Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e-Tu89yUuYz7RMzlQOymf4ZGSfg.roa
File:                     e-Tu89yUuYz7RMzlQOymf4ZGSfg.roa (raw, json)
Hash identifier:          04curl9ChcxE+eYOUUhdpti6rROZlWxOE7r+4PLdqiI=
Subject key identifier:   7B:E4:EE:F3:DC:94:B9:8C:FB:44:CC:E5:40:EC:A6:7F:86:46:49:F8
Certificate issuer:       /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial:       0490742B
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e-Tu89yUuYz7RMzlQOymf4ZGSfg.roa
Signing time:             Mon 04 Apr 2022 09:23:58 +0000
ROA not before:           Mon 04 Apr 2022 09:23:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44647
IP address blocks:        209.16.140.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76575787 (0x490742b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
        Validity
            Not Before: Apr  4 09:23:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7be4eef3dc94b98cfb44cce540eca67f864649f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:5e:06:5b:22:92:2e:1b:46:e0:06:fc:0c:da:
                    a6:2a:c8:7a:14:dc:f6:ef:c6:58:66:92:ba:26:4c:
                    1c:09:55:38:a9:26:5b:2a:54:5f:d3:3c:69:2d:ae:
                    4b:f1:f2:61:e0:02:25:54:0f:47:0e:51:e3:6e:8c:
                    54:7f:16:77:dd:e4:54:e8:ed:43:c3:61:e5:b7:ec:
                    0c:1b:c6:a9:cc:dc:02:31:5e:64:23:15:0a:bd:43:
                    b1:6b:a2:22:cd:f8:7e:00:b1:b2:f8:d8:10:36:21:
                    2c:4e:ae:2a:a9:20:5b:55:86:97:8f:ad:55:cc:de:
                    70:af:a0:2e:47:f4:11:33:0c:7f:d6:0f:69:7e:11:
                    3f:2c:f3:75:c3:ba:f5:4a:12:98:11:74:08:1a:16:
                    1f:5b:af:33:ea:2f:0c:38:16:7c:2f:8f:1e:fb:17:
                    70:fc:f2:db:51:13:0a:30:ad:de:e6:5a:32:e4:5a:
                    b5:08:aa:36:2f:79:2c:8c:0a:c5:a3:c4:c6:30:5d:
                    4a:36:1a:1f:7a:ef:38:aa:75:19:b3:c2:1a:df:37:
                    b8:20:45:8d:a7:46:78:2c:fc:5a:c7:b4:e9:2c:f5:
                    80:01:5d:d6:17:1c:49:69:d7:a9:69:48:fe:93:3f:
                    90:a4:cf:84:42:01:42:8c:a5:98:43:09:2d:03:27:
                    34:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:E4:EE:F3:DC:94:B9:8C:FB:44:CC:E5:40:EC:A6:7F:86:46:49:F8
            X509v3 Authority Key Identifier:
                keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/e-Tu89yUuYz7RMzlQOymf4ZGSfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.16.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:5c:9b:27:e9:e0:8d:d9:09:c8:3a:58:a3:d4:29:d6:4b:d0:
         98:87:6e:ff:cf:3f:a8:ed:a5:72:b7:5f:44:1e:f9:28:16:36:
         eb:30:85:5a:8a:35:fc:ed:f2:75:2a:3a:ed:3a:13:3f:45:e0:
         b5:ad:6b:41:30:12:80:f7:0e:d1:3a:c1:76:79:ce:de:f2:87:
         75:34:f8:5e:a8:3f:7d:08:49:85:3f:f9:11:c0:9d:c2:97:3d:
         4e:f6:23:dc:8c:f7:fa:52:55:4c:0c:eb:df:81:81:b0:f6:d9:
         0d:f4:b2:55:1a:75:a3:b2:e6:a5:e7:7a:08:1c:a7:49:21:05:
         b8:aa:2f:1f:c0:76:57:99:65:2b:84:46:4e:33:a0:22:64:e4:
         dd:36:c5:9d:2a:dc:67:69:c2:f5:47:93:a3:26:1c:92:d6:ee:
         c3:fa:31:ee:f7:75:5b:57:d3:87:a4:1b:66:04:3e:05:54:bb:
         70:21:b4:be:1b:d5:e3:e3:88:6c:84:0d:cb:5e:1b:12:8c:be:
         9d:86:99:b1:71:f7:2d:35:7d:37:79:7c:17:a1:9d:e1:e6:1b:
         5d:38:25:ff:30:b0:7b:71:12:f7:d6:60:0a:d5:07:f9:65:67:
         a7:0f:e6:32:b4:9c:d3:e6:3c:81:6e:30:c2:f7:18:6e:3f:b3:
         78:d8:14:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBJB0KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTc3OWU1NjIzOGI2ZjJlYTA2OGVkZTRlMjBhZWYwMGM5MDQxMzJiMB4XDTIyMDQw
NDA5MjM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JlNGVlZjNkYzk0
Yjk4Y2ZiNDRjY2U1NDBlY2E2N2Y4NjQ2NDlmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJleBlsiki4bRuAG/AzapirIehTc9u/GWGaSuiZMHAlVOKkm
WypUX9M8aS2uS/HyYeACJVQPRw5R426MVH8Wd93kVOjtQ8Nh5bfsDBvGqczcAjFe
ZCMVCr1DsWuiIs34fgCxsvjYEDYhLE6uKqkgW1WGl4+tVczecK+gLkf0ETMMf9YP
aX4RPyzzdcO69UoSmBF0CBoWH1uvM+ovDDgWfC+PHvsXcPzy21ETCjCt3uZaMuRa
tQiqNi95LIwKxaPExjBdSjYaH3rvOKp1GbPCGt83uCBFjadGeCz8Wse06Sz1gAFd
1hccSWnXqWlI/pM/kKTPhEIBQoylmEMJLQMnNBUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR75O7z3JS5jPtEzOVA7KZ/hkZJ+DAfBgNVHSMEGDAWgBT+d55WI4tvLqBo
7eTiCu8AyQQTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19uZWVWaU9MYnk2Z2FPM2s0Z3J2QU1rRUV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8x
L2UtVHU4OXlVdVl6N1JNemxRT3ltZjRaR1NmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGRlNTk4LTZiMDMtNGJlZi1hYjE0LTMzODk0OTEzZGNiNy8xL19uZWVWaU9MYnk2
Z2FPM2s0Z3J2QU1rRUV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdEQjDANBgkqhkiG9w0BAQsFAAOC
AQEAW1ybJ+ngjdkJyDpYo9Qp1kvQmIdu/88/qO2lcrdfRB75KBY26zCFWoo1/O3y
dSo67ToTP0Xgta1rQTASgPcO0TrBdnnO3vKHdTT4Xqg/fQhJhT/5EcCdwpc9TvYj
3Iz3+lJVTAzr34GBsPbZDfSyVRp1o7Lmped6CBynSSEFuKovH8B2V5llK4RGTjOg
ImTk3TbFnSrcZ2nC9UeToyYcktbuw/ox7vd1W1fTh6QbZgQ+BVS7cCG0vhvV4+OI
bIQNy14bEoy+nYaZsXH3LTV9N3l8F6Gd4eYbXTgl/zCwe3ES99ZgCtUH+WVnpw/m
MrSc0+Y8gW4wwvcYbj+zeNgUHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org