Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tt0Fm_2Py1KosJMwrFv6-UX8uak.roa
File:                     Tt0Fm_2Py1KosJMwrFv6-UX8uak.roa (raw, json)
Hash identifier:          B/GjbdH8/fpl9bNuFv9KXw6vykjif/j7zmu0Z0l+ygc=
Subject key identifier:   4E:DD:05:9B:FD:8F:CB:52:A8:B0:93:30:AC:5B:FA:F9:45:FC:B9:A9
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1DE4B97F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tt0Fm_2Py1KosJMwrFv6-UX8uak.roa
Signing time:             Tue 12 Apr 2022 05:53:35 +0000
ROA not before:           Tue 12 Apr 2022 05:53:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57674
IP address blocks:        193.149.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 501528959 (0x1de4b97f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 12 05:53:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4edd059bfd8fcb52a8b09330ac5bfaf945fcb9a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:cf:db:0c:f6:01:43:df:05:da:74:20:78:81:
                    e1:ce:55:c1:61:02:df:bf:55:93:d3:1c:3b:c9:fe:
                    ab:68:e0:7e:05:23:73:b7:09:fc:ce:2d:02:23:b9:
                    f5:ce:28:0d:85:08:c6:0e:f3:be:62:54:5a:bb:ab:
                    e7:6e:12:e6:6f:81:7f:0c:a7:ce:77:8b:66:7a:6e:
                    75:79:e6:5b:92:7d:cd:96:ab:0e:ef:a6:a8:cf:68:
                    27:94:5c:59:41:ce:64:b2:e7:42:b4:f5:a3:45:b5:
                    78:cb:a7:d8:f3:5a:20:99:b3:c9:38:fb:8b:ea:b4:
                    e8:4a:2c:f0:56:87:36:94:d1:e8:56:69:8f:86:1b:
                    fa:87:e5:df:3b:c3:92:54:b0:81:63:d5:48:46:c4:
                    88:98:fc:a2:9f:41:e7:ca:63:1a:cc:54:9c:63:a0:
                    f6:51:bb:bf:1f:ce:83:37:9c:95:e8:88:0b:7d:71:
                    83:4e:a0:bb:b8:3c:35:30:8b:2d:c7:5b:d0:ca:cf:
                    72:9d:07:49:99:50:41:c3:5d:45:18:72:dd:4d:35:
                    51:c7:b7:c3:5c:93:16:fe:20:34:e4:a8:85:64:19:
                    76:15:30:0e:20:e0:e3:9b:71:6e:13:96:3a:7c:47:
                    9b:80:08:f2:62:d0:3c:c1:2e:34:94:86:63:26:a3:
                    18:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:DD:05:9B:FD:8F:CB:52:A8:B0:93:30:AC:5B:FA:F9:45:FC:B9:A9
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tt0Fm_2Py1KosJMwrFv6-UX8uak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.149.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:35:7e:67:4a:c6:8d:dc:94:1c:52:77:37:32:cc:05:30:ca:
         24:47:ff:78:d2:c6:76:cb:33:db:87:66:41:47:cf:66:0f:bc:
         e8:cf:f9:e1:c6:8a:55:82:00:e3:ca:7d:b4:be:6e:a8:3d:68:
         7d:3d:2b:6a:7c:43:65:06:56:ee:95:5b:18:54:9e:e9:e4:2e:
         a7:78:cf:e8:89:6b:ed:f5:8e:d1:c4:e5:a4:11:b6:26:e4:e6:
         bd:f2:1d:6c:92:0d:2a:30:c6:15:52:a4:94:40:8e:ed:68:5f:
         ab:39:e3:50:9f:58:a4:7d:48:e5:c7:a6:d8:e2:56:95:90:23:
         bd:e1:13:07:92:e1:50:7c:a8:91:62:9e:13:79:6f:62:4d:a3:
         5f:4c:84:a3:62:b6:64:1e:21:43:5e:cf:e3:a0:1d:9c:da:e5:
         c2:4d:e3:20:59:7b:ab:26:0a:7a:5b:4c:d8:d1:33:50:88:9c:
         e7:e1:45:c6:59:ba:b7:27:04:11:25:81:d7:2c:d1:82:c0:40:
         88:e7:a3:19:96:6f:35:99:14:b9:0f:3f:bb:ef:ce:37:72:f1:
         64:63:75:f4:5c:72:aa:c4:c8:b7:b4:f7:34:7f:54:7f:49:a3:
         5f:43:5a:17:29:22:1e:cb:34:e4:45:22:57:bf:fa:e5:cc:bf:
         92:6b:45:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHeS5fzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQx
MjA1NTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVkZDA1OWJmZDhm
Y2I1MmE4YjA5MzMwYWM1YmZhZjk0NWZjYjlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfP2wz2AUPfBdp0IHiB4c5VwWEC379Vk9McO8n+q2jgfgUj
c7cJ/M4tAiO59c4oDYUIxg7zvmJUWrur524S5m+BfwynzneLZnpudXnmW5J9zZar
Du+mqM9oJ5RcWUHOZLLnQrT1o0W1eMun2PNaIJmzyTj7i+q06Eos8FaHNpTR6FZp
j4Yb+ofl3zvDklSwgWPVSEbEiJj8op9B58pjGsxUnGOg9lG7vx/OgzecleiIC31x
g06gu7g8NTCLLcdb0MrPcp0HSZlQQcNdRRhy3U01Uce3w1yTFv4gNOSohWQZdhUw
DiDg45txbhOWOnxHm4AI8mLQPMEuNJSGYyajGBUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRO3QWb/Y/LUqiwkzCsW/r5Rfy5qTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1R0MEZtXzJQeTFLb3NKTXdyRnY2LVVYOHVhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsGVHDANBgkqhkiG9w0BAQsFAAOC
AQEAazV+Z0rGjdyUHFJ3NzLMBTDKJEf/eNLGdssz24dmQUfPZg+86M/54caKVYIA
48p9tL5uqD1ofT0ranxDZQZW7pVbGFSe6eQup3jP6Ilr7fWO0cTlpBG2JuTmvfId
bJINKjDGFVKklECO7WhfqznjUJ9YpH1I5cem2OJWlZAjveETB5LhUHyokWKeE3lv
Yk2jX0yEo2K2ZB4hQ17P46AdnNrlwk3jIFl7qyYKeltM2NEzUIic5+FFxlm6tycE
ESWB1yzRgsBAiOejGZZvNZkUuQ8/u+/ON3LxZGN19FxyqsTIt7T3NH9Uf0mjX0Na
FykiHss05EUiV7/65cy/kmtFtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:08 2024 by rpki-client on console-fra.rpki-client.org