1:87:8a:54:f3:2d:a8:ed:c8:2c:b4:f7:f0:df:7c:
                    00:2d:c9:83:ff:10:cd:5d:24:fd:43:40:7d:88:46:
                    38:c6:80:fe:99:e4:a3:e6:09:61:4f:67:e8:e7:00:
                    60:8c:e9:f0:6a:fc:d7:e2:b7:0a:c4:10:dc:78:2f:
                    95:d6:9d:45:ad:fb:f4:8b:26:03:ef:26:57:74:d2:
                    16:94:5a:52:26:b9:82:40:2a:27:df:42:9f:f4:39:
                    ae:f9:09:5a:31:70:f1:ac:19:76:fc:e2:54:40:b0:
                    ee:3c:4a:71:cd:71:ae:4d:a8:dc:04:e4:d7:f9:17:
                    c1:79:2c:5a:46:48:08:35:a3:e6:d7:28:cd:a4:87:
                    0d:2d:04:22:b5:89:54:1c:65:c0:fc:24:75:f0:bf:
                    dd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:5A:54:32:F4:69:7F:49:F8:93:3B:83:CD:15:3B:EE:AB:AD:92:80
            X509v3 Authority Key Identifier:
                keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/Z1pUMvRpf0n4kzuDzRU77qutkoA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.122.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:4a:93:3f:e5:3c:06:02:dd:5e:da:8b:ec:12:9d:7d:de:a1:
         06:d2:d4:d0:0f:55:65:5d:f1:93:46:e5:da:e3:70:64:fd:b3:
         19:8e:c1:5e:98:3a:7e:79:85:47:c3:d3:f7:88:63:f5:7b:ac:
         be:d8:3d:6f:cf:a4:05:65:07:77:fd:61:60:1a:7d:0e:ff:73:
         d5:95:ea:b2:f8:77:d0:74:54:43:ae:a2:59:c3:1c:2a:8a:a8:
         aa:77:92:a3:23:25:e1:57:d9:14:f0:43:37:48:05:be:83:2c:
         43:70:b4:69:9e:d9:e1:3c:28:f2:3c:eb:6c:db:a2:32:6f:38:
         e3:f4:0f:c5:65:8f:7c:4e:68:f0:08:ba:50:55:f3:df:b0:fb:
         e3:ab:21:b6:b8:9d:b2:4c:68:08:12:0d:1e:35:3d:ff:8b:1b:
         bd:fd:fc:70:d4:91:6e:a8:fb:e6:46:1e:a1:c5:5b:90:3d:38:
         02:9d:d7:3a:99:4a:f6:ef:a9:d7:96:6c:d3:c0:98:36:d2:39:
         54:b2:82:1b:dc:c5:d3:1e:12:13:24:17:30:44:1c:ab:01:8c:
         97:b9:74:8b:14:27:a3:b1:95:ce:8e:de:b2:4c:39:aa:cc:82:
         1d:ab:55:4e:0e:a1:83:f9:21:8c:43:9a:3e:f6:06:25:fe:4d:
         d3:c9:33:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE2obVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGRmMGJkMDRhYTg0M2U2ODA4MmY2ZGVjZTA3OTg3MzJiNmY4ODMyMB4XDTIyMDEw
MTE1MDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc1YTU0MzJmNDY5
N2Y0OWY4OTMzYjgzY2QxNTNiZWVhYmFkOTI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcwgKEdfYFy8lgQLZjJzF3RS/hZE22eVy+LQZi2L0Bj/iOG
cMOKL3AI5Y6vM8NkLBjp/zZg0v4Hp5aepAkRGWEJzYILKJjOZZHU6Uyiu3Iwlk33
pSi/ZXqww9jgVe7oWPsxP51Ft/Jx0YeKVPMtqO3ILLT38N98AC3Jg/8QzV0k/UNA
fYhGOMaA/pnko+YJYU9n6OcAYIzp8Gr81+K3CsQQ3HgvldadRa379IsmA+8mV3TS
FpRaUia5gkAqJ99Cn/Q5rvkJWjFw8awZdvziVECw7jxKcc1xrk2o3ATk1/kXwXks
WkZICDWj5tcozaSHDS0EIrWJVBxlwPwkdfC/3XsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnWlQy9Gl/SfiTO4PNFTvuq62SgDAfBgNVHSMEGDAWgBTE3wvQSqhD5oCC
9t7OB5hzK2+IMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hOOEwwRXFvUS1hQWd2YmV6Z2VZY3l0dmlESS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvOTVkZTIxLTBmYmMtNGQxMy1iNmUwLWNiOWUxZWQ3NzlhYy8x
L1oxcFVNdlJwZjBuNGt6dUR6UlU3N3F1dGtvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
OTVkZTIxLTBmYmMtNGQxMy1iNmUwLWNiOWUxZWQ3NzlhYy8xL3hOOEwwRXFvUS1h
QWd2YmV6Z2VZY3l0dmlESS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbB60jANBgkqhkiG9w0BAQsFAAOC
AQEARUqTP+U8BgLdXtqL7BKdfd6hBtLU0A9VZV3xk0bl2uNwZP2zGY7BXpg6fnmF
R8PT94hj9Xusvtg9b8+kBWUHd/1hYBp9Dv9z1ZXqsvh30HRUQ66iWcMcKoqoqneS
oyMl4VfZFPBDN0gFvoMsQ3C0aZ7Z4Two8jzrbNuiMm844/QPxWWPfE5o8Ai6UFXz
37D746shtridskxoCBINHjU9/4sbvf38cNSRbqj75kYeocVbkD04Ap3XOplK9u+p
15Zs08CYNtI5VLKCG9zF0x4SEyQXMEQcqwGMl7l0ixQno7GVzo7eskw5qsyCHatV
Tg6hg/khjEOaPvYGJf5N08kzpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:51 2024 by rpki-client on console-ams.rpki-client.org