Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/PsIwqX6sdVPPtoAnrGO63H_CxTs.roa
File:                     PsIwqX6sdVPPtoAnrGO63H_CxTs.roa (raw, json)
Hash identifier:          iaONhDLmmRe5mUq75gIpQlU2EfUGwnDoz1uqJmyi4f8=
Subject key identifier:   3E:C2:30:A9:7E:AC:75:53:CF:B6:80:27:AC:63:BA:DC:7F:C2:C5:3B
Certificate issuer:       /CN=e6502200a6e63f76397adb94dfd834c116809b9f
Certificate serial:       56DCAA
Authority key identifier: E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/PsIwqX6sdVPPtoAnrGO63H_CxTs.roa
Signing time:             Fri 01 Jul 2022 13:18:25 +0000
ROA not before:           Fri 01 Jul 2022 13:18:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48067
IP address blocks:        195.238.90.0/23 maxlen: 24
                          195.238.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5692586 (0x56dcaa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6502200a6e63f76397adb94dfd834c116809b9f
        Validity
            Not Before: Jul  1 13:18:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ec230a97eac7553cfb68027ac63badc7fc2c53b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d4:64:cb:85:4f:03:f1:10:de:31:8f:22:f9:
                    3b:49:ff:ba:41:eb:da:d2:78:37:18:e9:d7:a2:45:
                    59:60:4c:e9:4f:06:b8:7d:4e:16:cd:f3:f3:50:94:
                    d6:65:1d:a9:e0:a3:b6:f4:69:a8:70:19:6c:1f:0b:
                    1e:57:95:86:8a:11:3c:3a:1c:c1:bc:2b:b2:cf:61:
                    e9:94:3a:5f:c6:b8:5c:7a:db:48:2e:5d:87:7d:6e:
                    79:41:8f:eb:25:7d:b9:30:7c:37:f3:af:e9:67:73:
                    9f:92:a3:0f:8a:da:93:a3:73:98:79:0a:ce:fc:d0:
                    33:32:fc:65:ae:8b:1b:34:5f:2f:f9:98:33:6e:64:
                    bb:de:26:98:48:07:a2:39:d4:af:78:47:ff:d4:d4:
                    fd:e3:29:cd:a4:a7:0d:07:a0:e1:23:66:58:40:1e:
                    cf:bd:2a:2c:1b:57:de:3f:54:2f:b1:a0:cd:cb:08:
                    ce:9f:68:7a:63:23:b4:a7:eb:0e:5e:90:0e:7d:f0:
                    ef:2a:c7:98:9e:29:44:5a:33:b9:13:b7:6a:22:df:
                    9b:c2:c5:d7:79:09:0c:89:ad:b1:bd:6b:d5:68:30:
                    ef:51:8c:8d:19:e7:16:0c:cc:d4:81:c0:2f:ed:57:
                    61:40:8e:c1:d9:55:60:e2:57:f2:7b:9e:72:44:57:
                    f5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:C2:30:A9:7E:AC:75:53:CF:B6:80:27:AC:63:BA:DC:7F:C2:C5:3B
            X509v3 Authority Key Identifier:
                keyid:E6:50:22:00:A6:E6:3F:76:39:7A:DB:94:DF:D8:34:C1:16:80:9B:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lAiAKbmP3Y5etuU39g0wRaAm58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/PsIwqX6sdVPPtoAnrGO63H_CxTs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/9ff602-b0bd-4c3f-af94-2fc34ad9dd47/1/5lAiAKbmP3Y5etuU39g0wRaAm58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.238.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8e:f2:45:0f:06:61:77:e4:a6:07:25:90:12:f8:6b:91:94:b7:
         98:89:9c:2e:06:8b:64:fe:1c:8c:f7:8d:c6:c7:7d:17:81:80:
         86:75:a6:2f:c8:31:30:3a:8d:84:19:05:cd:ee:6e:6f:b7:02:
         c9:14:0b:22:1f:9e:64:be:1d:9f:77:9a:05:32:b3:90:27:69:
         e4:b6:32:1f:1e:a7:65:33:0e:f5:17:af:39:2a:e3:4c:c5:16:
         48:94:86:8b:03:cb:b8:cf:37:8d:2e:8b:49:11:84:c5:02:a4:
         59:5b:8a:c4:96:a9:c2:f0:1d:40:b7:06:bd:3b:2d:1b:5a:31:
         f8:b2:92:9f:4b:4d:51:da:57:a6:74:f6:66:6b:81:1b:28:4f:
         8d:3f:c7:91:e4:8e:e0:1a:f5:82:73:5d:46:35:c6:6c:1f:71:
         0e:0e:67:2d:60:40:fe:f9:e2:7c:ab:16:05:36:86:6f:36:22:
         d5:5d:25:76:29:f3:d2:66:3d:b7:48:c7:8e:49:a0:83:3d:65:
         2d:0f:46:13:7c:a4:fe:8a:03:89:b3:71:7e:9a:5d:d5:a5:c8:
         43:11:11:d6:f5:98:92:1d:8d:26:bf:25:45:62:a6:4d:15:ae:
         51:fb:95:bb:3a:51:29:9c:6a:01:82:fa:14:98:6b:7d:43:ad:
         44:a3:e3:10
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDVtyqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU2
NTAyMjAwYTZlNjNmNzYzOTdhZGI5NGRmZDgzNGMxMTY4MDliOWYwHhcNMjIwNzAx
MTMxODI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzZWMyMzBhOTdlYWM3
NTUzY2ZiNjgwMjdhYzYzYmFkYzdmYzJjNTNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkNRky4VPA/EQ3jGPIvk7Sf+6Qeva0ng3GOnXokVZYEzpTwa4
fU4WzfPzUJTWZR2p4KO29GmocBlsHwseV5WGihE8OhzBvCuyz2HplDpfxrhcettI
Ll2HfW55QY/rJX25MHw386/pZ3OfkqMPitqTo3OYeQrO/NAzMvxlrosbNF8v+Zgz
bmS73iaYSAeiOdSveEf/1NT94ynNpKcNB6DhI2ZYQB7PvSosG1feP1QvsaDNywjO
n2h6YyO0p+sOXpAOffDvKseYnilEWjO5E7dqIt+bwsXXeQkMia2xvWvVaDDvUYyN
GecWDMzUgcAv7VdhQI7B2VVg4lfye55yRFf1hwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFD7CMKl+rHVTz7aAJ6xjutx/wsU7MB8GA1UdIwQYMBaAFOZQIgCm5j92OXrb
lN/YNMEWgJufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NWxBaUFLYm1QM1k1ZXR1VTM5ZzB3UmFBbTU4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jYy85ZmY2MDItYjBiZC00YzNmLWFmOTQtMmZjMzRhZDlkZDQ3LzEv
UHNJd3FYNnNkVlBQdG9BbnJHTzYzSF9DeFRzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy85
ZmY2MDItYjBiZC00YzNmLWFmOTQtMmZjMzRhZDlkZDQ3LzEvNWxBaUFLYm1QM1k1
ZXR1VTM5ZzB3UmFBbTU4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+5aMA0GCSqGSIb3DQEBCwUAA4IB
AQCO8kUPBmF35KYHJZAS+GuRlLeYiZwuBotk/hyM943Gx30XgYCGdaYvyDEwOo2E
GQXN7m5vtwLJFAsiH55kvh2fd5oFMrOQJ2nktjIfHqdlMw71F685KuNMxRZIlIaL
A8u4zzeNLotJEYTFAqRZW4rElqnC8B1Atwa9Oy0bWjH4spKfS01R2lemdPZma4Eb
KE+NP8eR5I7gGvWCc11GNcZsH3EODmctYED++eJ8qxYFNoZvNiLVXSV2KfPSZj23
SMeOSaCDPWUtD0YTfKT+igOJs3F+ml3VpchDERHW9ZiSHY0mvyVFYqZNFa5R+5W7
OlEpnGoBgvoUmGt9Q61Eo+MQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:09 2024 by rpki-client on console-fra.rpki-client.org