Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/dd981d-e1f5-4837-9027-c9bf55d9d1ba/1/tgBvZkuAyRxtN5ZVtSA6tg_bGYg.roa
File:                     tgBvZkuAyRxtN5ZVtSA6tg_bGYg.roa (raw, json)
Hash identifier:          Dunbdca4WcWlQKdVj8O5ZA9v/4p3AwwduA+84A9GarY=
Subject key identifier:   B6:00:6F:66:4B:80:C9:1C:6D:37:96:55:B5:20:3A:B6:0F:DB:19:88
Certificate issuer:       /CN=53c77312e0d2cec845a04613845f8a1be263c399
Certificate serial:       0913B213
Authority key identifier: 53:C7:73:12:E0:D2:CE:C8:45:A0:46:13:84:5F:8A:1B:E2:63:C3:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U8dzEuDSzshFoEYThF-KG-Jjw5k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/dd981d-e1f5-4837-9027-c9bf55d9d1ba/1/tgBvZkuAyRxtN5ZVtSA6tg_bGYg.roa
Signing time:             Sat 01 Jan 2022 03:53:37 +0000
ROA not before:           Sat 01 Jan 2022 03:53:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209240
IP address blocks:        92.119.236.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152285715 (0x913b213)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53c77312e0d2cec845a04613845f8a1be263c399
        Validity
            Not Before: Jan  1 03:53:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6006f664b80c91c6d379655b5203ab60fdb1988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:54:91:ab:95:db:4c:55:68:db:ce:c9:9d:db:
                    39:fd:c6:04:b4:44:09:80:ef:3e:82:f3:62:7c:9a:
                    8e:1a:f1:de:3a:c7:29:01:89:1d:96:ab:91:ca:a4:
                    bf:e0:a4:f0:d2:45:00:b2:e4:17:d7:60:7f:5b:11:
                    f6:93:ea:b4:61:29:e0:d0:c1:05:14:d1:da:c5:2e:
                    8a:3a:12:a5:31:62:7e:8c:4d:5b:ef:3e:50:66:53:
                    7c:d9:a2:08:47:c9:4c:00:cb:89:a5:a0:3d:ea:59:
                    49:17:aa:a0:a4:bc:6a:40:ae:db:de:75:d7:4a:fe:
                    dd:a1:d7:5a:ed:d2:11:11:32:a4:c4:47:27:0a:b8:
                    a0:8d:e2:4c:c4:72:28:02:ee:f7:14:f0:45:bc:3c:
                    70:45:f7:2c:e1:b9:8a:93:1f:e3:0a:7f:d2:ae:20:
                    fc:36:73:a1:c5:9b:27:88:2b:89:58:b2:98:b4:b2:
                    ad:39:22:81:1e:61:5e:db:f0:7e:94:8c:6d:f3:25:
                    85:28:7a:ea:92:6c:59:4d:d4:68:1e:b7:ff:12:2b:
                    29:cd:22:63:00:3e:e0:94:be:23:c7:b7:9d:28:79:
                    13:cd:82:e2:7d:77:d9:38:34:47:b9:3b:5b:fa:7a:
                    af:9a:24:60:f1:d8:7d:be:e2:8c:ea:bd:9e:28:6a:
                    10:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:00:6F:66:4B:80:C9:1C:6D:37:96:55:B5:20:3A:B6:0F:DB:19:88
            X509v3 Authority Key Identifier:
                keyid:53:C7:73:12:E0:D2:CE:C8:45:A0:46:13:84:5F:8A:1B:E2:63:C3:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8dzEuDSzshFoEYThF-KG-Jjw5k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/dd981d-e1f5-4837-9027-c9bf55d9d1ba/1/tgBvZkuAyRxtN5ZVtSA6tg_bGYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/dd981d-e1f5-4837-9027-c9bf55d9d1ba/1/U8dzEuDSzshFoEYThF-KG-Jjw5k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:0a:8b:5a:91:e0:a9:5d:df:e7:06:f0:60:40:1e:b9:ee:8f:
         cf:f7:51:87:d7:74:b3:ec:00:f7:e7:0a:94:69:63:e5:dd:96:
         ff:b0:40:86:ae:52:47:c4:40:30:2f:21:f3:d0:06:c3:10:d1:
         ee:af:72:1c:ff:86:17:bf:62:a6:4e:cc:d8:7f:ba:22:bf:75:
         47:2e:de:68:11:ab:0a:05:5c:e2:39:09:02:87:cf:70:8d:82:
         f8:11:d9:8b:0a:2a:ed:b6:67:a8:d0:cd:9e:43:ca:45:04:d7:
         0b:1d:a1:a7:e7:b7:83:c6:64:97:6b:f8:94:6b:5c:85:e2:c6:
         ff:49:53:54:6f:a3:18:ba:f6:4c:bf:57:ef:27:a4:38:bc:95:
         38:e7:b7:77:e7:19:ba:9c:da:7d:72:04:ad:c2:5d:4b:eb:88:
         aa:67:8e:9d:42:47:a2:51:2a:55:62:39:ed:eb:90:41:b3:27:
         4f:6a:01:9f:bc:5b:81:ce:59:86:30:9b:ca:09:c0:2d:11:04:
         43:c0:c6:12:4a:cf:bf:dc:b9:91:51:23:38:f7:b9:9f:6b:10:
         4c:a8:ff:96:ad:dd:54:34:67:a0:7a:c0:25:c5:5c:63:d0:f3:
         d9:2b:35:63:03:46:17:a2:2e:b8:ae:39:ff:84:e0:9c:13:6b:
         c5:4b:a7:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECROyEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2M3NzMxMmUwZDJjZWM4NDVhMDQ2MTM4NDVmOGExYmUyNjNjMzk5MB4XDTIyMDEw
MTAzNTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYwMDZmNjY0Yjgw
YzkxYzZkMzc5NjU1YjUyMDNhYjYwZmRiMTk4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBUkauV20xVaNvOyZ3bOf3GBLRECYDvPoLzYnyajhrx3jrH
KQGJHZarkcqkv+Ck8NJFALLkF9dgf1sR9pPqtGEp4NDBBRTR2sUuijoSpTFifoxN
W+8+UGZTfNmiCEfJTADLiaWgPepZSReqoKS8akCu295110r+3aHXWu3SEREypMRH
Jwq4oI3iTMRyKALu9xTwRbw8cEX3LOG5ipMf4wp/0q4g/DZzocWbJ4griViymLSy
rTkigR5hXtvwfpSMbfMlhSh66pJsWU3UaB63/xIrKc0iYwA+4JS+I8e3nSh5E82C
4n132Tg0R7k7W/p6r5okYPHYfb7ijOq9nihqEB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2AG9mS4DJHG03llW1IDq2D9sZiDAfBgNVHSMEGDAWgBRTx3MS4NLOyEWg
RhOEX4ob4mPDmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1U4ZHpFdURTenNoRm9FWVRoRi1LRy1Kanc1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZGQ5ODFkLWUxZjUtNDgzNy05MDI3LWM5YmY1NWQ5ZDFiYS8x
L3RnQnZaa3VBeVJ4dE41WlZ0U0E2dGdfYkdZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZGQ5ODFkLWUxZjUtNDgzNy05MDI3LWM5YmY1NWQ5ZDFiYS8xL1U4ZHpFdURTenNo
Rm9FWVRoRi1LRy1Kanc1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlx37DANBgkqhkiG9w0BAQsFAAOC
AQEAnAqLWpHgqV3f5wbwYEAeue6Pz/dRh9d0s+wA9+cKlGlj5d2W/7BAhq5SR8RA
MC8h89AGwxDR7q9yHP+GF79ipk7M2H+6Ir91Ry7eaBGrCgVc4jkJAofPcI2C+BHZ
iwoq7bZnqNDNnkPKRQTXCx2hp+e3g8Zkl2v4lGtcheLG/0lTVG+jGLr2TL9X7yek
OLyVOOe3d+cZupzafXIErcJdS+uIqmeOnUJHolEqVWI57euQQbMnT2oBn7xbgc5Z
hjCbygnALREEQ8DGEkrPv9y5kVEjOPe5n2sQTKj/lq3dVDRnoHrAJcVcY9Dz2Ss1
YwNGF6IuuK45/4TgnBNrxUun5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:58 2024 by rpki-client on console-fra.rpki-client.org