Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/tzc116ml73Vs0WrrIKwwGkkTfSc.roa
File:                     tzc116ml73Vs0WrrIKwwGkkTfSc.roa (raw, json)
Hash identifier:          qRVdNCftVXO/+KdXZaRz6vTOboNTw3lwIf9eub0Dy6Y=
Subject key identifier:   B7:37:35:D7:A9:A5:EF:75:6C:D1:6A:EB:20:AC:30:1A:49:13:7D:27
Certificate issuer:       /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial:       C90C61
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/tzc116ml73Vs0WrrIKwwGkkTfSc.roa
Signing time:             Sat 01 Jan 2022 06:01:46 +0000
ROA not before:           Sat 01 Jan 2022 06:01:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203392
IP address blocks:        185.140.233.0/24 maxlen: 24
                          45.148.249.0/24 maxlen: 24
                          45.86.4.0/24 maxlen: 24
                          45.86.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13175905 (0xc90c61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
        Validity
            Not Before: Jan  1 06:01:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b73735d7a9a5ef756cd16aeb20ac301a49137d27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fb:a8:9e:b7:db:4d:3f:7b:e9:2d:07:20:d0:
                    b3:95:5c:3d:4e:eb:51:a8:4e:97:a9:c8:88:a2:05:
                    88:7a:bd:b1:98:23:17:38:7c:99:35:91:ad:10:c7:
                    f7:fc:d0:13:a2:2b:e3:45:65:51:39:76:df:18:3e:
                    c2:75:80:95:75:70:08:d5:52:e8:29:fd:ce:f4:c8:
                    97:28:95:e0:58:5a:f4:38:9a:7d:22:f9:f6:ae:ae:
                    57:24:f9:38:2d:f8:f1:ae:f5:0b:3f:91:2d:d4:d5:
                    08:c1:30:f0:bf:5a:6d:27:f3:74:7f:e8:b3:12:85:
                    ba:ed:bc:ea:87:bd:1b:80:84:b6:d8:00:87:7a:b7:
                    56:b1:4a:c0:0e:da:7f:94:2b:7c:7e:55:8c:24:db:
                    bf:55:09:d8:0d:bd:cb:de:56:f1:dc:c8:90:4d:74:
                    74:4e:85:86:57:0f:7d:72:ab:f8:ec:af:05:2c:0d:
                    04:de:48:bb:ee:7d:85:d3:09:11:82:72:f3:8c:98:
                    a6:92:20:f1:80:eb:08:f1:56:3c:82:08:f3:7e:81:
                    b3:27:c4:7c:8b:50:3c:37:1e:74:c8:42:b2:8c:8f:
                    55:21:33:f3:74:be:0d:e3:14:c3:5d:a4:fd:81:36:
                    9f:51:5e:32:e7:81:55:49:b9:47:d3:8a:df:9b:f6:
                    d9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:37:35:D7:A9:A5:EF:75:6C:D1:6A:EB:20:AC:30:1A:49:13:7D:27
            X509v3 Authority Key Identifier:
                keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/tzc116ml73Vs0WrrIKwwGkkTfSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.4.0/23
                  45.148.249.0/24
                  185.140.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:12:0b:0a:64:b1:ce:a6:9e:4d:a6:96:1d:4e:ca:fe:cb:30:
         4c:8f:6d:23:65:ab:52:9b:ad:99:e5:58:67:df:7a:0e:5f:60:
         2f:ae:46:53:0f:ff:a4:4c:9a:1d:eb:9c:ba:c0:e3:69:04:9e:
         6c:9f:2f:98:96:b1:f4:0d:5b:23:49:bc:44:9a:27:9e:ab:fd:
         44:bb:56:16:07:c7:bd:81:ee:b6:e8:b6:76:91:5c:2d:84:f6:
         f1:02:da:7f:5d:1b:29:4d:ed:71:9e:78:26:50:22:5b:6d:12:
         c3:29:ae:ec:75:6e:cc:32:56:0c:59:d9:03:e0:18:f7:37:ae:
         b5:0f:53:8b:7c:66:55:3d:0e:9f:de:54:18:3a:6e:8a:fa:6b:
         1b:df:e7:e4:f4:8d:7f:6b:70:7d:37:34:9d:b2:b4:b9:70:ad:
         e5:2d:22:e8:f5:88:37:b3:45:0b:0d:f3:8f:cd:bc:16:06:0c:
         d7:5f:f5:4f:31:b7:ef:9b:5e:1a:ed:95:ff:62:dd:0f:89:54:
         c8:45:6f:10:c9:62:9b:85:15:45:6a:92:f8:a7:ab:6a:f5:15:
         3a:a5:13:4d:2b:0f:e3:3c:1c:b3:ac:e0:bb:35:1a:1d:9b:75:
         6b:f9:e1:b6:73:95:0e:06:11:17:f6:dd:a1:1f:a7:e8:7a:27:
         93:0e:44:4e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAMkMYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OGFiZjI5ZmRlZjg1NzA1MDJmNGI1MWJlNWZmYzA1YzRkOWIzNDY1MB4XDTIyMDEw
MTA2MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjczNzM1ZDdhOWE1
ZWY3NTZjZDE2YWViMjBhYzMwMWE0OTEzN2QyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMD7qJ63200/e+ktByDQs5VcPU7rUahOl6nIiKIFiHq9sZgj
Fzh8mTWRrRDH9/zQE6Ir40VlUTl23xg+wnWAlXVwCNVS6Cn9zvTIlyiV4Fha9Dia
fSL59q6uVyT5OC348a71Cz+RLdTVCMEw8L9abSfzdH/osxKFuu286oe9G4CEttgA
h3q3VrFKwA7af5QrfH5VjCTbv1UJ2A29y95W8dzIkE10dE6FhlcPfXKr+OyvBSwN
BN5Iu+59hdMJEYJy84yYppIg8YDrCPFWPIII836BsyfEfItQPDcedMhCsoyPVSEz
83S+DeMUw12k/YE2n1FeMueBVUm5R9OK35v22V8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS3NzXXqaXvdWzRausgrDAaSRN9JzAfBgNVHSMEGDAWgBRIq/Kf3vhXBQL0
tRvl/8BcTZs0ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NLdnluOTc0VndVQzlMVWI1Zl9BWEUyYk5HVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYWY0MWNiLWZmOTEtNDU5Yy05YTY0LWFiYTExM2YzZTNhZS8x
L3R6YzExNm1sNzNWczBXcnJJS3d3R2trVGZTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YWY0MWNiLWZmOTEtNDU5Yy05YTY0LWFiYTExM2YzZTNhZS8xL1NLdnluOTc0VndV
QzlMVWI1Zl9BWEUyYk5HVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS1WBAMEAC2U+QMEALmM6TANBgkq
hkiG9w0BAQsFAAOCAQEACBILCmSxzqaeTaaWHU7K/sswTI9tI2WrUputmeVYZ996
Dl9gL65GUw//pEyaHeucusDjaQSebJ8vmJax9A1bI0m8RJonnqv9RLtWFgfHvYHu
tui2dpFcLYT28QLaf10bKU3tcZ54JlAiW20Swymu7HVuzDJWDFnZA+AY9zeutQ9T
i3xmVT0On95UGDpuivprG9/n5PSNf2twfTc0nbK0uXCt5S0i6PWIN7NFCw3zj828
FgYM11/1TzG375teGu2V/2LdD4lUyEVvEMlim4UVRWqS+KeravUVOqUTTSsP4zwc
s6zguzUaHZt1a/nhtnOVDgYRF/bdoR+n6Honkw5ETg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:19 2024 by rpki-client on console-fra.rpki-client.org