Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TWvh17zHU4w-MBCQETewLx1Nzl0.roa
File:                     TWvh17zHU4w-MBCQETewLx1Nzl0.roa (raw, json)
Hash identifier:          9VzUqsXlsIiDMZK3k54nLhwS/KUim5hVM7zCptywYt4=
Subject key identifier:   4D:6B:E1:D7:BC:C7:53:8C:3E:30:10:90:11:37:B0:2F:1D:4D:CE:5D
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0B4298D1
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TWvh17zHU4w-MBCQETewLx1Nzl0.roa
Signing time:             Sat 01 Jan 2022 13:04:56 +0000
ROA not before:           Sat 01 Jan 2022 13:04:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34723
IP address blocks:        86.106.200.0/21 maxlen: 24
                          89.45.16.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 188913873 (0xb4298d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 13:04:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d6be1d7bcc7538c3e3010901137b02f1d4dce5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0c:8e:fa:b8:41:53:82:50:0a:a3:13:6c:93:
                    cb:4f:35:ca:9e:56:3a:53:af:c6:44:25:58:e6:71:
                    4f:2d:d3:86:ed:c4:36:ee:a8:cb:d1:d3:ba:24:45:
                    56:c6:25:44:c3:fe:cf:23:39:d7:d6:96:9f:bb:8c:
                    c2:3c:c3:df:c5:dc:a1:2a:41:6a:ee:b6:79:3a:84:
                    45:38:b3:94:79:10:d8:d1:10:26:cc:61:16:6a:7c:
                    d7:2b:57:85:8f:5b:2f:96:59:50:30:c2:48:d8:6d:
                    47:50:86:43:40:0e:6e:3b:44:4d:2d:8f:4c:d7:9e:
                    24:2f:f7:be:45:7e:f8:71:38:bc:d5:96:8a:8f:86:
                    c5:09:34:b0:0e:06:9a:ca:8b:3e:bb:74:d9:29:b9:
                    07:51:37:7e:c9:dc:65:1b:8f:1b:b1:d1:7a:23:6a:
                    25:5d:1a:3b:a7:bd:ce:a7:ed:5c:a0:b3:ab:6c:9f:
                    36:5b:fc:3a:2a:ae:0f:d2:3f:6d:55:c7:a7:14:82:
                    8e:42:da:f0:5c:bc:5a:69:6a:c7:5a:df:bb:6f:75:
                    f5:ca:d9:67:1d:31:ed:79:10:89:7b:5e:aa:b5:88:
                    5e:cf:4c:06:de:3d:1c:ad:55:eb:a8:29:e6:87:e4:
                    37:07:90:bb:87:3a:62:76:7a:b7:9c:0e:61:06:2d:
                    20:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:6B:E1:D7:BC:C7:53:8C:3E:30:10:90:11:37:B0:2F:1D:4D:CE:5D
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TWvh17zHU4w-MBCQETewLx1Nzl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.106.200.0/21
                  89.45.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         29:36:38:95:52:df:2e:18:4b:06:d9:65:4d:6d:3d:27:6f:e6:
         be:d6:34:0e:c1:b2:70:4e:ed:c1:de:c8:9c:07:ad:36:25:77:
         1d:53:9a:ae:a5:1b:1b:a8:8c:b8:bf:b2:0c:86:5f:97:3a:25:
         40:4f:4a:c3:2c:f5:d0:92:bb:be:0a:09:b7:2a:1a:9e:fc:48:
         1b:8f:e9:a9:6c:44:c8:11:bc:b3:3a:6d:4c:5d:b6:97:32:f8:
         02:ae:48:14:ce:dc:de:cc:9f:e2:8c:ca:ff:93:3c:ba:3c:a6:
         11:0c:21:6e:32:e2:d1:03:60:47:12:a6:b2:86:b6:33:73:4f:
         83:cb:cd:80:a3:59:80:80:b1:e5:02:34:3b:da:67:ab:b3:b8:
         13:52:59:a3:ab:a1:d2:a5:54:9c:46:63:58:d7:e1:29:e5:9d:
         16:4a:68:90:18:79:6f:86:12:7a:38:72:9f:3e:03:67:56:4e:
         58:67:2c:ea:b6:42:48:47:a4:36:0a:0b:6e:51:e9:a9:c7:af:
         bd:33:19:7d:7e:2d:90:41:5f:a4:12:8f:e9:1d:4f:21:e5:16:
         57:8e:e7:18:fd:77:35:d9:b0:6d:07:1a:39:09:47:06:5e:fc:
         a1:5b:e8:f5:78:d0:ba:b1:3a:98:89:9c:56:b2:12:4c:59:c3:
         e0:e6:b8:8c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEC0KY0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEw
MTEzMDQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ2YmUxZDdiY2M3
NTM4YzNlMzAxMDkwMTEzN2IwMmYxZDRkY2U1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoMjvq4QVOCUAqjE2yTy081yp5WOlOvxkQlWOZxTy3Thu3E
Nu6oy9HTuiRFVsYlRMP+zyM519aWn7uMwjzD38XcoSpBau62eTqERTizlHkQ2NEQ
JsxhFmp81ytXhY9bL5ZZUDDCSNhtR1CGQ0AObjtETS2PTNeeJC/3vkV++HE4vNWW
io+GxQk0sA4GmsqLPrt02Sm5B1E3fsncZRuPG7HReiNqJV0aO6e9zqftXKCzq2yf
Nlv8OiquD9I/bVXHpxSCjkLa8Fy8Wmlqx1rfu2919crZZx0x7XkQiXteqrWIXs9M
Bt49HK1V66gp5ofkNweQu4c6YnZ6t5wOYQYtIM8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRNa+HXvMdTjD4wEJARN7AvHU3OXTAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L1RXdmgxN3pIVTR3LU1CQ1FFVGV3THgxTnpsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1ZqyAMEA1ktEDANBgkqhkiG9w0B
AQsFAAOCAQEAKTY4lVLfLhhLBtllTW09J2/mvtY0DsGycE7twd7InAetNiV3HVOa
rqUbG6iMuL+yDIZflzolQE9Kwyz10JK7vgoJtyoanvxIG4/pqWxEyBG8szptTF22
lzL4Aq5IFM7c3syf4ozK/5M8ujymEQwhbjLi0QNgRxKmsoa2M3NPg8vNgKNZgICx
5QI0O9pnq7O4E1JZo6uh0qVUnEZjWNfhKeWdFkpokBh5b4YSejhynz4DZ1ZOWGcs
6rZCSEekNgoLblHpqcevvTMZfX4tkEFfpBKP6R1PIeUWV47nGP13NdmwbQcaOQlH
Bl78oVvo9XjQurE6mImcVrISTFnD4Oa4jA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org