Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/TIHgLuTkeWMYwUtWG2medeAthhw.roa
File:                     TIHgLuTkeWMYwUtWG2medeAthhw.roa (raw, json)
Hash identifier:          b7MmmOtr8msGU6KCsWc7UV+n0qjgAtfOWTQC1GXWr0U=
Subject key identifier:   4C:81:E0:2E:E4:E4:79:63:18:C1:4B:56:1B:69:9E:75:E0:2D:86:1C
Certificate issuer:       /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial:       187AB5C1
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/TIHgLuTkeWMYwUtWG2medeAthhw.roa
Signing time:             Sat 01 Jan 2022 09:03:17 +0000
ROA not before:           Sat 01 Jan 2022 09:03:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        88.212.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 410695105 (0x187ab5c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
        Validity
            Not Before: Jan  1 09:03:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c81e02ee4e4796318c14b561b699e75e02d861c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:2a:43:b9:18:93:0f:b5:3e:d1:9f:d6:7f:67:
                    af:08:b5:26:dd:03:fa:32:ac:e3:bd:17:88:5d:fa:
                    db:10:c8:a9:0e:79:6a:0a:83:ae:5d:30:a5:13:9e:
                    33:0f:1f:72:8f:5e:b5:fa:36:f0:53:58:91:5d:04:
                    c7:dc:80:39:98:79:08:92:76:a2:7e:3a:6c:d7:ee:
                    cd:d7:ca:b9:85:25:c0:41:fa:d1:58:c0:b3:dd:13:
                    80:ca:e3:ee:3b:93:c5:39:b1:5e:e9:50:54:cb:04:
                    3e:5e:7d:3a:a5:b2:82:c3:19:f8:93:74:63:2c:c9:
                    48:2b:38:f5:a7:fe:57:33:b1:fc:5b:a5:99:34:11:
                    ff:33:9c:ab:2d:91:0c:94:55:c6:0d:d2:32:6b:c8:
                    e2:fa:76:ec:99:c4:db:18:86:fc:a1:47:b4:3b:70:
                    94:5d:97:be:6d:16:31:3f:05:f1:75:81:70:43:7a:
                    d1:00:51:8b:41:c3:5c:70:51:e4:43:56:02:ab:d8:
                    42:98:4f:fc:14:56:eb:8a:a1:ac:b5:48:fe:6d:62:
                    da:54:30:de:f8:3e:94:75:52:ba:b9:a8:34:c5:89:
                    3f:47:d6:e8:55:12:44:82:aa:c7:c7:82:b6:2a:b5:
                    4d:bc:73:63:50:43:a4:eb:b6:a0:ee:eb:a6:ba:39:
                    17:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:81:E0:2E:E4:E4:79:63:18:C1:4B:56:1B:69:9E:75:E0:2D:86:1C
            X509v3 Authority Key Identifier:
                keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/TIHgLuTkeWMYwUtWG2medeAthhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.212.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:42:63:a0:63:3e:fd:76:c3:e9:d6:6a:21:bc:f6:87:c6:97:
         04:ed:5f:ff:4b:de:f2:e8:d5:53:f2:4c:15:b7:d2:a8:24:1f:
         39:e1:7b:d8:40:a7:0d:2a:35:57:c9:03:3e:db:bf:c1:aa:08:
         c3:de:bc:4d:f6:89:da:07:c5:c6:67:de:f5:da:00:6c:45:a6:
         1b:cc:bc:36:8e:93:ee:f5:41:93:fc:23:0c:8b:75:de:d2:c6:
         d9:32:c9:d8:f6:46:1a:f5:7f:e7:b1:c6:4a:52:f0:38:4a:96:
         75:44:ab:50:fc:0a:ea:6f:6b:fa:df:1d:0a:3b:0f:c8:4a:0d:
         9c:5d:82:da:fd:38:e1:45:21:ef:a4:8b:59:15:98:c0:7d:f8:
         f9:21:ee:30:d2:ca:59:a9:f6:ea:03:b8:e8:04:77:48:f2:79:
         89:e7:5c:2f:9a:93:c5:56:e5:d2:23:83:23:d0:a1:f8:c5:7d:
         8f:76:18:de:ab:7a:83:b1:02:7a:6d:45:db:98:a1:24:20:24:
         f7:51:41:04:0c:45:18:88:c7:0a:60:e9:a2:be:fa:fa:fe:35:
         1f:83:97:52:6f:b6:35:67:fa:01:34:e4:4e:c4:fc:a6:27:f5:
         a4:ba:af:4a:01:3b:90:95:dd:69:5f:80:fe:b6:b8:8d:f7:fc:
         c9:fd:11:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGHq1wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDQ1ZGRlZWRmYmQ3MmQzMTNlOWVlOGNjZWVhZTg0MDNjYzM0MTQ2MB4XDTIyMDEw
MTA5MDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM4MWUwMmVlNGU0
Nzk2MzE4YzE0YjU2MWI2OTllNzVlMDJkODYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgqQ7kYkw+1PtGf1n9nrwi1Jt0D+jKs470XiF362xDIqQ55
agqDrl0wpROeMw8fco9etfo28FNYkV0Ex9yAOZh5CJJ2on46bNfuzdfKuYUlwEH6
0VjAs90TgMrj7juTxTmxXulQVMsEPl59OqWygsMZ+JN0YyzJSCs49af+VzOx/Ful
mTQR/zOcqy2RDJRVxg3SMmvI4vp27JnE2xiG/KFHtDtwlF2Xvm0WMT8F8XWBcEN6
0QBRi0HDXHBR5ENWAqvYQphP/BRW64qhrLVI/m1i2lQw3vg+lHVSurmoNMWJP0fW
6FUSRIKqx8eCtiq1TbxzY1BDpOu2oO7rpro5FzECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMgeAu5OR5YxjBS1YbaZ514C2GHDAfBgNVHSMEGDAWgBR0Rd3u371y0xPp
7ozO6uhAPMNBRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RFWGQ3dC05Y3RNVDZlNk16dXJvUUR6RFFVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvYzE3NjViLWUzYTUtNDEwYy05Y2QzLTZjYTM0MGZhNzQ5My8x
L1RJSGdMdVRrZVdNWXdVdFdHMm1lZGVBdGhody5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
YzE3NjViLWUzYTUtNDEwYy05Y2QzLTZjYTM0MGZhNzQ5My8xL2RFWGQ3dC05Y3RN
VDZlNk16dXJvUUR6RFFVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFjUnzANBgkqhkiG9w0BAQsFAAOC
AQEAB0JjoGM+/XbD6dZqIbz2h8aXBO1f/0ve8ujVU/JMFbfSqCQfOeF72ECnDSo1
V8kDPtu/waoIw968TfaJ2gfFxmfe9doAbEWmG8y8No6T7vVBk/wjDIt13tLG2TLJ
2PZGGvV/57HGSlLwOEqWdUSrUPwK6m9r+t8dCjsPyEoNnF2C2v044UUh76SLWRWY
wH34+SHuMNLKWan26gO46AR3SPJ5iedcL5qTxVbl0iODI9Ch+MV9j3YY3qt6g7EC
em1F25ihJCAk91FBBAxFGIjHCmDpor76+v41H4OXUm+2NWf6ATTkTsT8pif1pLqv
SgE7kJXdaV+A/ra4jff8yf0Rtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:39 2024 by rpki-client on console-fra.rpki-client.org