Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa
File:                     TFOk824uET3dcPENQO7woCWGoJE.roa (raw, json)
Hash identifier:          oQgStyexloCXa8p8Mq6UtvtfWEJl4kKFXQJQFArXpD8=
Subject key identifier:   4C:53:A4:F3:6E:2E:11:3D:DD:70:F1:0D:40:EE:F0:A0:25:86:A0:91
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       3A0A008D
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa
Signing time:             Sat 01 Jan 2022 14:00:42 +0000
ROA not before:           Sat 01 Jan 2022 14:00:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202389
IP address blocks:        78.133.212.0/24 maxlen: 24
                          78.133.212.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 973734029 (0x3a0a008d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  1 14:00:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c53a4f36e2e113ddd70f10d40eef0a02586a091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:be:7d:15:36:a4:d9:5c:38:91:77:c1:01:b0:
                    ef:15:0e:4a:d9:74:b2:19:a1:3d:20:23:2f:64:4b:
                    6e:ae:5b:26:21:22:fa:f8:16:4a:f9:66:a0:59:77:
                    9a:f2:8c:5d:0d:e5:34:06:c2:2a:75:aa:94:d2:d9:
                    05:3e:73:fd:88:ab:f5:f8:30:45:da:64:f7:33:c3:
                    83:f6:3a:bb:e5:73:74:a8:6c:cd:2d:81:ce:8c:b9:
                    99:80:7e:73:e0:ef:0b:8c:f5:60:ad:e6:91:d4:5f:
                    21:cd:9b:01:da:12:e9:5a:c6:26:be:10:7c:10:7b:
                    93:2c:6f:bb:1e:64:b5:e0:fe:34:ee:fe:52:43:e6:
                    37:43:40:e5:a1:bc:46:5d:55:3f:1b:53:f5:2f:30:
                    c5:f3:4c:7d:df:2c:34:41:f4:3e:7f:7c:1e:7c:fb:
                    90:f4:83:36:1e:9d:5b:db:57:c0:70:87:16:2a:73:
                    24:7b:35:e3:e9:61:12:1f:12:7a:92:a3:ab:87:b1:
                    68:18:2b:b7:15:11:51:a8:4e:bb:34:26:39:06:36:
                    51:b7:d4:ec:6d:12:33:9d:d1:df:94:e6:0b:b3:66:
                    7a:1d:87:0a:5d:39:b0:13:ca:2f:af:ca:73:df:66:
                    20:25:6e:04:aa:ee:bc:2f:2e:e7:b6:23:b6:c6:23:
                    6a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:53:A4:F3:6E:2E:11:3D:DD:70:F1:0D:40:EE:F0:A0:25:86:A0:91
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TFOk824uET3dcPENQO7woCWGoJE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.133.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:ba:11:0f:f0:79:08:43:22:79:86:f4:df:ea:5b:e5:95:ca:
         1f:12:be:ef:dc:75:94:5e:84:8d:d5:ac:6d:1c:bf:3f:72:f0:
         13:7d:41:ac:cf:72:ed:00:03:5c:7c:6b:72:12:7b:14:f5:2f:
         9a:27:9a:b8:1e:1d:64:60:77:92:a7:17:e4:82:00:d0:e9:01:
         fc:de:bb:cc:af:3a:20:1c:29:2f:1e:e7:0a:e6:c2:08:fd:3f:
         82:ff:73:21:e6:60:d3:f1:e1:65:57:03:e4:db:9d:aa:1d:92:
         50:8c:fe:d5:35:66:7f:e3:32:88:62:a6:3f:d1:f2:99:f8:8b:
         a5:bd:b8:ef:ef:bf:e2:c0:e6:cd:71:12:62:05:8a:7d:8c:92:
         e8:99:af:f5:cb:db:0a:96:92:23:c5:c0:d3:4b:36:98:df:b6:
         14:d6:c0:94:33:1b:eb:16:fe:b1:13:6c:16:e0:80:5f:da:4d:
         f7:7c:05:52:f2:f6:83:ed:64:a5:9c:7c:30:3a:3a:91:0f:63:
         a3:a8:77:ed:26:0b:23:9a:ec:a8:99:9b:d1:a9:11:2b:51:25:
         e7:a9:c5:6b:62:41:0d:95:6e:e0:fd:41:d1:e0:59:d1:0f:f6:
         e1:cc:2f:be:a9:af:d5:66:02:57:64:44:fc:11:27:db:89:ac:
         45:a1:8c:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOgoAjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM1M2E0ZjM2ZTJl
MTEzZGRkNzBmMTBkNDBlZWYwYTAyNTg2YTA5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJK+fRU2pNlcOJF3wQGw7xUOStl0shmhPSAjL2RLbq5bJiEi
+vgWSvlmoFl3mvKMXQ3lNAbCKnWqlNLZBT5z/Yir9fgwRdpk9zPDg/Y6u+VzdKhs
zS2Bzoy5mYB+c+DvC4z1YK3mkdRfIc2bAdoS6VrGJr4QfBB7kyxvux5kteD+NO7+
UkPmN0NA5aG8Rl1VPxtT9S8wxfNMfd8sNEH0Pn98Hnz7kPSDNh6dW9tXwHCHFipz
JHs14+lhEh8SepKjq4exaBgrtxURUahOuzQmOQY2UbfU7G0SM53R35TmC7Nmeh2H
Cl05sBPKL6/Kc99mICVuBKruvC8u57YjtsYjatcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMU6Tzbi4RPd1w8Q1A7vCgJYagkTAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L1RGT2s4MjR1RVQzZGNQRU5RTzd3b0NXR29KRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU6F1DANBgkqhkiG9w0BAQsFAAOC
AQEAl7oRD/B5CEMieYb03+pb5ZXKHxK+79x1lF6EjdWsbRy/P3LwE31BrM9y7QAD
XHxrchJ7FPUvmieauB4dZGB3kqcX5IIA0OkB/N67zK86IBwpLx7nCubCCP0/gv9z
IeZg0/HhZVcD5Nudqh2SUIz+1TVmf+MyiGKmP9HymfiLpb247++/4sDmzXESYgWK
fYyS6Jmv9cvbCpaSI8XA00s2mN+2FNbAlDMb6xb+sRNsFuCAX9pN93wFUvL2g+1k
pZx8MDo6kQ9jo6h37SYLI5rsqJmb0akRK1El56nFa2JBDZVu4P1B0eBZ0Q/24cwv
vqmv1WYCV2RE/BEn24msRaGMiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org