Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/TPd7M94fCtPPRyW_QthlDqR2ioY.roa
File:                     TPd7M94fCtPPRyW_QthlDqR2ioY.roa (raw, json)
Hash identifier:          m+306RjHEreNLPcvPxmW5zOTGtSSaUaHUW05KQBKSmw=
Subject key identifier:   4C:F7:7B:33:DE:1F:0A:D3:CF:47:25:BF:42:D8:65:0E:A4:76:8A:86
Certificate issuer:       /CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
Certificate serial:       0EC942A4
Authority key identifier: 67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/TPd7M94fCtPPRyW_QthlDqR2ioY.roa
Signing time:             Sat 01 Jan 2022 12:04:07 +0000
ROA not before:           Sat 01 Jan 2022 12:04:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42750
IP address blocks:        185.195.72.0/22 maxlen: 22
                          185.195.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 248070820 (0xec942a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
        Validity
            Not Before: Jan  1 12:04:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4cf77b33de1f0ad3cf4725bf42d8650ea4768a86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fc:21:b1:d3:ca:90:1a:26:36:62:ec:44:c5:
                    aa:49:94:e7:74:08:f5:3d:69:44:54:af:35:ad:ed:
                    8d:38:7f:1c:b3:54:a7:77:1b:af:28:97:44:ca:1c:
                    4e:36:2f:fe:8b:dd:5c:02:17:cd:91:45:ca:75:69:
                    9d:e9:9d:86:25:42:15:69:fa:de:c7:30:4b:ac:aa:
                    6a:70:3d:97:e3:b2:43:67:12:88:51:fc:39:47:29:
                    cd:95:9e:56:2e:76:8b:ef:0c:f6:e7:d6:bd:7f:a9:
                    a8:aa:41:7f:c9:88:7f:f6:f4:d7:e2:14:e7:c0:e9:
                    2e:7a:3c:fc:e4:be:fd:d2:61:7c:10:a2:a9:f9:70:
                    2c:99:c5:a8:6f:d2:04:ca:2d:35:d0:78:b2:89:87:
                    ea:d8:e4:54:4d:5c:ac:41:f2:91:a9:90:c6:36:71:
                    2e:65:3c:9d:ab:aa:ce:5a:16:30:c9:d2:cd:7b:65:
                    0a:e9:21:ab:9b:21:e5:50:87:96:a2:ba:70:cc:ee:
                    cd:d7:7d:b7:73:a4:49:09:1f:47:2d:ad:f7:5f:47:
                    ec:7a:a4:8d:f9:d1:d3:6a:fe:a1:b3:92:7f:20:2a:
                    02:1e:40:90:d8:6d:35:23:36:3d:d6:18:5c:e0:40:
                    5f:a3:0a:34:28:b3:c1:95:d5:a1:68:35:cb:e9:3a:
                    b6:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:F7:7B:33:DE:1F:0A:D3:CF:47:25:BF:42:D8:65:0E:A4:76:8A:86
            X509v3 Authority Key Identifier:
                keyid:67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/TPd7M94fCtPPRyW_QthlDqR2ioY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/Z9zZJr83DT-gGDoTi1ewmDzaygo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:ef:94:d4:2e:46:22:33:65:dc:db:be:09:b4:80:65:4c:b4:
         49:eb:da:5e:89:ea:4f:e7:b7:23:d3:18:be:23:30:fb:12:93:
         48:e9:bd:a2:c5:35:1c:f6:91:79:78:d8:e1:7a:ac:32:f4:ee:
         fa:22:91:3f:ee:da:a1:54:9d:b2:4e:ea:0b:d2:8e:05:2d:52:
         0c:30:38:3b:8d:a2:6d:91:57:e6:ab:fd:d2:fe:cb:ac:2d:b5:
         93:a7:0c:74:15:44:94:3b:5d:72:87:6e:0a:f0:8b:fb:57:ee:
         31:74:21:7f:92:5f:97:f5:3b:97:23:fd:c7:47:87:2b:88:6f:
         21:91:21:93:dc:86:56:35:aa:d6:64:08:dc:c3:b7:65:b2:f2:
         6a:17:3a:c1:1d:97:c9:77:77:14:25:66:ee:3e:87:9c:ba:70:
         a5:57:7b:97:a9:f1:50:eb:41:3a:ee:0f:1f:b7:0a:54:93:e4:
         7e:89:eb:20:f0:eb:74:59:6f:67:bc:94:68:a5:42:b8:5c:87:
         9a:b8:54:1e:d2:2f:78:b8:aa:8b:be:8b:5f:3c:40:be:e8:33:
         44:a3:64:e4:4a:aa:c9:61:21:a4:44:6f:35:3d:fe:c9:15:32:
         6c:e6:6f:9c:54:73:d4:14:09:5f:b4:42:d9:2c:5f:43:b8:7e:
         67:8f:22:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDslCpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2RjZDkyNmJmMzcwZDNmYTAxODNhMTM4YjU3YjA5ODNjZGFjYTBhMB4XDTIyMDEw
MTEyMDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGNmNzdiMzNkZTFm
MGFkM2NmNDcyNWJmNDJkODY1MGVhNDc2OGE4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALn8IbHTypAaJjZi7ETFqkmU53QI9T1pRFSvNa3tjTh/HLNU
p3cbryiXRMocTjYv/ovdXAIXzZFFynVpnemdhiVCFWn63scwS6yqanA9l+OyQ2cS
iFH8OUcpzZWeVi52i+8M9ufWvX+pqKpBf8mIf/b01+IU58DpLno8/OS+/dJhfBCi
qflwLJnFqG/SBMotNdB4somH6tjkVE1crEHykamQxjZxLmU8nauqzloWMMnSzXtl
Cukhq5sh5VCHlqK6cMzuzdd9t3OkSQkfRy2t919H7HqkjfnR02r+obOSfyAqAh5A
kNhtNSM2PdYYXOBAX6MKNCizwZXVoWg1y+k6ts0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRM93sz3h8K089HJb9C2GUOpHaKhjAfBgNVHSMEGDAWgBRn3NkmvzcNP6AY
OhOLV7CYPNrKCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o5elpKcjgzRFQtZ0dEb1RpMWV3bUR6YXlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvZTFjODBkLWE2M2ItNDgxYy1hOWYyLTlmNWIyZWI0OTJhMC8x
L1RQZDdNOTRmQ3RQUFJ5V19RdGhsRHFSMmlvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
ZTFjODBkLWE2M2ItNDgxYy1hOWYyLTlmNWIyZWI0OTJhMC8xL1o5elpKcjgzRFQt
Z0dEb1RpMWV3bUR6YXlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnDSDANBgkqhkiG9w0BAQsFAAOC
AQEAEO+U1C5GIjNl3Nu+CbSAZUy0SevaXonqT+e3I9MYviMw+xKTSOm9osU1HPaR
eXjY4XqsMvTu+iKRP+7aoVSdsk7qC9KOBS1SDDA4O42ibZFX5qv90v7LrC21k6cM
dBVElDtdcoduCvCL+1fuMXQhf5Jfl/U7lyP9x0eHK4hvIZEhk9yGVjWq1mQI3MO3
ZbLyahc6wR2XyXd3FCVm7j6HnLpwpVd7l6nxUOtBOu4PH7cKVJPkfonrIPDrdFlv
Z7yUaKVCuFyHmrhUHtIveLiqi76LXzxAvugzRKNk5EqqyWEhpERvNT3+yRUybOZv
nFRz1BQJX7RC2SxfQ7h+Z48iGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:11 2024 by rpki-client on console-ams.rpki-client.org