Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TUrqruxUK4UIpJZUoyS8sC2taHA.roa
File:                     TUrqruxUK4UIpJZUoyS8sC2taHA.roa (raw, json)
Hash identifier:          KgmG6u2Wqp2ErDpk6zd2gipuM4+wqoVv15A4w4brGqs=
Subject key identifier:   4D:4A:EA:AE:EC:54:2B:85:08:A4:96:54:A3:24:BC:B0:2D:AD:68:70
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       0BE7D77F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TUrqruxUK4UIpJZUoyS8sC2taHA.roa
Signing time:             Sat 01 Jan 2022 12:55:03 +0000
ROA not before:           Sat 01 Jan 2022 12:55:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208752
IP address blocks:        2a0c:9a40:81c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199743359 (0xbe7d77f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Jan  1 12:55:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d4aeaaeec542b8508a49654a324bcb02dad6870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:bd:a5:70:09:28:39:63:d6:96:4b:7c:65:a0:
                    3f:4f:02:f2:2c:9b:ff:71:10:37:98:08:ed:8f:55:
                    bc:5b:ff:f5:7f:c8:46:a3:0c:05:2c:11:4d:6c:5a:
                    32:58:4a:24:eb:0b:15:78:09:5a:f8:69:fb:c1:b8:
                    20:8b:69:e8:e9:d3:a5:90:4c:3b:b6:89:59:10:fc:
                    84:77:bc:b5:17:be:18:be:1e:7b:01:51:78:3f:27:
                    ad:2f:e3:f3:b0:50:09:e3:08:22:72:08:12:ad:38:
                    b9:41:1c:b3:95:0a:a5:34:14:b5:af:a4:3e:44:7e:
                    14:56:9c:1a:89:af:1b:97:62:46:6e:1e:d5:b6:0c:
                    05:75:7f:6c:5b:ce:37:fa:8c:41:7e:3f:bc:70:6d:
                    8f:69:02:87:bd:4e:97:6e:61:94:df:d9:24:3b:80:
                    d2:32:82:e7:6b:91:e9:8c:cb:d8:ee:97:8a:f5:1d:
                    e3:e4:f7:c3:27:8d:e2:13:a4:a9:26:5d:9a:9b:7d:
                    2c:2f:dd:d2:d4:94:e8:d4:73:cc:7d:8a:38:90:ce:
                    ee:d0:b0:89:22:98:a8:95:ce:01:36:44:8b:77:6e:
                    bb:60:dc:8b:9d:ac:4f:23:56:15:f1:4c:5e:be:18:
                    f6:e7:82:7f:d5:6e:12:70:1a:a5:b0:ab:26:56:2f:
                    72:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4A:EA:AE:EC:54:2B:85:08:A4:96:54:A3:24:BC:B0:2D:AD:68:70
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TUrqruxUK4UIpJZUoyS8sC2taHA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:81c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:1a:2c:25:9a:52:93:cf:84:96:9f:94:b6:73:d8:e3:9b:a0:
         d8:5c:54:df:ce:cc:48:c3:7c:19:4b:51:ae:40:ad:4a:0a:fe:
         55:82:5a:7d:b1:e5:07:2f:a0:a9:23:f1:eb:11:fb:7c:a0:87:
         08:0d:ae:74:25:eb:51:89:d5:69:93:e5:62:33:02:e7:5f:39:
         41:2c:aa:dd:36:3c:5e:3f:31:21:ca:87:9a:ba:16:ac:38:18:
         aa:aa:7b:88:d2:2f:22:d4:1d:91:0c:b2:83:29:20:9a:40:2b:
         af:be:b6:37:fd:54:37:60:f4:89:7d:8f:6a:a5:12:0d:5b:90:
         f4:15:2a:77:7b:1b:78:46:02:66:06:78:03:34:63:a0:7d:25:
         ce:b2:55:90:ec:44:e4:70:50:64:13:7d:89:ef:f3:31:4d:f2:
         dd:9c:f9:26:12:7d:1c:6d:4d:6d:8a:d0:d6:72:5f:43:e4:78:
         55:5d:fa:3e:61:06:6f:03:88:09:10:80:3c:0e:81:69:f0:56:
         34:0a:e6:63:6f:cd:06:f4:cd:b3:8e:64:68:03:81:d9:4c:1d:
         2b:d6:43:79:47:2a:5d:0e:a4:62:3e:10:d3:45:03:f2:de:6e:
         2b:57:2f:9f:ad:c1:08:c2:73:33:01:57:f0:d8:70:17:16:f1:
         aa:46:df:3c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC+fXfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEw
MTEyNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ0YWVhYWVlYzU0
MmI4NTA4YTQ5NjU0YTMyNGJjYjAyZGFkNjg3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM69pXAJKDlj1pZLfGWgP08C8iyb/3EQN5gI7Y9VvFv/9X/I
RqMMBSwRTWxaMlhKJOsLFXgJWvhp+8G4IItp6OnTpZBMO7aJWRD8hHe8tRe+GL4e
ewFReD8nrS/j87BQCeMIInIIEq04uUEcs5UKpTQUta+kPkR+FFacGomvG5diRm4e
1bYMBXV/bFvON/qMQX4/vHBtj2kCh71Ol25hlN/ZJDuA0jKC52uR6YzL2O6XivUd
4+T3wyeN4hOkqSZdmpt9LC/d0tSU6NRzzH2KOJDO7tCwiSKYqJXOATZEi3duu2Dc
i52sTyNWFfFMXr4Y9ueCf9VuEnAapbCrJlYvci0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRNSuqu7FQrhQikllSjJLywLa1ocDAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L1RVcnFydXhVSzRVSXBKWlVveVM4c0MydGFIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoMmkCBwDANBgkqhkiG9w0BAQsF
AAOCAQEAMxosJZpSk8+Elp+UtnPY45ug2FxU387MSMN8GUtRrkCtSgr+VYJafbHl
By+gqSPx6xH7fKCHCA2udCXrUYnVaZPlYjMC5185QSyq3TY8Xj8xIcqHmroWrDgY
qqp7iNIvItQdkQyygykgmkArr762N/1UN2D0iX2PaqUSDVuQ9BUqd3sbeEYCZgZ4
AzRjoH0lzrJVkOxE5HBQZBN9ie/zMU3y3Zz5JhJ9HG1NbYrQ1nJfQ+R4VV36PmEG
bwOICRCAPA6BafBWNArmY2/NBvTNs45kaAOB2UwdK9ZDeUcqXQ6kYj4Q00UD8t5u
K1cvn63BCMJzMwFX8NhwFxbxqkbfPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org