Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/TqUmty0UpjJTdtdQ9eqOebNZMDA.roa
File:                     TqUmty0UpjJTdtdQ9eqOebNZMDA.roa (raw, json)
Hash identifier:          4Ymlk0E2ZeTqRcSDsv1SVDZ/0FvcYBiDsT4PViVvyo8=
Subject key identifier:   4E:A5:26:B7:2D:14:A6:32:53:76:D7:50:F5:EA:8E:79:B3:59:30:30
Certificate issuer:       /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial:       01849964463D334DCDF8530C4676C353C7D2
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/TqUmty0UpjJTdtdQ9eqOebNZMDA.roa
Signing time:             Mon 21 Nov 2022 08:53:16 +0000
ROA not before:           Mon 21 Nov 2022 08:53:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212384
IP address blocks:        91.199.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:64:46:3d:33:4d:cd:f8:53:0c:46:76:c3:53:c7:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
        Validity
            Not Before: Nov 21 08:53:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ea526b72d14a6325376d750f5ea8e79b3593030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0e:e5:a9:d1:22:bd:b1:7a:33:37:3a:db:95:
                    a7:29:e5:50:97:bb:b5:14:8c:97:3e:35:1b:65:e7:
                    59:3e:58:d2:0f:0e:49:2f:90:e7:02:e4:44:da:9e:
                    d4:0a:99:7a:e0:54:03:08:e3:cd:5a:10:7a:ac:f9:
                    14:ad:90:c1:08:32:15:af:4e:22:a5:0c:f5:69:2a:
                    00:ae:58:96:fa:a4:2b:b8:23:1d:c1:8c:88:2b:ff:
                    ec:89:06:cf:51:98:53:3a:a3:be:45:6d:77:5b:ef:
                    71:ec:f5:9f:51:98:06:bd:a5:2f:d0:7b:1f:16:e4:
                    fe:25:95:77:53:f0:c3:a5:df:2c:8f:eb:d6:72:d0:
                    d4:80:6d:97:61:d4:d1:44:c3:69:48:55:fa:68:81:
                    b0:59:0f:ea:ea:ac:ba:31:ab:06:86:e9:84:d2:bf:
                    0d:6d:3c:bb:14:c4:d4:ad:7b:a6:2a:d5:2c:24:c3:
                    f3:87:15:26:41:95:0f:05:2f:0d:f2:90:3c:a8:ab:
                    0f:0f:5b:68:17:7f:64:8d:9a:69:7e:ac:3f:0c:5b:
                    d1:cb:53:e2:d5:ff:45:83:74:d5:62:dc:b2:b1:14:
                    81:b7:72:79:49:70:af:74:f5:66:28:5f:d1:27:71:
                    6f:ba:5e:fc:bd:9c:6b:bc:ff:ca:31:48:09:2d:32:
                    c7:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:A5:26:B7:2D:14:A6:32:53:76:D7:50:F5:EA:8E:79:B3:59:30:30
            X509v3 Authority Key Identifier:
                keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/TqUmty0UpjJTdtdQ9eqOebNZMDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:85:2f:60:42:6b:4f:22:c5:b8:5a:b2:52:32:1a:dd:18:15:
         00:b3:0f:c4:0e:63:21:2a:8d:e1:8e:07:da:a4:5e:2f:1e:2c:
         65:e5:d1:c4:ee:01:cd:2c:0d:7f:96:52:be:42:31:73:27:20:
         8c:31:71:73:a0:60:84:f0:44:ca:39:6f:de:56:01:2d:67:5e:
         a8:2c:39:7b:16:ae:a4:72:94:8f:62:25:55:5e:af:fe:16:ae:
         2a:f6:ac:c7:34:35:ea:cc:c8:10:02:c6:29:c3:81:c9:fd:d1:
         2b:94:90:0a:77:7d:e3:8a:04:1b:2d:06:01:fd:31:37:10:a6:
         21:7b:46:00:db:e5:c2:ef:6d:96:40:4b:76:c5:ca:b9:1a:22:
         35:02:2a:66:de:77:28:62:68:7e:c4:46:3f:a6:59:ad:ab:14:
         cd:50:d9:4c:04:ff:3d:22:78:ef:12:e5:86:df:96:98:21:e0:
         ee:d9:d2:24:7a:46:fc:6f:8e:bf:ed:8f:42:e0:bb:dc:6c:39:
         03:77:5a:81:f8:39:04:1b:9e:51:f8:fd:55:39:d0:94:0c:8e:
         55:23:54:83:db:42:4f:5b:9f:0d:20:0d:ac:31:44:2c:1d:ea:
         fa:a0:1a:68:0c:23:b7:c2:52:17:b2:8e:27:5d:f8:97:0f:3d:
         48:bd:34:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSZZEY9M03N+FMMRnbDU8fSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjIxMTIxMDg1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE1MjZiNzJkMTRhNjMyNTM3NmQ3NTBmNWVhOGU3OWIzNTkzMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA7lqdEivbF6Mzc625WnKeVQl7u1
FIyXPjUbZedZPljSDw5JL5DnAuRE2p7UCpl64FQDCOPNWhB6rPkUrZDBCDIVr04i
pQz1aSoArliW+qQruCMdwYyIK//siQbPUZhTOqO+RW13W+9x7PWfUZgGvaUv0Hsf
FuT+JZV3U/DDpd8sj+vWctDUgG2XYdTRRMNpSFX6aIGwWQ/q6qy6MasGhumE0r8N
bTy7FMTUrXumKtUsJMPzhxUmQZUPBS8N8pA8qKsPD1toF39kjZppfqw/DFvRy1Pi
1f9Fg3TVYtyysRSBt3J5SXCvdPVmKF/RJ3Fvul78vZxrvP/KMUgJLTLHvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6lJrctFKYyU3bXUPXqjnmzWTAwMB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvVHFVbXR5MFVwakpUZHRkUTllcU9lYk5aTURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8cvMA0G
CSqGSIb3DQEBCwUAA4IBAQDDhS9gQmtPIsW4WrJSMhrdGBUAsw/EDmMhKo3hjgfa
pF4vHixl5dHE7gHNLA1/llK+QjFzJyCMMXFzoGCE8ETKOW/eVgEtZ16oLDl7Fq6k
cpSPYiVVXq/+Fq4q9qzHNDXqzMgQAsYpw4HJ/dErlJAKd33jigQbLQYB/TE3EKYh
e0YA2+XC722WQEt2xcq5GiI1Aipm3ncoYmh+xEY/plmtqxTNUNlMBP89InjvEuWG
35aYIeDu2dIkekb8b46/7Y9C4LvcbDkDd1qB+DkEG55R+P1VOdCUDI5VI1SD20JP
W58NIA2sMUQsHer6oBpoDCO3wlIXso4nXfiXDz1IvTT8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org