Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tzk41qBV80A9pIKlDtM4q9fqd3M.roa
File:                     Tzk41qBV80A9pIKlDtM4q9fqd3M.roa (raw, json)
Hash identifier:          D5G5DYB/Cw6NDe3hSNgcIk9ws3Iz9ck6qzPRrdW9S8A=
Subject key identifier:   4F:39:38:D6:A0:55:F3:40:3D:A4:82:A5:0E:D3:38:AB:D7:EA:77:73
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       0F1ED60A
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tzk41qBV80A9pIKlDtM4q9fqd3M.roa
Signing time:             Thu 24 Feb 2022 19:33:38 +0000
ROA not before:           Thu 24 Feb 2022 19:33:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48546
IP address blocks:        87.110.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 253679114 (0xf1ed60a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Feb 24 19:33:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f3938d6a055f3403da482a50ed338abd7ea7773
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5c:54:c1:4f:44:f9:cf:1b:b4:d0:a6:34:44:
                    4b:77:8d:f9:e0:08:6d:2d:8a:28:b4:92:e4:28:eb:
                    99:02:4e:ec:5d:66:1f:77:57:1b:91:a2:57:56:1b:
                    67:b3:8c:15:4f:1e:4d:0a:64:f5:b3:27:55:36:b8:
                    53:72:bf:1d:a0:ed:ba:22:a1:0d:ff:38:95:d4:11:
                    d3:4c:3d:b5:6a:2d:d7:1f:12:86:9e:79:b2:61:8f:
                    f4:54:c2:0f:52:35:66:46:96:dc:d5:f5:a3:67:00:
                    5f:a4:c9:2d:d3:df:70:7b:ab:1c:aa:0f:5c:26:a8:
                    16:48:cc:83:db:21:d3:cc:a6:97:4f:ef:a9:c8:4e:
                    be:48:f6:ee:76:67:56:1b:f8:54:fc:b5:11:55:ad:
                    a6:f8:cc:56:db:ef:98:dc:3e:4c:10:3a:1a:75:92:
                    17:65:0e:fb:6c:cc:08:d5:4d:1e:d2:c9:63:b1:00:
                    33:fe:71:c2:5b:bc:80:b3:cf:0a:5d:bf:c5:43:cf:
                    e1:7a:38:63:02:3e:7d:97:af:35:54:86:e4:76:06:
                    31:01:00:fa:cd:70:7b:49:63:b3:af:dc:45:b5:8f:
                    6e:e9:91:26:19:3c:79:34:72:96:70:c4:a4:de:44:
                    e4:66:c5:a4:df:cb:61:07:c1:bc:f3:83:36:3e:66:
                    d2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:39:38:D6:A0:55:F3:40:3D:A4:82:A5:0E:D3:38:AB:D7:EA:77:73
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tzk41qBV80A9pIKlDtM4q9fqd3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.110.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:ba:ce:5a:63:d6:ab:cc:55:b2:29:cb:39:b0:a8:0b:5a:8b:
         74:dd:ae:3e:11:29:cb:d7:7e:d5:3f:5e:04:67:eb:80:c4:fa:
         f4:3d:61:dc:1c:71:75:f4:8d:5d:f5:48:85:a1:d4:ed:33:74:
         8a:9b:77:5b:77:4a:d2:bf:37:d1:77:42:ad:16:1f:8e:fb:5b:
         f8:20:65:4d:e6:80:cf:5b:86:fe:99:78:de:5a:36:8b:b0:92:
         05:a3:91:66:93:dd:17:7d:fe:37:eb:06:69:b0:91:f0:55:e8:
         f8:48:24:f0:bd:ab:4a:dd:09:15:f8:bc:d2:92:a9:0c:23:07:
         31:0f:a9:e9:89:4a:d9:f3:d2:8d:ed:09:6f:1d:67:2f:f8:6a:
         9c:ef:09:e3:95:08:31:f0:cd:da:ff:23:2c:3e:32:e2:48:76:
         84:69:4d:1a:f6:84:72:15:73:64:0b:bd:3a:5a:e9:70:19:da:
         5c:9c:97:ab:ce:30:62:ef:c1:b1:b4:67:3f:32:76:ae:51:d1:
         1e:e2:89:15:c2:4b:96:e4:5d:33:9a:0e:64:c9:62:59:51:35:
         cc:e5:70:54:6b:56:26:13:72:ea:a7:ff:82:78:30:fa:71:cc:
         07:00:0c:f6:08:8a:fe:23:bb:88:e3:a5:94:c4:58:8a:a7:e2:
         9a:0a:6e:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDx7WCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMB4XDTIyMDIy
NDE5MzMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYzOTM4ZDZhMDU1
ZjM0MDNkYTQ4MmE1MGVkMzM4YWJkN2VhNzc3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpcVMFPRPnPG7TQpjRES3eN+eAIbS2KKLSS5CjrmQJO7F1m
H3dXG5GiV1YbZ7OMFU8eTQpk9bMnVTa4U3K/HaDtuiKhDf84ldQR00w9tWot1x8S
hp55smGP9FTCD1I1ZkaW3NX1o2cAX6TJLdPfcHurHKoPXCaoFkjMg9sh08yml0/v
qchOvkj27nZnVhv4VPy1EVWtpvjMVtvvmNw+TBA6GnWSF2UO+2zMCNVNHtLJY7EA
M/5xwlu8gLPPCl2/xUPP4Xo4YwI+fZevNVSG5HYGMQEA+s1we0ljs6/cRbWPbumR
Jhk8eTRylnDEpN5E5GbFpN/LYQfBvPODNj5m0sECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPOTjWoFXzQD2kgqUO0zir1+p3czAfBgNVHSMEGDAWgBTjvgfLH9Tx48ki
MDtnCogbguYUkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ3NEh5eF9VOGVQSklqQTdad3FJRzRMbUZKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvOGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8x
L1R6azQxcUJWODBBOXBJS2xEdE00cTlmcWQzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
OGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQ
SklqQTdad3FJRzRMbUZKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFdu0zANBgkqhkiG9w0BAQsFAAOC
AQEAGbrOWmPWq8xVsinLObCoC1qLdN2uPhEpy9d+1T9eBGfrgMT69D1h3BxxdfSN
XfVIhaHU7TN0ipt3W3dK0r830XdCrRYfjvtb+CBlTeaAz1uG/pl43lo2i7CSBaOR
ZpPdF33+N+sGabCR8FXo+Egk8L2rSt0JFfi80pKpDCMHMQ+p6YlK2fPSje0Jbx1n
L/hqnO8J45UIMfDN2v8jLD4y4kh2hGlNGvaEchVzZAu9OlrpcBnaXJyXq84wYu/B
sbRnPzJ2rlHRHuKJFcJLluRdM5oOZMliWVE1zOVwVGtWJhNy6qf/gngw+nHMBwAM
9giK/iO7iOOllMRYiqfimgpuhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org