Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/NX_x2UjelmFa41Tn4M2TtJuWHa8.roa
File:                     NX_x2UjelmFa41Tn4M2TtJuWHa8.roa (raw, json)
Hash identifier:          ukmUtVJdi3ikoOLMjcUzWnc1LMS2dFPHiBbeSMCldwc=
Subject key identifier:   35:7F:F1:D9:48:DE:96:61:5A:E3:54:E7:E0:CD:93:B4:9B:96:1D:AF
Certificate issuer:       /CN=c207e10cbc5d249bf4d8eeb2549ec4cf843ef0ee
Certificate serial:       0101FF1D
Authority key identifier: C2:07:E1:0C:BC:5D:24:9B:F4:D8:EE:B2:54:9E:C4:CF:84:3E:F0:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/NX_x2UjelmFa41Tn4M2TtJuWHa8.roa
Signing time:             Sat 01 Jan 2022 01:59:49 +0000
ROA not before:           Sat 01 Jan 2022 01:59:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211914
IP address blocks:        94.158.208.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16908061 (0x101ff1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c207e10cbc5d249bf4d8eeb2549ec4cf843ef0ee
        Validity
            Not Before: Jan  1 01:59:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=357ff1d948de96615ae354e7e0cd93b49b961daf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:09:99:02:d8:11:98:a4:15:ba:e1:df:40:2e:
                    a5:1b:6e:d5:1b:35:13:d4:20:cd:a9:ff:fa:c9:c9:
                    0b:ae:51:c7:9e:c0:5f:4e:cb:5d:73:3b:d1:02:56:
                    92:59:77:ea:07:59:8a:8e:48:f0:d0:e1:94:e3:d5:
                    70:88:b4:58:25:f8:d0:aa:28:be:2c:cf:72:e9:6c:
                    1c:23:28:b0:6e:30:c8:ba:56:21:5b:ae:0a:80:90:
                    43:8d:b0:93:3f:ab:fc:32:8b:a4:59:c2:e4:d8:b0:
                    6a:99:0a:8a:0f:bd:d0:e9:4f:25:80:5b:78:ce:4c:
                    c8:d0:aa:a2:d9:38:a4:31:93:81:6e:e4:c6:2c:6e:
                    56:16:b8:1e:49:ab:f9:b5:39:d8:19:af:98:ed:f4:
                    74:88:91:db:93:10:b8:72:d7:f3:69:fd:bf:bc:df:
                    d9:af:f4:3b:2c:d0:99:a3:96:57:a4:e7:54:a4:f0:
                    14:49:4e:a3:97:74:05:0b:b3:48:ad:85:b6:4e:86:
                    d1:35:89:3f:3b:46:1d:23:a2:d1:ae:13:10:e9:a7:
                    1b:cb:43:a5:7d:f3:a7:6b:5a:91:1f:26:20:a1:ca:
                    6d:4a:24:ea:1e:d2:db:3c:64:30:22:91:79:b7:57:
                    d9:05:1b:ca:b1:53:be:73:76:cb:f3:93:90:9b:ae:
                    19:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:7F:F1:D9:48:DE:96:61:5A:E3:54:E7:E0:CD:93:B4:9B:96:1D:AF
            X509v3 Authority Key Identifier:
                keyid:C2:07:E1:0C:BC:5D:24:9B:F4:D8:EE:B2:54:9E:C4:CF:84:3E:F0:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/NX_x2UjelmFa41Tn4M2TtJuWHa8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.158.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         17:7b:9e:62:ad:c0:8b:04:9c:6c:20:70:17:c4:24:18:5d:42:
         b0:ad:45:92:21:35:3d:2a:88:a0:24:76:90:a5:a5:6b:63:1d:
         7b:04:34:db:ab:d5:6b:10:aa:cf:67:8b:14:89:06:aa:df:cf:
         64:bb:a7:3f:f0:ea:a2:c7:fd:ac:e8:dd:a6:58:41:87:08:6e:
         96:0a:76:97:31:06:f7:6c:5f:b5:0b:74:ab:e7:96:a6:7c:80:
         86:39:47:90:9e:01:d0:8c:2c:67:6a:e9:60:61:23:b1:b4:19:
         f7:f3:70:fe:32:5f:1b:b1:61:47:33:bb:be:63:2b:9a:cf:8c:
         89:d8:f6:f2:19:0b:72:ac:93:22:fe:65:f8:75:2c:fb:d7:12:
         38:f1:39:0f:84:74:ba:8f:5a:92:3d:bb:a3:89:79:28:f8:6e:
         67:ad:8c:6b:67:bd:d7:b8:f1:89:7e:93:7b:4c:54:9f:04:cc:
         0f:e8:61:8c:98:f7:38:4d:f7:a1:ac:61:f5:ef:15:b2:e9:af:
         1e:bc:6f:50:e4:91:be:cf:27:2d:24:c2:20:fe:1f:be:89:8a:
         2a:01:c3:fc:78:84:7b:43:54:14:28:33:18:dd:b4:e4:bb:1c:
         83:51:5a:36:b2:ec:ec:88:2f:2f:b0:14:38:e7:50:20:25:a3:
         25:f0:54:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQH/HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjA3ZTEwY2JjNWQyNDliZjRkOGVlYjI1NDllYzRjZjg0M2VmMGVlMB4XDTIyMDEw
MTAxNTk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU3ZmYxZDk0OGRl
OTY2MTVhZTM1NGU3ZTBjZDkzYjQ5Yjk2MWRhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0JmQLYEZikFbrh30AupRtu1Rs1E9Qgzan/+snJC65Rx57A
X07LXXM70QJWkll36gdZio5I8NDhlOPVcIi0WCX40KoovizPculsHCMosG4wyLpW
IVuuCoCQQ42wkz+r/DKLpFnC5NiwapkKig+90OlPJYBbeM5MyNCqotk4pDGTgW7k
xixuVha4Hkmr+bU52BmvmO30dIiR25MQuHLX82n9v7zf2a/0OyzQmaOWV6TnVKTw
FElOo5d0BQuzSK2Ftk6G0TWJPztGHSOi0a4TEOmnG8tDpX3zp2takR8mIKHKbUok
6h7S2zxkMCKRebdX2QUbyrFTvnN2y/OTkJuuGf0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1f/HZSN6WYVrjVOfgzZO0m5YdrzAfBgNVHSMEGDAWgBTCB+EMvF0km/TY
7rJUnsTPhD7w7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dnZmhETHhkSkp2MDJPNnlWSjdFejRRLThPNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvMzEyMTMyLTJlMmMtNGE1Ny1hOGFjLTU3OGYwMmU3ODA2Ni8x
L05YX3gyVWplbG1GYTQxVG40TTJUdEp1V0hhOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
MzEyMTMyLTJlMmMtNGE1Ny1hOGFjLTU3OGYwMmU3ODA2Ni8xL3dnZmhETHhkSkp2
MDJPNnlWSjdFejRRLThPNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA16e0DANBgkqhkiG9w0BAQsFAAOC
AQEAF3ueYq3AiwScbCBwF8QkGF1CsK1FkiE1PSqIoCR2kKWla2MdewQ026vVaxCq
z2eLFIkGqt/PZLunP/Dqosf9rOjdplhBhwhulgp2lzEG92xftQt0q+eWpnyAhjlH
kJ4B0IwsZ2rpYGEjsbQZ9/Nw/jJfG7FhRzO7vmMrms+Midj28hkLcqyTIv5l+HUs
+9cSOPE5D4R0uo9akj27o4l5KPhuZ62Ma2e917jxiX6Te0xUnwTMD+hhjJj3OE33
oaxh9e8VsumvHrxvUOSRvs8nLSTCIP4fvomKKgHD/HiEe0NUFCgzGN205Lscg1Fa
NrLs7IgvL7AUOOdQICWjJfBUew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:24 2024 by rpki-client on console-ams.rpki-client.org