Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/TIy7VWOKZZl9SxtPj9g60cXb_nw.roa
File:                     TIy7VWOKZZl9SxtPj9g60cXb_nw.roa (raw, json)
Hash identifier:          WqaNH4ynIxAO9VsU+aE4J/cqaTi7DB2e4WBC9T8SksA=
Subject key identifier:   4C:8C:BB:55:63:8A:65:99:7D:4B:1B:4F:8F:D8:3A:D1:C5:DB:FE:7C
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       0182DB1915C4CD28A544AC0D9EDD588824D8
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/TIy7VWOKZZl9SxtPj9g60cXb_nw.roa
Signing time:             Fri 26 Aug 2022 17:00:30 +0000
ROA not before:           Fri 26 Aug 2022 17:00:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57152
IP address blocks:        185.73.128.0/22 maxlen: 24
                          104.247.172.0/24 maxlen: 24
                          104.247.171.0/24 maxlen: 24
                          104.247.170.0/24 maxlen: 24
                          104.247.174.0/24 maxlen: 24
                          104.247.173.0/24 maxlen: 24
                          185.137.215.0/24 maxlen: 24
                          2a03:a5a0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:db:19:15:c4:cd:28:a5:44:ac:0d:9e:dd:58:88:24:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Aug 26 17:00:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c8cbb55638a65997d4b1b4f8fd83ad1c5dbfe7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a7:6b:4c:ff:a0:39:7c:dc:64:b4:d6:19:a7:
                    9e:95:ff:c0:6f:e8:d7:1e:85:02:7a:fc:ec:0c:c3:
                    51:13:17:24:33:38:bb:ac:0f:df:1e:76:ce:ee:f4:
                    10:8b:d4:3b:3d:46:97:78:41:90:dc:38:c3:e2:20:
                    42:f2:86:2a:38:44:64:b8:f1:f9:70:13:46:a4:7f:
                    b3:27:7a:1b:1d:58:0e:bb:2d:cd:b3:c9:c3:fa:60:
                    c1:f9:cd:5c:d1:2a:f6:05:ed:a2:d8:30:34:07:15:
                    a3:14:f8:a9:67:59:21:d6:23:a5:a9:aa:36:64:c5:
                    6d:30:2a:c1:d4:9c:36:90:33:5d:ce:a8:51:53:1b:
                    55:ea:f1:4a:78:0c:33:ff:b7:ef:ac:3f:79:ee:36:
                    6f:41:46:1f:84:de:b8:cf:12:e5:3c:e0:01:23:c2:
                    c4:a3:89:8f:1a:9a:02:b7:31:f3:7b:5c:55:59:f1:
                    9e:3b:06:29:5b:b2:86:3e:ff:6a:65:47:21:d5:6a:
                    f8:59:aa:fd:d3:48:ea:56:8b:77:b3:d7:4a:ae:67:
                    89:26:a9:27:7f:a5:b5:f3:a8:3c:f5:a1:a7:c2:fb:
                    a8:50:ef:d7:d3:c1:9a:8f:a5:99:e2:91:08:33:49:
                    5c:c3:7b:73:32:e2:6a:01:20:91:65:02:01:66:5f:
                    e6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:8C:BB:55:63:8A:65:99:7D:4B:1B:4F:8F:D8:3A:D1:C5:DB:FE:7C
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/TIy7VWOKZZl9SxtPj9g60cXb_nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.170.0-104.247.174.255
                  185.73.128.0/22
                  185.137.215.0/24
                IPv6:
                  2a03:a5a0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:28:27:9c:f1:0d:95:b0:c7:5c:90:45:ce:e2:66:87:87:e9:
         79:a4:73:cb:6e:e4:60:a2:b5:6e:3a:8e:3b:35:7a:ba:8f:87:
         97:1c:96:d2:48:34:e6:e0:f4:53:a8:67:aa:62:96:c2:e5:12:
         18:96:3f:1f:4d:27:aa:dd:70:45:a1:b9:46:db:64:0d:67:98:
         d2:71:dc:d2:aa:a7:2d:6a:85:8a:be:e8:63:09:c4:97:87:29:
         07:0f:03:79:48:71:21:0e:fe:08:6b:21:c2:45:c6:82:21:06:
         16:c0:83:7a:44:55:28:82:b6:c3:c5:69:48:44:d1:3d:26:1c:
         7b:47:07:66:3b:0a:fa:f8:07:4a:f8:d6:f5:94:64:03:e1:42:
         ae:c3:14:29:90:ed:27:97:a4:ee:94:73:f3:eb:80:bc:1d:56:
         75:a2:c9:c1:4c:12:46:a2:42:3d:a4:1e:30:ab:f8:21:59:15:
         89:1e:74:c4:38:96:60:a4:85:2a:29:20:78:da:c2:fc:8a:22:
         cc:91:0e:91:9b:bb:5a:5b:b8:6b:fb:8a:1a:6c:cc:e3:57:6f:
         8a:c2:c8:b6:f6:f8:63:ef:23:f1:ec:28:37:c1:3f:bc:35:5f:
         36:87:e0:ea:5a:5b:3b:e7:37:d7:7c:84:af:d3:6e:40:20:5c:
         ae:8d:14:cb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYLbGRXEzSilRKwNnt1YiCTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjIwODI2MTcwMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhjYmI1NTYzOGE2NTk5N2Q0YjFiNGY4ZmQ4M2FkMWM1ZGJmZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAradrTP+gOXzcZLTWGaeelf/Ab+jX
HoUCevzsDMNRExckMzi7rA/fHnbO7vQQi9Q7PUaXeEGQ3DjD4iBC8oYqOERkuPH5
cBNGpH+zJ3obHVgOuy3Ns8nD+mDB+c1c0Sr2Be2i2DA0BxWjFPipZ1kh1iOlqao2
ZMVtMCrB1Jw2kDNdzqhRUxtV6vFKeAwz/7fvrD957jZvQUYfhN64zxLlPOABI8LE
o4mPGpoCtzHze1xVWfGeOwYpW7KGPv9qZUch1Wr4War900jqVot3s9dKrmeJJqkn
f6W186g89aGnwvuoUO/X08Gaj6WZ4pEIM0lcw3tzMuJqASCRZQIBZl/mvQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEyMu1VjimWZfUsbT4/YOtHF2/58MB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvVEl5N1ZXT0taWmw5U3h0UGo5ZzYwY1hiX253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAFo96oD
BABo964DBAK5SYADBAC5idcwDwQCAAIwCQMHACoDpaAAATANBgkqhkiG9w0BAQsF
AAOCAQEAISgnnPENlbDHXJBFzuJmh4fpeaRzy27kYKK1bjqOOzV6uo+HlxyW0kg0
5uD0U6hnqmKWwuUSGJY/H00nqt1wRaG5RttkDWeY0nHc0qqnLWqFir7oYwnEl4cp
Bw8DeUhxIQ7+CGshwkXGgiEGFsCDekRVKIK2w8VpSETRPSYce0cHZjsK+vgHSvjW
9ZRkA+FCrsMUKZDtJ5ek7pRz8+uAvB1WdaLJwUwSRqJCPaQeMKv4IVkViR50xDiW
YKSFKikgeNrC/IoizJEOkZu7Wlu4a/uKGmzM41dvisLItvb4Y+8j8ewoN8E/vDVf
Nofg6lpbO+c313yEr9NuQCBcro0Uyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org