Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/231349-7f0e-4975-bc63-7ea65c12e8ec/1/TUKxS9uMxKrFLrVl1y2D39xgcoQ.roa
File:                     TUKxS9uMxKrFLrVl1y2D39xgcoQ.roa (raw, json)
Hash identifier:          Bd84nTf5TbFLVmR7LumVOpfHg2i9bbRfSURNH3sEr1w=
Subject key identifier:   4D:42:B1:4B:DB:8C:C4:AA:C5:2E:B5:65:D7:2D:83:DF:DC:60:72:84
Certificate issuer:       /CN=62e93f08a45d2b7c74bf5de01b252201602aeee8
Certificate serial:       025E3959
Authority key identifier: 62:E9:3F:08:A4:5D:2B:7C:74:BF:5D:E0:1B:25:22:01:60:2A:EE:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yuk_CKRdK3x0v13gGyUiAWAq7ug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/231349-7f0e-4975-bc63-7ea65c12e8ec/1/TUKxS9uMxKrFLrVl1y2D39xgcoQ.roa
Signing time:             Sat 01 Jan 2022 13:03:55 +0000
ROA not before:           Sat 01 Jan 2022 13:03:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211583
IP address blocks:        188.94.188.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39729497 (0x25e3959)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62e93f08a45d2b7c74bf5de01b252201602aeee8
        Validity
            Not Before: Jan  1 13:03:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d42b14bdb8cc4aac52eb565d72d83dfdc607284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cb:ec:be:32:78:0b:99:6e:ad:d4:3c:a5:b0:
                    81:79:59:55:57:7a:88:3f:0a:ac:e8:ff:08:bb:c7:
                    74:15:e0:8c:dd:0b:fe:4a:02:f3:f9:8b:b5:43:7b:
                    6c:32:f5:62:d3:30:f3:65:9e:31:92:86:9c:6b:0d:
                    6b:a0:c9:49:a0:d1:40:12:9e:ea:bb:f0:c4:48:db:
                    ac:d8:e8:3d:17:f1:15:62:1a:98:34:ff:88:29:70:
                    ac:bc:de:74:0c:0c:cb:c8:2c:dc:39:a9:6d:cd:21:
                    ce:63:67:36:cd:c2:3b:ab:af:2b:ea:1d:3f:46:04:
                    3d:1a:64:fb:78:b0:3d:47:ac:3a:5f:62:70:13:64:
                    c6:1e:79:63:ab:3b:62:3f:a3:20:5d:df:f3:a9:09:
                    61:6f:dc:35:ba:11:d6:d5:27:c4:08:9e:9d:0a:1a:
                    a1:c2:1c:61:4e:3e:0d:68:78:56:c3:7b:51:1c:0c:
                    ef:b1:d0:c7:19:30:c3:98:2f:27:24:8b:85:e9:cc:
                    d7:46:17:88:09:64:2f:f3:e9:25:bd:a1:3f:63:92:
                    c2:44:ea:f8:40:57:b0:7d:f4:97:13:ca:df:3c:7c:
                    c0:61:54:35:53:88:78:30:73:18:de:1f:2f:d5:f9:
                    d4:a6:a6:01:6d:61:d5:8d:30:5d:c9:65:9f:b4:cb:
                    f9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:42:B1:4B:DB:8C:C4:AA:C5:2E:B5:65:D7:2D:83:DF:DC:60:72:84
            X509v3 Authority Key Identifier:
                keyid:62:E9:3F:08:A4:5D:2B:7C:74:BF:5D:E0:1B:25:22:01:60:2A:EE:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yuk_CKRdK3x0v13gGyUiAWAq7ug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/231349-7f0e-4975-bc63-7ea65c12e8ec/1/TUKxS9uMxKrFLrVl1y2D39xgcoQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/231349-7f0e-4975-bc63-7ea65c12e8ec/1/Yuk_CKRdK3x0v13gGyUiAWAq7ug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.94.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:85:c1:54:69:18:f7:10:ea:ad:53:d1:09:d8:32:ea:f6:83:
         a1:79:5c:d1:98:fc:a6:af:38:57:84:de:f7:fe:4b:32:ab:45:
         9d:6b:ba:0b:71:1d:ce:67:40:67:1e:6d:c5:a0:13:d8:c6:d5:
         13:4c:ba:d0:10:2d:70:6a:55:18:bd:36:08:ad:30:9c:49:7c:
         ce:ff:35:29:15:d6:c4:f3:e9:bb:5c:1e:43:62:20:74:cb:ea:
         5a:ae:44:75:1a:1a:a8:dc:b2:04:bf:48:e1:59:81:96:c4:a8:
         0d:0a:25:4f:6c:5d:26:63:1c:21:01:31:af:ba:a3:a3:45:fe:
         7c:7a:32:3f:a8:4a:69:29:7b:42:d4:b6:4e:88:a1:73:b5:43:
         33:da:4b:6a:b6:b2:22:5a:95:cd:02:0e:82:05:ed:12:09:5a:
         f1:99:84:95:fd:f4:27:1c:e8:0b:d5:82:1a:26:7b:89:a2:a4:
         52:8d:1e:2c:e8:c7:f7:98:14:4c:5a:31:42:62:e2:c0:c9:da:
         76:d3:12:03:b7:54:62:54:5c:53:6c:a2:8a:9e:64:0e:6b:ad:
         c6:58:0c:2f:34:a6:4c:e6:b5:60:a6:0a:a0:fd:d7:f5:76:e8:
         de:c6:d5:55:2d:4e:6a:66:b8:6d:bf:93:a6:08:cb:4d:d2:91:
         36:a6:75:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAl45WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmU5M2YwOGE0NWQyYjdjNzRiZjVkZTAxYjI1MjIwMTYwMmFlZWU4MB4XDTIyMDEw
MTEzMDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ0MmIxNGJkYjhj
YzRhYWM1MmViNTY1ZDcyZDgzZGZkYzYwNzI4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXL7L4yeAuZbq3UPKWwgXlZVVd6iD8KrOj/CLvHdBXgjN0L
/koC8/mLtUN7bDL1YtMw82WeMZKGnGsNa6DJSaDRQBKe6rvwxEjbrNjoPRfxFWIa
mDT/iClwrLzedAwMy8gs3Dmpbc0hzmNnNs3CO6uvK+odP0YEPRpk+3iwPUesOl9i
cBNkxh55Y6s7Yj+jIF3f86kJYW/cNboR1tUnxAienQoaocIcYU4+DWh4VsN7URwM
77HQxxkww5gvJySLhenM10YXiAlkL/PpJb2hP2OSwkTq+EBXsH30lxPK3zx8wGFU
NVOIeDBzGN4fL9X51KamAW1h1Y0wXclln7TL+RcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRNQrFL24zEqsUutWXXLYPf3GByhDAfBgNVHSMEGDAWgBRi6T8IpF0rfHS/
XeAbJSIBYCru6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l1a19DS1JkSzN4MHYxM2dHeVVpQVdBcTd1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvMjMxMzQ5LTdmMGUtNDk3NS1iYzYzLTdlYTY1YzEyZThlYy8x
L1RVS3hTOXVNeEtyRkxyVmwxeTJEMzl4Z2NvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
MjMxMzQ5LTdmMGUtNDk3NS1iYzYzLTdlYTY1YzEyZThlYy8xL1l1a19DS1JkSzN4
MHYxM2dHeVVpQVdBcTd1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxevDANBgkqhkiG9w0BAQsFAAOC
AQEAVoXBVGkY9xDqrVPRCdgy6vaDoXlc0Zj8pq84V4Te9/5LMqtFnWu6C3EdzmdA
Zx5txaAT2MbVE0y60BAtcGpVGL02CK0wnEl8zv81KRXWxPPpu1weQ2IgdMvqWq5E
dRoaqNyyBL9I4VmBlsSoDQolT2xdJmMcIQExr7qjo0X+fHoyP6hKaSl7QtS2Toih
c7VDM9pLarayIlqVzQIOggXtEgla8ZmElf30JxzoC9WCGiZ7iaKkUo0eLOjH95gU
TFoxQmLiwMnadtMSA7dUYlRcU2yiip5kDmutxlgMLzSmTOa1YKYKoP3X9Xbo3sbV
VS1Oama4bb+TpgjLTdKRNqZ17w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:43 2024 by rpki-client on console-fra.rpki-client.org