Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Tl93upbdQdqN_vXLf5T4TlzSCxs.roa
File:                     Tl93upbdQdqN_vXLf5T4TlzSCxs.roa (raw, json)
Hash identifier:          l8fkCPLtKQM5XBH+OcAVdU62YHj97NrRn4RzIwOUyuE=
Subject key identifier:   4E:5F:77:BA:96:DD:41:DA:8D:FE:F5:CB:7F:94:F8:4E:5C:D2:0B:1B
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       7C02B9
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Tl93upbdQdqN_vXLf5T4TlzSCxs.roa
Signing time:             Sat 01 Jan 2022 03:01:11 +0000
ROA not before:           Sat 01 Jan 2022 03:01:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399151
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8127161 (0x7c02b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e5f77ba96dd41da8dfef5cb7f94f84e5cd20b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:70:81:a3:e1:58:86:0c:14:af:07:53:1b:ec:
                    c7:af:c0:cb:cb:73:a2:7b:83:fa:40:b7:00:99:92:
                    50:c7:ae:78:cb:1d:70:16:04:ad:80:1a:86:ad:9a:
                    52:4a:bb:aa:e4:3f:0d:76:ac:e6:5c:c5:02:28:17:
                    21:4c:de:cf:4e:0d:03:4d:05:16:75:57:e3:46:e2:
                    fa:a3:df:46:da:66:da:86:01:23:c4:1c:ce:73:9d:
                    fe:6b:c5:c5:23:0a:d4:5d:96:be:19:84:bc:dc:14:
                    6d:5d:bf:e2:6f:46:e1:7d:c9:c1:5c:74:ed:57:9f:
                    8d:f2:ea:c9:10:65:5d:b4:b6:ea:17:d4:ed:9b:f8:
                    29:b6:f0:15:94:df:05:65:16:b3:28:46:f0:6d:53:
                    60:32:a8:03:1c:0d:3b:e2:0b:51:75:76:29:ef:fd:
                    d9:0f:4a:7f:12:68:f7:09:e6:74:69:34:e8:ab:5f:
                    bb:34:0c:b4:24:b2:ca:fa:bb:fb:17:e7:df:ae:15:
                    c6:55:88:4b:c7:c0:73:ae:44:4d:dd:c3:bb:ef:39:
                    eb:bf:2b:d2:6a:de:11:41:ae:5a:4e:ac:5d:17:2e:
                    77:6a:32:eb:4b:3b:ec:15:c2:e7:4a:09:bb:5f:22:
                    c5:64:af:e3:f3:26:aa:c6:20:f8:fb:8d:d3:ee:23:
                    ce:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:5F:77:BA:96:DD:41:DA:8D:FE:F5:CB:7F:94:F8:4E:5C:D2:0B:1B
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Tl93upbdQdqN_vXLf5T4TlzSCxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:b5:b3:e3:43:e4:b1:38:fa:1d:0f:bb:8c:df:6f:87:9a:ff:
         d4:a2:f3:5a:7b:fe:e0:da:ac:56:f2:d8:8c:18:f8:3d:8a:ff:
         b6:01:77:37:2a:45:bf:2a:c3:5d:ea:8e:3d:6f:3b:1d:0e:60:
         2b:1e:9b:4c:d3:af:61:8f:2b:25:9b:10:f2:9c:99:e8:29:0a:
         39:e7:a7:d9:3c:a1:63:63:e2:a6:fc:b7:30:c8:f9:d3:45:3c:
         1c:4e:17:47:5e:d4:93:70:dd:85:dd:22:f9:28:3f:02:38:59:
         2f:ae:60:da:e7:99:1e:82:91:dd:5f:6d:a0:25:86:8d:d1:f4:
         1f:08:fc:c9:0c:bf:2b:70:e6:6b:06:f9:57:63:17:93:03:84:
         30:b0:0a:e4:83:ef:d9:44:9f:f6:3e:03:1f:8e:f7:5a:5d:64:
         6a:b4:01:75:12:78:e5:a4:9f:ce:fe:5b:5d:0b:08:f9:96:88:
         1b:9c:f0:dd:f6:20:42:33:ae:ec:97:e0:0a:86:63:73:bf:8a:
         b5:68:f0:a7:67:62:3b:00:79:87:74:e9:78:3a:e5:a9:2b:0e:
         1e:f5:20:17:55:90:04:c1:d5:56:42:67:4c:1c:ce:a8:46:2b:
         9d:a8:ac:d9:de:e1:95:0c:d5:b7:fc:f9:5f:b7:31:4a:5a:38:
         23:43:e9:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDfAK5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZTVmNzdiYTk2ZGQ0
MWRhOGRmZWY1Y2I3Zjk0Zjg0ZTVjZDIwYjFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm3CBo+FYhgwUrwdTG+zHr8DLy3Oie4P6QLcAmZJQx654yx1w
FgStgBqGrZpSSruq5D8NdqzmXMUCKBchTN7PTg0DTQUWdVfjRuL6o99G2mbahgEj
xBzOc53+a8XFIwrUXZa+GYS83BRtXb/ib0bhfcnBXHTtV5+N8urJEGVdtLbqF9Tt
m/gptvAVlN8FZRazKEbwbVNgMqgDHA074gtRdXYp7/3ZD0p/Emj3CeZ0aTToq1+7
NAy0JLLK+rv7F+ffrhXGVYhLx8BzrkRN3cO77znrvyvSat4RQa5aTqxdFy53ajLr
SzvsFcLnSgm7XyLFZK/j8yaqxiD4+43T7iPO/QIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFE5fd7qW3UHajf71y3+U+E5c0gsbMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
VGw5M3VwYmRRZHFOX3ZYTGY1VDRUbHpTQ3hzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBNtbPjQ+SxOPodD7uM32+Hmv/UovNae/7g2qxW
8tiMGPg9iv+2AXc3KkW/KsNd6o49bzsdDmArHptM069hjyslmxDynJnoKQo556fZ
PKFjY+Km/LcwyPnTRTwcThdHXtSTcN2F3SL5KD8COFkvrmDa55kegpHdX22gJYaN
0fQfCPzJDL8rcOZrBvlXYxeTA4QwsArkg+/ZRJ/2PgMfjvdaXWRqtAF1EnjlpJ/O
/ltdCwj5logbnPDd9iBCM67sl+AKhmNzv4q1aPCnZ2I7AHmHdOl4OuWpKw4e9SAX
VZAEwdVWQmdMHM6oRiudqKzZ3uGVDNW3/PlftzFKWjgjQ+m0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:37 2024 by rpki-client on console-ams.rpki-client.org