Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/0HZdCtgkeOWAf5TDRe4P7FD_qKg.roa
File:                     0HZdCtgkeOWAf5TDRe4P7FD_qKg.roa (raw, json)
Hash identifier:          ZitZjBqOFGsQr0EIiVZOIy+AbhpQcW0YOjk1T+ZhShY=
Subject key identifier:   D0:76:5D:0A:D8:24:78:E5:80:7F:94:C3:45:EE:0F:EC:50:FF:A8:A8
Certificate issuer:       /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Certificate serial:       AE0B
Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/0HZdCtgkeOWAf5TDRe4P7FD_qKg.roa
Signing time:             Fri 14 Jan 2022 15:01:27 +0000
ROA not before:           Fri 14 Jan 2022 15:01:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47954
IP address blocks:        185.95.107.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44555 (0xae0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
        Validity
            Not Before: Jan 14 15:01:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0765d0ad82478e5807f94c345ee0fec50ffa8a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:72:78:77:6e:c0:29:a1:cc:4d:29:83:e7:32:
                    36:d0:3c:42:a0:9e:ee:58:30:e6:4a:64:84:1f:dd:
                    79:41:9a:66:55:db:02:63:94:ed:d8:33:be:af:f2:
                    37:24:cf:44:c9:52:df:a7:d3:83:8d:17:c7:46:59:
                    17:cc:03:19:27:59:5e:2b:4b:62:41:bb:f7:86:2b:
                    b1:77:3f:9e:6c:a3:13:42:6c:76:68:9f:d2:c3:6b:
                    c2:c4:3a:3f:3a:3b:47:a7:90:41:4f:f4:9a:c5:f6:
                    46:db:78:cf:a4:17:30:86:01:cc:76:cd:a5:5c:f3:
                    64:98:b6:92:5f:34:1a:bc:08:59:25:7e:74:99:23:
                    ca:15:95:e2:f7:27:6c:4f:34:f6:74:d6:ad:69:7d:
                    7d:60:8d:3d:33:3e:cb:f9:e2:94:45:88:19:2e:dc:
                    fd:b4:28:af:93:db:15:e8:e7:4e:d3:39:9f:f6:2f:
                    f3:76:9b:dc:84:27:30:07:c7:e2:7d:58:76:3c:1d:
                    ba:bd:f1:e1:d4:09:cd:e7:4a:85:11:fb:0c:1f:85:
                    47:de:97:0b:99:05:7a:21:c7:c5:c5:f8:57:43:ef:
                    7d:9e:fc:c2:73:f7:8e:02:ac:51:18:15:cd:b4:3f:
                    da:fc:a5:ac:f8:74:1b:b1:61:96:2e:bd:e2:8f:f8:
                    99:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:76:5D:0A:D8:24:78:E5:80:7F:94:C3:45:EE:0F:EC:50:FF:A8:A8
            X509v3 Authority Key Identifier:
                keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/0HZdCtgkeOWAf5TDRe4P7FD_qKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:a1:8c:90:35:1e:4c:9e:dd:f1:18:a6:5d:ef:fe:60:cb:03:
         1d:e0:1f:93:eb:a4:e8:f4:99:39:f0:ec:ad:ce:dc:f7:9b:54:
         57:32:bc:20:1e:22:55:f9:0d:be:b0:61:c6:18:c7:ad:50:84:
         c6:14:f3:74:8b:5d:40:05:ee:e7:78:c3:3c:b1:b1:5a:1d:5f:
         7c:64:5b:e6:d2:8e:61:1f:42:b6:09:ef:5f:32:65:a0:ab:cf:
         ed:94:22:99:ae:78:52:ac:9f:2d:52:57:16:a1:31:d2:a6:1b:
         26:ab:a3:43:9b:1d:81:4e:0e:54:79:ac:71:fb:22:56:7f:3f:
         68:0d:bf:f4:c3:4c:75:5b:95:e6:62:c7:6d:c2:7c:1f:5c:62:
         30:10:d5:f0:94:ca:78:7f:6b:6f:8a:00:50:ca:38:17:76:6f:
         40:24:89:f8:ad:0f:ed:4c:49:fc:5e:9d:6c:3f:84:6b:3e:da:
         94:f6:77:11:85:56:73:c1:7a:9b:b8:89:02:89:e9:e8:0b:ce:
         ff:83:4f:de:90:1b:88:5c:19:1a:7a:a7:dd:32:94:65:ed:bc:
         2c:c0:1f:b2:0e:e7:f0:5b:32:82:09:cd:86:cf:df:40:d1:d4:
         6d:39:06:fd:2f:52:76:4b:97:11:2b:8b:fc:8d:54:73:77:a9:
         e7:43:84:06
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAK4LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNi
N2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNmYmFlMDkwHhcNMjIwMTE0
MTUwMTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMDc2NWQwYWQ4MjQ3
OGU1ODA3Zjk0YzM0NWVlMGZlYzUwZmZhOGE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4XJ4d27AKaHMTSmD5zI20DxCoJ7uWDDmSmSEH915QZpmVdsC
Y5Tt2DO+r/I3JM9EyVLfp9ODjRfHRlkXzAMZJ1leK0tiQbv3hiuxdz+ebKMTQmx2
aJ/Sw2vCxDo/OjtHp5BBT/SaxfZG23jPpBcwhgHMds2lXPNkmLaSXzQavAhZJX50
mSPKFZXi9ydsTzT2dNataX19YI09Mz7L+eKURYgZLtz9tCivk9sV6OdO0zmf9i/z
dpvchCcwB8fifVh2PB26vfHh1AnN50qFEfsMH4VH3pcLmQV6IcfFxfhXQ+99nvzC
c/eOAqxRGBXNtD/a/KWs+HQbsWGWLr3ij/iZPwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNB2XQrYJHjlgH+Uw0XuD+xQ/6ioMB8GA1UdIwQYMBaAFDt9w9Aigo5PWza9
73oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0LzEv
MEhaZEN0Z2tlT1dBZjVURFJlNFA3RkRfcUtnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80
ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0LzEvTzMzRDBDS0Nqazli
TnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV9rMA0GCSqGSIb3DQEBCwUAA4IB
AQBvoYyQNR5Mnt3xGKZd7/5gywMd4B+T66To9Jk58Oytztz3m1RXMrwgHiJV+Q2+
sGHGGMetUITGFPN0i11ABe7neMM8sbFaHV98ZFvm0o5hH0K2Ce9fMmWgq8/tlCKZ
rnhSrJ8tUlcWoTHSphsmq6NDmx2BTg5Ueaxx+yJWfz9oDb/0w0x1W5XmYsdtwnwf
XGIwENXwlMp4f2tvigBQyjgXdm9AJIn4rQ/tTEn8Xp1sP4RrPtqU9ncRhVZzwXqb
uIkCienoC87/g0/ekBuIXBkaeqfdMpRl7bwswB+yDufwWzKCCc2Gz99A0dRtOQb9
L1J2S5cRK4v8jVRzd6nnQ4QG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org