Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/TH-74ATqkpmEnbWuLIEAor6ww1s.roa
File:                     TH-74ATqkpmEnbWuLIEAor6ww1s.roa (raw, json)
Hash identifier:          dK+ALZaSPR7DFuGPNIreICJ+dq8bWIddRNmC+BznIFk=
Subject key identifier:   4C:7F:BB:E0:04:EA:92:99:84:9D:B5:AE:2C:81:00:A2:BE:B0:C3:5B
Certificate issuer:       /CN=6eef3973d6e07681419bae867bd514545e7df5da
Certificate serial:       074E14E9
Authority key identifier: 6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/TH-74ATqkpmEnbWuLIEAor6ww1s.roa
Signing time:             Sat 01 Jan 2022 07:02:58 +0000
ROA not before:           Sat 01 Jan 2022 07:02:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25579
IP address blocks:        2.58.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122557673 (0x74e14e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6eef3973d6e07681419bae867bd514545e7df5da
        Validity
            Not Before: Jan  1 07:02:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c7fbbe004ea9299849db5ae2c8100a2beb0c35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:1a:e1:96:8c:e2:33:c5:00:02:e0:74:88:c6:
                    42:0a:76:c1:f3:c3:7e:75:09:7f:29:82:83:bc:b7:
                    74:43:69:08:f3:40:9a:60:f4:dc:f2:3a:39:8a:03:
                    a3:52:29:4a:57:4f:1f:d5:47:43:d2:49:15:6c:46:
                    f4:da:e5:04:88:46:b1:ec:10:f5:b6:e1:dd:0e:12:
                    42:ac:e6:9c:42:6d:43:2d:fd:5e:1b:06:09:da:1f:
                    a5:f4:94:6a:e4:63:6a:99:88:2a:2c:3d:5d:8c:d0:
                    40:a1:97:ec:3d:54:d7:4e:63:9c:93:1f:63:66:9e:
                    db:c7:65:1b:f0:04:00:b7:60:18:aa:60:dd:e0:6c:
                    e2:d0:ab:eb:b3:4d:7a:a6:26:ec:51:59:5b:89:bf:
                    27:49:81:b0:90:86:9b:46:6f:d6:35:5b:71:f7:58:
                    ec:ef:03:81:d0:6b:11:b3:a6:cf:e1:7a:25:14:13:
                    2f:e5:48:db:31:56:7f:26:6a:bf:38:95:c1:c9:64:
                    32:86:60:d9:8a:f9:57:7e:5e:0b:5b:62:2c:41:f9:
                    f1:37:34:f8:17:82:be:1b:f8:98:bb:f0:c3:e0:ec:
                    68:63:f7:a2:dd:11:3e:6d:eb:e0:00:18:0b:57:d5:
                    4f:6c:be:ad:a5:e8:5f:eb:0f:e6:5d:3a:95:2e:46:
                    61:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7F:BB:E0:04:EA:92:99:84:9D:B5:AE:2C:81:00:A2:BE:B0:C3:5B
            X509v3 Authority Key Identifier:
                keyid:6E:EF:39:73:D6:E0:76:81:41:9B:AE:86:7B:D5:14:54:5E:7D:F5:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu85c9bgdoFBm66Ge9UUVF599do.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/TH-74ATqkpmEnbWuLIEAor6ww1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/087513-d2d6-43c6-9b79-22f0aaa81327/1/bu85c9bgdoFBm66Ge9UUVF599do.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:27:8d:58:ca:19:f7:d9:85:a1:6e:45:8e:e9:b3:42:0f:3d:
         e2:31:69:47:3c:d6:c5:74:70:ac:44:63:e3:9e:6f:42:36:5c:
         17:e4:fc:cd:fd:fd:90:bf:ff:91:a5:ee:fa:b1:25:d2:70:1a:
         52:6b:31:e1:5d:9c:94:d3:e9:61:1f:b5:af:af:37:5b:a5:45:
         96:4f:03:11:57:29:d5:59:79:65:de:ab:66:e1:b0:f9:fb:ca:
         fa:01:b7:6b:49:d3:a7:e9:ee:42:c7:33:50:3f:1f:12:15:bd:
         32:13:3f:a2:54:e5:77:67:53:7a:01:c4:5a:af:65:14:42:86:
         a2:bc:20:8b:9f:e0:ab:9b:11:61:cb:03:09:01:52:ce:18:51:
         54:49:0d:02:bb:bb:e8:c1:b8:f8:c8:25:cf:8f:49:be:6a:8a:
         4a:37:9b:2b:3f:68:87:1c:74:b5:e3:fd:04:49:e6:37:e1:31:
         85:75:fc:5c:64:30:e2:99:f0:d2:99:9f:2b:ab:c8:58:3b:ca:
         0f:44:b8:38:1f:03:0d:0f:d8:69:95:e4:40:14:76:01:1a:76:
         c4:6f:f2:ca:d2:34:f4:74:8e:d4:b9:5b:5a:cd:9a:60:17:15:
         c7:7e:eb:04:2c:c9:80:d8:5a:4a:72:ff:69:a0:96:f0:47:99:
         c5:e6:78:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB04U6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWVmMzk3M2Q2ZTA3NjgxNDE5YmFlODY3YmQ1MTQ1NDVlN2RmNWRhMB4XDTIyMDEw
MTA3MDI1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM3ZmJiZTAwNGVh
OTI5OTg0OWRiNWFlMmM4MTAwYTJiZWIwYzM1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQa4ZaM4jPFAALgdIjGQgp2wfPDfnUJfymCg7y3dENpCPNA
mmD03PI6OYoDo1IpSldPH9VHQ9JJFWxG9NrlBIhGsewQ9bbh3Q4SQqzmnEJtQy39
XhsGCdofpfSUauRjapmIKiw9XYzQQKGX7D1U105jnJMfY2ae28dlG/AEALdgGKpg
3eBs4tCr67NNeqYm7FFZW4m/J0mBsJCGm0Zv1jVbcfdY7O8DgdBrEbOmz+F6JRQT
L+VI2zFWfyZqvziVwclkMoZg2Yr5V35eC1tiLEH58Tc0+BeCvhv4mLvww+DsaGP3
ot0RPm3r4AAYC1fVT2y+raXoX+sP5l06lS5GYT8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMf7vgBOqSmYSdta4sgQCivrDDWzAfBgNVHSMEGDAWgBRu7zlz1uB2gUGb
roZ71RRUXn312jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J1ODVjOWJnZG9GQm02NkdlOVVVVkY1OTlkby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvMDg3NTEzLWQyZDYtNDNjNi05Yjc5LTIyZjBhYWE4MTMyNy8x
L1RILTc0QVRxa3BtRW5iV3VMSUVBb3I2d3cxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
MDg3NTEzLWQyZDYtNDNjNi05Yjc5LTIyZjBhYWE4MTMyNy8xL2J1ODVjOWJnZG9G
Qm02NkdlOVVVVkY1OTlkby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6ZjANBgkqhkiG9w0BAQsFAAOC
AQEAOyeNWMoZ99mFoW5FjumzQg894jFpRzzWxXRwrERj455vQjZcF+T8zf39kL//
kaXu+rEl0nAaUmsx4V2clNPpYR+1r683W6VFlk8DEVcp1Vl5Zd6rZuGw+fvK+gG3
a0nTp+nuQsczUD8fEhW9MhM/olTld2dTegHEWq9lFEKGorwgi5/gq5sRYcsDCQFS
zhhRVEkNAru76MG4+Mglz49JvmqKSjebKz9ohxx0teP9BEnmN+ExhXX8XGQw4pnw
0pmfK6vIWDvKD0S4OB8DDQ/YaZXkQBR2ARp2xG/yytI09HSO1LlbWs2aYBcVx37r
BCzJgNhaSnL/aaCW8EeZxeZ4wA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:46 2024 by rpki-client on console-fra.rpki-client.org