Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ttj43rpw_XjKvxwEHJ1n4jLEUNs.roa
File:                     Ttj43rpw_XjKvxwEHJ1n4jLEUNs.roa (raw, json)
Hash identifier:          sPwjZZQPgvyU0imC2X7JdkF6oOcH0xKAmr0dLK8uk8M=
Subject key identifier:   4E:D8:F8:DE:BA:70:FD:78:CA:BF:1C:04:1C:9D:67:E2:32:C4:50:DB
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01853B1081AFAE201E65AD934E17CFECCEEE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ttj43rpw_XjKvxwEHJ1n4jLEUNs.roa
Signing time:             Thu 22 Dec 2022 18:20:15 +0000
ROA not before:           Thu 22 Dec 2022 18:20:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57138
IP address blocks:        194.242.2.0/24 maxlen: 24
                          193.19.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3b:10:81:af:ae:20:1e:65:ad:93:4e:17:cf:ec:ce:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 22 18:20:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ed8f8deba70fd78cabf1c041c9d67e232c450db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ab:bc:86:37:33:83:6d:77:54:76:78:8f:2f:
                    49:1f:26:ea:67:27:f0:a5:9c:83:7e:82:48:06:7f:
                    02:fd:9b:60:a0:6c:2f:3b:aa:c8:e1:8d:7e:0f:a8:
                    de:b0:f0:6f:4c:fd:d3:8e:52:fa:c0:87:fb:c0:98:
                    96:78:79:e9:1c:21:e7:f5:a8:73:38:b6:cc:9a:c3:
                    82:29:65:52:32:d4:fc:a9:1f:d0:78:76:dd:4b:7f:
                    a2:4c:c8:74:c2:48:59:06:38:39:79:35:d7:cc:2f:
                    70:3d:e1:fa:d9:17:f5:83:6d:75:2e:22:ed:6b:12:
                    e0:78:17:a4:ea:b1:48:cf:25:06:58:4a:21:f5:7e:
                    c4:1f:d3:73:67:26:3f:91:20:bb:75:ab:ea:0e:ef:
                    47:f1:f2:44:db:f9:43:01:34:15:fd:ee:0a:5b:ef:
                    3a:42:84:70:46:f7:6d:00:5a:3f:45:fd:f9:13:11:
                    43:a2:5d:cb:3a:b6:a1:24:77:9b:16:6c:e5:5b:b1:
                    03:d5:ed:82:39:1f:59:fa:5d:0c:ad:bf:ff:17:60:
                    f4:5f:a8:0e:8f:85:21:f7:87:b0:26:c2:d7:72:a0:
                    0d:34:aa:ff:c5:14:d0:2b:62:ad:64:35:57:88:a1:
                    ac:c4:c3:e5:55:46:eb:50:a8:36:d2:11:d4:14:41:
                    f0:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D8:F8:DE:BA:70:FD:78:CA:BF:1C:04:1C:9D:67:E2:32:C4:50:DB
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Ttj43rpw_XjKvxwEHJ1n4jLEUNs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.108.0/24
                  194.242.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:d5:81:df:63:aa:d3:2e:72:c1:2e:4c:53:b7:73:db:b8:b4:
         e0:1e:95:69:cb:5d:7f:6d:0e:9e:42:8b:6f:36:75:e1:39:47:
         65:0c:32:a2:0b:c1:9c:c7:66:bb:a8:b6:ef:1e:e4:62:56:92:
         65:c5:94:67:6e:4c:11:ae:e9:28:94:86:ec:ce:59:49:8e:3e:
         23:a5:e9:88:ba:9b:e5:8b:f2:54:2e:e9:81:92:ba:ed:a2:13:
         c7:d7:ba:86:3f:c0:ab:b8:fd:e3:f5:57:2e:98:1f:74:86:e5:
         82:c7:a2:ff:95:91:5b:30:6b:f5:1a:b2:18:99:2e:4c:82:b5:
         3c:c7:06:70:4b:c2:94:a2:a4:a2:1b:0d:a3:0b:6f:2c:cc:f3:
         9e:5e:c8:39:df:4d:a1:8f:28:3d:eb:89:21:ab:70:1f:fa:51:
         95:07:fc:bb:0e:8d:b1:ed:bc:a3:5d:22:e3:bd:eb:9e:f9:79:
         6f:b1:3c:1d:98:e5:c7:81:70:9c:05:29:cf:0e:49:8d:e9:b8:
         5d:ba:70:f5:cd:ca:cb:fe:8b:d0:ce:96:d9:fd:a3:77:ec:cf:
         31:d8:69:49:e4:c5:9c:18:7b:2e:63:a9:60:62:40:a6:dd:09:
         88:38:4a:e9:3b:cc:71:0b:eb:70:f7:21:66:a0:22:39:ef:c3:
         92:f7:b7:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU7EIGvriAeZa2TThfP7M7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjIyMTgyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ4ZjhkZWJhNzBmZDc4Y2FiZjFjMDQxYzlkNjdlMjMyYzQ1MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6u8hjczg213VHZ4jy9JHybqZyfw
pZyDfoJIBn8C/ZtgoGwvO6rI4Y1+D6jesPBvTP3TjlL6wIf7wJiWeHnpHCHn9ahz
OLbMmsOCKWVSMtT8qR/QeHbdS3+iTMh0wkhZBjg5eTXXzC9wPeH62Rf1g211LiLt
axLgeBek6rFIzyUGWEoh9X7EH9NzZyY/kSC7davqDu9H8fJE2/lDATQV/e4KW+86
QoRwRvdtAFo/Rf35ExFDol3LOrahJHebFmzlW7ED1e2COR9Z+l0Mrb//F2D0X6gO
j4Uh94ewJsLXcqANNKr/xRTQK2KtZDVXiKGsxMPlVUbrUKg20hHUFEHwvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE7Y+N66cP14yr8cBBydZ+IyxFDbMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVHRqNDNycHdfWGpLdnh3RUhKMW40akxFVU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQBY1YHfY6rTLnLBLkxTt3PbuLTgHpVpy11/
bQ6eQotvNnXhOUdlDDKiC8Gcx2a7qLbvHuRiVpJlxZRnbkwRrukolIbszllJjj4j
pemIupvli/JULumBkrrtohPH17qGP8CruP3j9VcumB90huWCx6L/lZFbMGv1GrIY
mS5MgrU8xwZwS8KUoqSiGw2jC28szPOeXsg5302hjyg964khq3Af+lGVB/y7Do2x
7byjXSLjveue+XlvsTwdmOXHgXCcBSnPDkmN6bhdunD1zcrL/ovQzpbZ/aN37M8x
2GlJ5MWcGHsuY6lgYkCm3QmIOErpO8xxC+tw9yFmoCI578OS97ej
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org