Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TCerYrDtU8OIes696qj2AhttZEQ.roa
File:                     TCerYrDtU8OIes696qj2AhttZEQ.roa (raw, json)
Hash identifier:          YsWbkap5qCDrr6FL1XB6XsD9S7NFRqNE+09odN6CFOI=
Subject key identifier:   4C:27:AB:62:B0:ED:53:C3:88:7A:CE:BD:EA:A8:F6:02:1B:6D:64:44
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185340BCA0CAF04F9F5695FC85009E268EF
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TCerYrDtU8OIes696qj2AhttZEQ.roa
Signing time:             Wed 21 Dec 2022 09:37:45 +0000
ROA not before:           Wed 21 Dec 2022 09:37:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208046
IP address blocks:        91.186.216.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:34:0b:ca:0c:af:04:f9:f5:69:5f:c8:50:09:e2:68:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Dec 21 09:37:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c27ab62b0ed53c3887acebdeaa8f6021b6d6444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:cf:6c:12:41:c5:89:92:f7:f0:e3:56:c5:de:
                    17:9a:8b:2b:9a:2a:d4:86:92:13:16:86:3c:45:71:
                    f4:2f:1e:3d:19:a5:23:71:70:78:32:b4:b0:ca:47:
                    6e:a2:cf:09:cd:7e:8c:81:73:9a:fa:cf:b1:d8:d6:
                    e7:36:a2:df:24:de:00:3d:37:6e:d9:66:e1:14:0d:
                    cb:af:c5:a1:81:60:ff:2c:36:f3:ce:07:31:71:1d:
                    eb:1d:df:25:b0:4e:9b:ae:6b:c0:66:cb:7f:ca:2b:
                    7d:b7:89:42:da:8f:23:ce:b2:aa:6d:a4:e9:87:ef:
                    69:39:14:87:8e:2e:19:a3:5b:f7:ad:e7:2e:bf:71:
                    72:20:dd:0c:70:ad:56:35:07:e1:08:5d:c4:6d:f6:
                    aa:2d:7f:96:b7:c7:3e:54:06:fb:1a:71:d3:8c:8d:
                    85:61:f6:6c:da:05:fd:58:5c:41:6d:bc:3d:35:79:
                    28:22:70:cf:35:dd:79:4d:aa:45:dd:99:99:a0:a3:
                    25:07:c0:fc:e1:24:70:7f:5f:cb:09:d1:81:b5:0e:
                    57:a9:d5:5c:c6:87:0f:08:a6:a1:d3:3a:8c:46:05:
                    5c:47:c8:db:5b:26:a2:40:a6:42:f3:9c:9e:a9:2b:
                    c2:e4:ae:07:4d:bc:bc:d0:e1:3e:5d:d7:2c:86:e4:
                    00:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:27:AB:62:B0:ED:53:C3:88:7A:CE:BD:EA:A8:F6:02:1B:6D:64:44
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TCerYrDtU8OIes696qj2AhttZEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.186.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:9e:97:68:1a:76:f3:cc:4c:12:c5:21:c0:33:19:73:cf:7a:
         03:2b:f4:1c:3f:6e:67:37:26:b1:95:ec:f6:92:a5:77:cc:fe:
         22:35:47:b4:af:d4:13:84:8c:a4:97:cf:24:fe:4f:9f:aa:a5:
         6e:4b:0c:ad:c5:c2:5e:0c:29:8c:28:38:97:b4:2d:dd:9b:95:
         33:c7:81:ab:9f:cf:b5:bc:1b:db:a0:33:58:d5:a1:e4:c7:cc:
         30:83:91:5f:d1:d2:64:0f:2e:9f:0b:c5:1d:fa:c7:d1:f3:54:
         44:08:d1:a6:41:1c:49:ad:6e:84:8a:8a:37:86:b2:37:89:d4:
         65:c5:f3:55:3e:d2:e5:36:ec:82:e6:b7:1a:e4:84:1d:12:db:
         25:fc:cf:df:5b:6d:bd:ba:11:bb:a4:b3:bd:74:23:0d:e4:05:
         71:fa:7e:e3:6e:c5:85:20:e3:60:c0:cf:16:3d:09:33:23:7a:
         6d:85:55:fa:06:c5:20:f8:6d:c0:1e:dd:00:f7:39:f7:d8:ca:
         30:b8:9c:81:2c:d1:2f:4e:96:b3:94:fc:16:bc:0a:18:91:93:
         c8:ac:e6:0f:45:14:c3:97:7b:1b:85:cf:dc:c9:1a:1a:b2:31:
         38:e0:8f:86:fe:6a:00:96:92:7c:bf:45:f6:6f:86:b0:2c:9f:
         30:20:ab:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU0C8oMrwT59WlfyFAJ4mjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMjIxMDkzNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI3YWI2MmIwZWQ1M2MzODg3YWNlYmRlYWE4ZjYwMjFiNmQ2NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM9sEkHFiZL38ONWxd4XmosrmirU
hpITFoY8RXH0Lx49GaUjcXB4MrSwykduos8JzX6MgXOa+s+x2NbnNqLfJN4APTdu
2WbhFA3Lr8WhgWD/LDbzzgcxcR3rHd8lsE6brmvAZst/yit9t4lC2o8jzrKqbaTp
h+9pORSHji4Zo1v3recuv3FyIN0McK1WNQfhCF3EbfaqLX+Wt8c+VAb7GnHTjI2F
YfZs2gX9WFxBbbw9NXkoInDPNd15TapF3ZmZoKMlB8D84SRwf1/LCdGBtQ5XqdVc
xocPCKah0zqMRgVcR8jbWyaiQKZC85yeqSvC5K4HTby80OE+XdcshuQAoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwnq2Kw7VPDiHrOveqo9gIbbWREMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVENlcllyRHRVOE9JZXM2OTZxajJBaHR0WkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7rYMA0G
CSqGSIb3DQEBCwUAA4IBAQA7npdoGnbzzEwSxSHAMxlzz3oDK/QcP25nNyaxlez2
kqV3zP4iNUe0r9QThIykl88k/k+fqqVuSwytxcJeDCmMKDiXtC3dm5Uzx4Grn8+1
vBvboDNY1aHkx8wwg5Ff0dJkDy6fC8Ud+sfR81RECNGmQRxJrW6Eioo3hrI3idRl
xfNVPtLlNuyC5rca5IQdEtsl/M/fW229uhG7pLO9dCMN5AVx+n7jbsWFIONgwM8W
PQkzI3pthVX6BsUg+G3AHt0A9zn32MowuJyBLNEvTpazlPwWvAoYkZPIrOYPRRTD
l3sbhc/cyRoasjE44I+G/moAlpJ8v0X2b4awLJ8wIKsR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org