Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/TaA2BAqhqTCQrNiLyaUQ_tup1GI.roa
File:                     TaA2BAqhqTCQrNiLyaUQ_tup1GI.roa (raw, json)
Hash identifier:          1URJEelWRdYCGygQB04sjDJ2kM+pjN0UhhilJ/osUO4=
Subject key identifier:   4D:A0:36:04:0A:A1:A9:30:90:AC:D8:8B:C9:A5:10:FE:DB:A9:D4:62
Certificate issuer:       /CN=ecc45fcadc4c933ac8ff4e0b434a5bfb567b65a1
Certificate serial:       07D29C
Authority key identifier: EC:C4:5F:CA:DC:4C:93:3A:C8:FF:4E:0B:43:4A:5B:FB:56:7B:65:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/TaA2BAqhqTCQrNiLyaUQ_tup1GI.roa
Signing time:             Sat 01 Jan 2022 00:55:18 +0000
ROA not before:           Sat 01 Jan 2022 00:55:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15902
IP address blocks:        194.42.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 512668 (0x7d29c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecc45fcadc4c933ac8ff4e0b434a5bfb567b65a1
        Validity
            Not Before: Jan  1 00:55:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4da036040aa1a93090acd88bc9a510fedba9d462
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:40:bd:11:29:4c:f0:dd:f5:bd:4e:96:34:ee:
                    90:2d:c2:72:ec:18:8f:8e:2b:df:43:f6:b7:85:f8:
                    07:6e:e3:df:94:42:15:85:23:05:ff:cd:80:f6:63:
                    df:9c:60:9e:76:c6:fc:9b:3f:b4:64:27:da:e5:fd:
                    7b:e0:ca:bb:7d:97:ca:08:45:9d:d9:cd:5f:e6:7c:
                    5e:e9:37:ff:5e:97:55:e8:3e:2a:60:83:13:a6:27:
                    97:75:5e:eb:4e:47:06:1b:ff:9c:75:b1:df:68:d4:
                    0d:48:a6:73:74:77:cd:55:90:71:4d:29:55:c5:a5:
                    f8:5a:7e:32:67:87:0d:01:3a:13:9d:f5:91:2b:c3:
                    51:f8:8d:8c:51:03:a6:fd:ff:ad:fb:b6:69:06:f7:
                    55:88:a7:ba:6b:db:c6:64:10:94:fb:a2:5d:f7:d2:
                    d8:49:91:8e:3f:22:b0:12:3c:84:ce:f2:b8:8c:c0:
                    f6:3e:f0:64:eb:20:3b:26:64:60:10:9d:0d:92:dc:
                    3e:7d:d5:7f:de:ce:25:ac:6f:87:bb:74:b8:d3:74:
                    ff:cf:73:a3:0a:51:bf:03:66:09:91:60:a7:2d:95:
                    62:92:0b:e8:2b:fc:45:a8:ba:5e:07:36:c6:17:ce:
                    61:44:c8:58:95:7b:fd:83:6e:ad:59:a0:bd:68:35:
                    2a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:A0:36:04:0A:A1:A9:30:90:AC:D8:8B:C9:A5:10:FE:DB:A9:D4:62
            X509v3 Authority Key Identifier:
                keyid:EC:C4:5F:CA:DC:4C:93:3A:C8:FF:4E:0B:43:4A:5B:FB:56:7B:65:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/TaA2BAqhqTCQrNiLyaUQ_tup1GI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8a4285-157e-4c76-bed4-e076f8ccb8b9/1/7MRfytxMkzrI_04LQ0pb-1Z7ZaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.42.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:d6:21:c7:8a:7c:66:28:62:1c:cc:cc:6e:20:55:0e:b9:93:
         ad:ef:ce:55:c1:07:fe:cb:27:ac:7f:b7:5d:71:a9:03:93:cb:
         fb:36:6f:de:3d:72:00:a2:d4:2a:58:a8:94:26:5f:44:84:a1:
         08:12:f2:6b:90:7b:37:46:2e:e1:ab:c0:bc:6a:23:d5:03:da:
         ca:f1:0b:29:51:e7:d0:8e:1a:0d:f5:fe:92:b9:0c:ca:73:de:
         7e:ff:91:67:cc:f5:9a:c5:de:38:76:e9:19:47:8f:76:2b:cf:
         67:d4:c5:c6:06:e8:26:08:b3:28:15:79:c9:a0:60:5e:b1:e5:
         6f:66:fd:db:cd:93:64:c0:0f:c7:02:67:eb:04:83:50:aa:a3:
         08:82:83:c8:23:97:d8:38:b2:47:51:6a:2e:a0:a8:19:07:bf:
         71:0d:c0:f2:9c:cc:5c:df:47:8e:7b:b0:03:fb:c5:42:4f:07:
         79:b3:95:4a:b7:5b:a6:89:a2:13:9b:4a:f1:7c:2b:1d:1c:52:
         91:44:02:cc:39:fc:da:63:d5:20:d8:26:3b:1a:62:57:ef:e0:
         7b:6e:94:23:20:3f:1e:90:ee:0e:b8:0a:8e:9a:37:06:03:b0:
         90:94:bd:d6:8e:0c:eb:06:8a:65:2e:2c:f4:5a:e3:f6:c5:51:
         7f:0c:26:b5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDB9KcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVj
YzQ1ZmNhZGM0YzkzM2FjOGZmNGUwYjQzNGE1YmZiNTY3YjY1YTEwHhcNMjIwMTAx
MDA1NTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZGEwMzYwNDBhYTFh
OTMwOTBhY2Q4OGJjOWE1MTBmZWRiYTlkNDYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvUC9ESlM8N31vU6WNO6QLcJy7BiPjivfQ/a3hfgHbuPflEIV
hSMF/82A9mPfnGCedsb8mz+0ZCfa5f174Mq7fZfKCEWd2c1f5nxe6Tf/XpdV6D4q
YIMTpieXdV7rTkcGG/+cdbHfaNQNSKZzdHfNVZBxTSlVxaX4Wn4yZ4cNAToTnfWR
K8NR+I2MUQOm/f+t+7ZpBvdViKe6a9vGZBCU+6Jd99LYSZGOPyKwEjyEzvK4jMD2
PvBk6yA7JmRgEJ0Nktw+fdV/3s4lrG+Hu3S403T/z3OjClG/A2YJkWCnLZVikgvo
K/xFqLpeBzbGF85hRMhYlXv9g26tWaC9aDUqEQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE2gNgQKoakwkKzYi8mlEP7bqdRiMB8GA1UdIwQYMBaAFOzEX8rcTJM6yP9O
C0NKW/tWe2WhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
N01SZnl0eE1renJJXzA0TFEwcGItMVo3WmFFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy84YTQyODUtMTU3ZS00Yzc2LWJlZDQtZTA3NmY4Y2NiOGI5LzEv
VGFBMkJBcWhxVENRck5pTHlhVVFfdHVwMUdJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84
YTQyODUtMTU3ZS00Yzc2LWJlZDQtZTA3NmY4Y2NiOGI5LzEvN01SZnl0eE1renJJ
XzA0TFEwcGItMVo3WmFFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiooMA0GCSqGSIb3DQEBCwUAA4IB
AQAI1iHHinxmKGIczMxuIFUOuZOt785VwQf+yyesf7ddcakDk8v7Nm/ePXIAotQq
WKiUJl9EhKEIEvJrkHs3Ri7hq8C8aiPVA9rK8QspUefQjhoN9f6SuQzKc95+/5Fn
zPWaxd44dukZR492K89n1MXGBugmCLMoFXnJoGBeseVvZv3bzZNkwA/HAmfrBINQ
qqMIgoPII5fYOLJHUWouoKgZB79xDcDynMxc30eOe7AD+8VCTwd5s5VKt1umiaIT
m0rxfCsdHFKRRALMOfzaY9Ug2CY7GmJX7+B7bpQjID8ekO4OuAqOmjcGA7CQlL3W
jgzrBoplLiz0WuP2xVF/DCa1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:14 2024 by rpki-client on console-ams.rpki-client.org