Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/TssnVk0ezQH6_xKLr_RY4KtGOco.roa
File:                     TssnVk0ezQH6_xKLr_RY4KtGOco.roa (raw, json)
Hash identifier:          h1ac17I0uUioUu1lqweb0G+64xHJkSSxhE/0D3au6ko=
Subject key identifier:   4E:CB:27:56:4D:1E:CD:01:FA:FF:12:8B:AF:F4:58:E0:AB:46:39:CA
Certificate issuer:       /CN=a8305c6e58294ad0ed5162fa8429da5165653930
Certificate serial:       162FCEA1
Authority key identifier: A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/TssnVk0ezQH6_xKLr_RY4KtGOco.roa
Signing time:             Sat 01 Jan 2022 04:02:45 +0000
ROA not before:           Sat 01 Jan 2022 04:02:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13030
IP address blocks:        91.238.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 372231841 (0x162fcea1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8305c6e58294ad0ed5162fa8429da5165653930
        Validity
            Not Before: Jan  1 04:02:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ecb27564d1ecd01faff128baff458e0ab4639ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fd:cb:ac:f7:d4:d7:71:7a:33:a4:02:b1:1e:
                    74:cb:fb:c2:f8:59:83:15:56:d8:39:fa:b5:9d:6c:
                    8b:9e:2d:f1:f2:b7:8f:22:7c:e8:67:03:5d:4b:dc:
                    74:28:66:64:20:b4:dc:5e:93:48:a8:f3:2a:09:9b:
                    2b:9a:cf:dc:54:e4:37:1d:eb:c9:cd:82:3a:09:f6:
                    85:a7:8c:88:27:13:62:db:92:7e:f9:a5:fc:cd:11:
                    88:cb:8b:60:79:fb:d3:5f:26:55:49:18:41:ba:94:
                    2f:e1:84:49:2d:b0:90:72:26:8f:52:0e:70:1a:c5:
                    b6:55:06:cf:15:7e:b5:2d:f2:43:3b:90:44:a9:d1:
                    13:5a:12:83:c4:33:8b:a8:97:c5:51:36:87:c6:3e:
                    97:14:07:1e:1a:d3:2a:d4:b9:76:62:d8:e5:17:53:
                    98:de:36:ba:d7:38:50:0a:91:28:49:ea:24:b9:0d:
                    01:fa:26:68:78:2f:93:53:2f:1a:04:a6:66:6b:11:
                    d5:8f:48:9c:69:e8:95:04:de:13:52:bf:2d:c0:4b:
                    e1:e5:12:b2:ba:8f:93:13:91:ab:bd:17:70:57:37:
                    f2:a8:1c:9e:00:99:b9:92:61:ce:8f:db:1e:f8:6b:
                    93:fa:0c:17:6b:e1:ea:b3:ce:f2:de:4e:cf:28:c3:
                    6e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:CB:27:56:4D:1E:CD:01:FA:FF:12:8B:AF:F4:58:E0:AB:46:39:CA
            X509v3 Authority Key Identifier:
                keyid:A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/TssnVk0ezQH6_xKLr_RY4KtGOco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:c2:8f:1f:93:70:18:9b:e4:5b:e4:1b:c1:0f:44:ea:cc:ee:
         46:c7:b6:0b:a0:2f:fe:cc:a0:73:ae:37:bd:3d:fc:46:3d:ac:
         50:86:35:24:34:c4:90:70:bc:ea:42:f8:dc:43:4e:a8:68:5f:
         f3:3f:81:f6:12:f7:f4:c4:18:5d:76:34:7f:9f:89:30:f5:03:
         b1:a2:2e:87:79:66:3b:21:61:c1:b7:64:87:5e:2b:6c:92:61:
         59:47:d1:d5:05:01:24:b3:7b:3f:54:88:fc:3c:7f:d3:80:b6:
         a3:6b:5e:31:a6:22:7a:b6:e2:3d:3b:58:50:c1:e3:a1:d1:d0:
         8d:1c:1b:69:2b:30:2d:df:a9:22:f0:a1:cf:b5:9e:df:ea:df:
         f6:b7:08:8d:44:53:80:30:93:38:35:26:a6:98:5a:b8:b2:6a:
         59:db:44:6f:69:58:f8:b7:a2:ae:a2:33:5a:53:db:f4:3f:2a:
         4e:47:da:9d:ad:37:4e:e9:a6:42:58:26:4b:4c:d2:e7:d1:a5:
         00:73:56:3f:cf:23:54:e4:5b:12:cf:e5:45:e0:74:49:f4:6d:
         22:96:0c:f2:9e:63:3a:8f:94:10:b2:bc:8d:b6:1b:15:c0:15:
         92:98:c1:54:10:b7:74:50:20:d6:01:58:11:b9:dc:9a:33:5d:
         74:d3:ff:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFi/OoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODMwNWM2ZTU4Mjk0YWQwZWQ1MTYyZmE4NDI5ZGE1MTY1NjUzOTMwMB4XDTIyMDEw
MTA0MDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGVjYjI3NTY0ZDFl
Y2QwMWZhZmYxMjhiYWZmNDU4ZTBhYjQ2MzljYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/9y6z31NdxejOkArEedMv7wvhZgxVW2Dn6tZ1si54t8fK3
jyJ86GcDXUvcdChmZCC03F6TSKjzKgmbK5rP3FTkNx3ryc2COgn2haeMiCcTYtuS
fvml/M0RiMuLYHn7018mVUkYQbqUL+GESS2wkHImj1IOcBrFtlUGzxV+tS3yQzuQ
RKnRE1oSg8Qzi6iXxVE2h8Y+lxQHHhrTKtS5dmLY5RdTmN42utc4UAqRKEnqJLkN
AfomaHgvk1MvGgSmZmsR1Y9InGnolQTeE1K/LcBL4eUSsrqPkxORq70XcFc38qgc
ngCZuZJhzo/bHvhrk/oMF2vh6rPO8t5OzyjDbl0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBROyydWTR7NAfr/Eouv9Fjgq0Y5yjAfBgNVHSMEGDAWgBSoMFxuWClK0O1R
YvqEKdpRZWU5MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FEQmNibGdwU3REdFVXTDZoQ25hVVdWbE9UQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvNGMxNWQ5LTc5ZTYtNDUyZi1hYTMyLTAyZGI4Yjc3ZDA4Ny8x
L1Rzc25WazBlelFINl94S0xyX1JZNEt0R09jby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
NGMxNWQ5LTc5ZTYtNDUyZi1hYTMyLTAyZGI4Yjc3ZDA4Ny8xL3FEQmNibGdwU3RE
dFVXTDZoQ25hVVdWbE9UQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvukDANBgkqhkiG9w0BAQsFAAOC
AQEAfcKPH5NwGJvkW+QbwQ9E6szuRse2C6Av/sygc643vT38Rj2sUIY1JDTEkHC8
6kL43ENOqGhf8z+B9hL39MQYXXY0f5+JMPUDsaIuh3lmOyFhwbdkh14rbJJhWUfR
1QUBJLN7P1SI/Dx/04C2o2teMaYierbiPTtYUMHjodHQjRwbaSswLd+pIvChz7We
3+rf9rcIjURTgDCTODUmpphauLJqWdtEb2lY+LeirqIzWlPb9D8qTkfana03Tumm
QlgmS0zS59GlAHNWP88jVORbEs/lReB0SfRtIpYM8p5jOo+UELK8jbYbFcAVkpjB
VBC3dFAg1gFYEbncmjNddNP/Qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:43 2024 by rpki-client on console-fra.rpki-client.org