Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/TyCr36DN9qHBBo88D2sJ5fe_zyQ.roa
File:                     TyCr36DN9qHBBo88D2sJ5fe_zyQ.roa (raw, json)
Hash identifier:          jflvdBu0Z6dbK+ZTP+jvKUjsLDdjundgUhVPShAL5y0=
Subject key identifier:   4F:20:AB:DF:A0:CD:F6:A1:C1:06:8F:3C:0F:6B:09:E5:F7:BF:CF:24
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       018211ABC9CC4286D3D628D00FDA2460AEA0
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/TyCr36DN9qHBBo88D2sJ5fe_zyQ.roa
Signing time:             Mon 18 Jul 2022 14:17:27 +0000
ROA not before:           Mon 18 Jul 2022 14:17:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.39.51.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:ab:c9:cc:42:86:d3:d6:28:d0:0f:da:24:60:ae:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jul 18 14:17:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f20abdfa0cdf6a1c1068f3c0f6b09e5f7bfcf24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:12:ee:f5:0b:df:b6:3b:50:d0:1d:78:8e:14:
                    d2:4f:35:cd:c7:c2:3d:1c:9a:4e:58:b9:99:2c:5a:
                    9c:e2:e8:b7:d7:d7:0a:2f:b9:09:ea:7e:f7:b9:a7:
                    c2:da:02:1f:84:db:65:30:8f:33:24:5d:b7:74:fd:
                    55:49:4f:8f:1f:03:23:64:fb:15:c5:c7:bc:03:ad:
                    0b:d5:d3:17:0c:c7:32:3f:d6:84:ac:8c:48:0e:3f:
                    9f:02:d2:f2:ef:70:de:0d:59:10:5b:1c:2c:19:80:
                    df:62:8f:53:29:84:68:a8:24:e5:71:b3:ec:5a:68:
                    20:38:a9:80:a0:b0:39:b2:a1:e7:e9:9f:3d:3b:80:
                    6c:a6:40:f6:db:ac:fd:6f:81:01:ef:33:62:61:87:
                    7a:ba:72:e4:56:8b:4c:c4:64:be:b6:b1:23:62:47:
                    1d:85:55:74:37:d1:63:bf:93:c5:02:50:04:07:95:
                    24:71:60:ac:8f:fd:01:69:b9:9f:12:e1:e3:be:59:
                    7f:27:98:ea:31:b3:16:0c:84:37:cd:4c:24:e4:18:
                    42:ee:48:16:df:69:87:56:6e:63:8f:6d:fb:73:58:
                    72:5b:29:1a:d3:97:c9:6c:17:e6:d1:f2:77:24:85:
                    5a:88:61:4e:75:22:d2:99:9c:dc:56:96:65:5c:15:
                    35:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:20:AB:DF:A0:CD:F6:A1:C1:06:8F:3C:0F:6B:09:E5:F7:BF:CF:24
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/TyCr36DN9qHBBo88D2sJ5fe_zyQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:ce:85:d3:31:1b:74:36:95:d1:8e:c8:d5:42:fe:8a:65:4b:
         5b:28:7c:5f:88:47:5e:41:02:91:89:ef:3c:f0:dd:df:86:3d:
         0b:47:9f:6f:f7:70:d1:f5:86:82:ec:ff:08:29:5c:b5:0e:f5:
         21:56:29:da:41:69:b9:0f:97:01:27:7c:af:87:ef:52:5f:1d:
         bd:0c:73:09:2f:ac:37:f1:4b:13:6f:ec:2e:03:b4:2d:31:1f:
         38:72:65:9c:b6:71:86:fb:ec:80:4c:88:08:d2:e9:d7:d1:b6:
         2b:95:5e:b8:8b:94:65:0b:3b:e4:95:e5:fd:f6:1a:31:4c:82:
         79:1f:eb:97:7c:47:e2:e6:15:40:1d:44:6e:ad:55:51:8d:8f:
         aa:84:0f:21:0b:31:64:33:a4:e7:2d:2f:d0:8e:3d:df:c5:29:
         e0:78:11:57:2b:fe:35:bb:11:72:c3:9b:c4:ba:28:73:4d:81:
         75:b6:88:92:c3:9a:03:af:26:eb:e7:e7:11:1b:07:0b:60:f1:
         c3:eb:c1:21:1a:16:86:4b:55:07:c7:2c:29:d2:bd:f8:bb:0b:
         6e:89:8e:a7:71:d3:2a:78:20:79:8e:a4:35:27:53:2e:74:c8:
         18:0f:ca:44:8c:40:42:b5:31:a7:41:b9:38:5e:55:13:e0:a4:
         19:2e:cb:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIRq8nMQobT1ijQD9okYK6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjIwNzE4MTQxNzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIwYWJkZmEwY2RmNmExYzEwNjhmM2MwZjZiMDllNWY3YmZjZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxLu9QvftjtQ0B14jhTSTzXNx8I9
HJpOWLmZLFqc4ui319cKL7kJ6n73uafC2gIfhNtlMI8zJF23dP1VSU+PHwMjZPsV
xce8A60L1dMXDMcyP9aErIxIDj+fAtLy73DeDVkQWxwsGYDfYo9TKYRoqCTlcbPs
WmggOKmAoLA5sqHn6Z89O4BspkD226z9b4EB7zNiYYd6unLkVotMxGS+trEjYkcd
hVV0N9Fjv5PFAlAEB5UkcWCsj/0BabmfEuHjvll/J5jqMbMWDIQ3zUwk5BhC7kgW
32mHVm5jj237c1hyWyka05fJbBfm0fJ3JIVaiGFOdSLSmZzcVpZlXBU1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8gq9+gzfahwQaPPA9rCeX3v88kMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvVHlDcjM2RE45cUhCQm84OEQyc0o1ZmVfenlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMtYWRlZDFjNDY5ZWFm
LzEvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSczMA0G
CSqGSIb3DQEBCwUAA4IBAQCAzoXTMRt0NpXRjsjVQv6KZUtbKHxfiEdeQQKRie88
8N3fhj0LR59v93DR9YaC7P8IKVy1DvUhVinaQWm5D5cBJ3yvh+9SXx29DHMJL6w3
8UsTb+wuA7QtMR84cmWctnGG++yATIgI0unX0bYrlV64i5RlCzvkleX99hoxTIJ5
H+uXfEfi5hVAHURurVVRjY+qhA8hCzFkM6TnLS/Qjj3fxSngeBFXK/41uxFyw5vE
uihzTYF1toiSw5oDrybr5+cRGwcLYPHD68EhGhaGS1UHxywp0r34uwtuiY6ncdMq
eCB5jqQ1J1MudMgYD8pEjEBCtTGnQbk4XlUT4KQZLstx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:55 2024 by rpki-client on console-fra.rpki-client.org