Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ab57bd-cfed-441f-a437-438e84c7107d/1/TXvcCYOCVzLFxf4tXbDzNwrZeBY.roa
File:                     TXvcCYOCVzLFxf4tXbDzNwrZeBY.roa (raw, json)
Hash identifier:          pUO5F7+UGo5fBG0kP4Hewl9+LTW2QpbMJSoRYL7gqok=
Subject key identifier:   4D:7B:DC:09:83:82:57:32:C5:C5:FE:2D:5D:B0:F3:37:0A:D9:78:16
Certificate issuer:       /CN=a59a78a8512f909ce6d473252f04cf19e9e68a2a
Certificate serial:       FECB
Authority key identifier: A5:9A:78:A8:51:2F:90:9C:E6:D4:73:25:2F:04:CF:19:E9:E6:8A:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pZp4qFEvkJzm1HMlLwTPGenmiio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/ab57bd-cfed-441f-a437-438e84c7107d/1/TXvcCYOCVzLFxf4tXbDzNwrZeBY.roa
Signing time:             Fri 27 May 2022 11:49:13 +0000
ROA not before:           Fri 27 May 2022 11:49:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47291
IP address blocks:        195.62.94.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65227 (0xfecb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a59a78a8512f909ce6d473252f04cf19e9e68a2a
        Validity
            Not Before: May 27 11:49:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d7bdc0983825732c5c5fe2d5db0f3370ad97816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fd:bd:36:d9:84:37:e1:8b:41:9b:30:e1:8b:
                    c9:59:4b:01:d3:7a:47:70:5a:95:21:3e:b1:dc:ad:
                    e9:ac:58:b0:1f:58:26:9a:9c:53:ca:f2:d3:04:40:
                    8c:39:41:02:84:c9:48:4c:0d:13:a1:68:43:35:65:
                    ed:fb:d8:ef:52:c3:88:8c:d6:cf:f1:71:9c:a2:af:
                    7b:e3:1b:48:a7:93:ad:6f:2e:0d:84:fa:64:9f:47:
                    6b:d3:3e:23:02:70:71:88:fc:f1:09:4d:16:e6:fe:
                    38:b3:c3:46:ed:95:71:ad:03:70:00:96:ce:42:65:
                    0f:91:f2:60:ab:06:8f:42:0f:f8:98:34:56:cc:8c:
                    d1:f7:53:f3:fd:8a:3b:58:ef:4f:29:a2:3d:65:27:
                    cb:90:3a:4a:f1:d1:55:30:6b:d4:f1:ee:c3:77:e8:
                    02:27:07:f8:e2:44:c1:e0:23:d7:ed:b8:70:77:92:
                    a9:06:0e:1c:95:07:68:3a:1b:31:99:4e:e1:d7:fb:
                    ab:b2:25:e2:97:12:a7:9c:8e:04:c6:c6:4a:9d:43:
                    7a:e6:e9:65:e0:4a:c0:ac:45:03:81:be:0b:bc:f3:
                    76:f4:59:ea:5a:a3:92:65:a6:a2:a8:df:4b:0d:37:
                    6a:6b:5d:fc:46:a6:f4:ed:a3:87:9a:59:7e:d7:2b:
                    6c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:7B:DC:09:83:82:57:32:C5:C5:FE:2D:5D:B0:F3:37:0A:D9:78:16
            X509v3 Authority Key Identifier:
                keyid:A5:9A:78:A8:51:2F:90:9C:E6:D4:73:25:2F:04:CF:19:E9:E6:8A:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZp4qFEvkJzm1HMlLwTPGenmiio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ab57bd-cfed-441f-a437-438e84c7107d/1/TXvcCYOCVzLFxf4tXbDzNwrZeBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ab57bd-cfed-441f-a437-438e84c7107d/1/pZp4qFEvkJzm1HMlLwTPGenmiio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.62.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:2c:d1:a5:0b:40:fa:56:d0:46:dd:f4:d2:cc:f2:a3:ad:be:
         0e:aa:3b:22:5a:c9:84:7b:8f:ba:e7:9c:a9:72:8d:de:7e:9c:
         0c:95:ee:d6:29:73:ae:1c:54:76:4a:81:32:f4:7e:80:cc:0a:
         e3:32:f3:6b:dc:70:50:f1:c4:2a:6a:45:ef:28:78:c2:c8:53:
         c3:87:fd:20:82:85:17:1c:d8:8d:f6:34:a9:27:be:15:82:80:
         68:02:08:f0:e0:81:db:be:76:da:a9:7f:7b:95:37:a5:26:43:
         12:e9:ae:8b:f4:8e:d1:73:4d:dc:82:30:98:50:b1:80:54:4e:
         14:1a:3e:3e:75:b9:54:b3:4a:a9:6a:47:39:0e:58:17:11:b9:
         91:91:f0:ef:93:5c:46:32:5f:76:76:f8:84:f3:83:1e:98:2c:
         fd:3a:03:30:bb:5c:d2:e2:de:9a:7e:b5:d2:a0:7d:12:03:d3:
         35:9c:91:30:32:69:bc:14:c0:52:a7:3c:7b:63:68:b8:25:3f:
         06:30:3d:f9:5d:6c:5e:f8:dc:e8:95:da:36:ed:54:2f:c3:13:
         46:c1:19:ec:97:8f:6b:87:41:d1:ca:f6:82:6d:a4:59:d0:8e:
         0f:6a:6f:84:15:93:8f:a9:6a:22:cc:b5:0c:46:e6:01:7b:d7:
         a7:6e:05:d6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAP7LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
OWE3OGE4NTEyZjkwOWNlNmQ0NzMyNTJmMDRjZjE5ZTllNjhhMmEwHhcNMjIwNTI3
MTE0OTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZDdiZGMwOTgzODI1
NzMyYzVjNWZlMmQ1ZGIwZjMzNzBhZDk3ODE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmP29NtmEN+GLQZsw4YvJWUsB03pHcFqVIT6x3K3prFiwH1gm
mpxTyvLTBECMOUEChMlITA0ToWhDNWXt+9jvUsOIjNbP8XGcoq974xtIp5Otby4N
hPpkn0dr0z4jAnBxiPzxCU0W5v44s8NG7ZVxrQNwAJbOQmUPkfJgqwaPQg/4mDRW
zIzR91Pz/Yo7WO9PKaI9ZSfLkDpK8dFVMGvU8e7Dd+gCJwf44kTB4CPX7bhwd5Kp
Bg4clQdoOhsxmU7h1/ursiXilxKnnI4ExsZKnUN65ull4ErArEUDgb4LvPN29Fnq
WqOSZaaiqN9LDTdqa138Rqb07aOHmll+1ytsuQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE173AmDglcyxcX+LV2w8zcK2XgWMB8GA1UdIwQYMBaAFKWaeKhRL5Cc5tRz
JS8Ezxnp5ooqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cFpwNHFGRXZrSnptMUhNbEx3VFBHZW5taWlvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZi9hYjU3YmQtY2ZlZC00NDFmLWE0MzctNDM4ZTg0YzcxMDdkLzEv
VFh2Y0NZT0NWekxGeGY0dFhiRHpOd3JaZUJZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9h
YjU3YmQtY2ZlZC00NDFmLWE0MzctNDM4ZTg0YzcxMDdkLzEvcFpwNHFGRXZrSnpt
MUhNbEx3VFBHZW5taWlvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwz5eMA0GCSqGSIb3DQEBCwUAA4IB
AQBzLNGlC0D6VtBG3fTSzPKjrb4OqjsiWsmEe4+655ypco3efpwMle7WKXOuHFR2
SoEy9H6AzArjMvNr3HBQ8cQqakXvKHjCyFPDh/0ggoUXHNiN9jSpJ74VgoBoAgjw
4IHbvnbaqX97lTelJkMS6a6L9I7Rc03cgjCYULGAVE4UGj4+dblUs0qpakc5DlgX
EbmRkfDvk1xGMl92dviE84MemCz9OgMwu1zS4t6afrXSoH0SA9M1nJEwMmm8FMBS
pzx7Y2i4JT8GMD35XWxe+Nzoldo27VQvwxNGwRnsl49rh0HRyvaCbaRZ0I4Pam+E
FZOPqWoizLUMRuYBe9enbgXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:14 2024 by rpki-client on console-fra.rpki-client.org