Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/tPCHhZTjF73o0kMVwLxl_Wbd1Rs.roa
File:                     tPCHhZTjF73o0kMVwLxl_Wbd1Rs.roa (raw, json)
Hash identifier:          dW85cbAT0EVsn2IpeDVjdk1NGDr5+iornW1ronJ14qw=
Subject key identifier:   B4:F0:87:85:94:E3:17:BD:E8:D2:43:15:C0:BC:65:FD:66:DD:D5:1B
Certificate issuer:       /CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
Certificate serial:       0A5F476C
Authority key identifier: 66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/tPCHhZTjF73o0kMVwLxl_Wbd1Rs.roa
Signing time:             Tue 24 May 2022 14:31:14 +0000
ROA not before:           Tue 24 May 2022 14:31:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        193.160.155.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174016364 (0xa5f476c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66ef31adac663855b3ddd1931c44cf8064d6a6eb
        Validity
            Not Before: May 24 14:31:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4f0878594e317bde8d24315c0bc65fd66ddd51b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f8:fa:41:55:cc:08:d4:20:58:d3:b9:44:f2:
                    14:8e:f7:74:9f:8a:95:f5:72:be:b7:61:46:35:d2:
                    ec:7c:57:fc:08:cd:97:e2:cb:c7:20:b1:24:05:25:
                    82:d5:19:d9:73:3a:0b:43:b9:36:cd:41:a4:e6:0d:
                    6f:c3:5a:9a:5e:b9:54:10:94:d2:f8:2b:67:c7:59:
                    bf:86:2e:08:9b:d6:e4:3b:4b:98:0d:86:48:de:26:
                    e2:bc:6a:f2:be:a7:69:97:d2:c3:72:07:71:3c:22:
                    6d:0c:f9:a4:99:f0:b9:75:48:e5:6e:e4:8a:8e:33:
                    15:73:9a:19:85:56:a1:41:12:a9:17:b8:fc:95:cd:
                    68:c7:2b:6f:09:0a:df:29:4e:bc:70:14:ee:f4:b9:
                    9f:58:79:c0:98:85:73:7a:18:42:64:88:cd:cc:e5:
                    c3:2a:38:d5:17:90:94:14:12:48:30:f9:d6:c8:1c:
                    99:28:61:b1:bf:35:17:fd:4b:8d:64:c1:a0:b6:34:
                    85:70:8c:99:b7:48:83:33:bf:92:11:f7:f5:d2:10:
                    60:f2:fa:b5:4e:fe:86:0e:ef:fe:0d:48:f0:98:e7:
                    e9:27:3f:b9:96:77:92:49:c4:6d:a0:05:10:82:b8:
                    e3:ca:d1:41:eb:bb:ec:fd:18:94:86:43:c9:b6:ce:
                    ff:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F0:87:85:94:E3:17:BD:E8:D2:43:15:C0:BC:65:FD:66:DD:D5:1B
            X509v3 Authority Key Identifier:
                keyid:66:EF:31:AD:AC:66:38:55:B3:DD:D1:93:1C:44:CF:80:64:D6:A6:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu8xraxmOFWz3dGTHETPgGTWpus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/tPCHhZTjF73o0kMVwLxl_Wbd1Rs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ed4da0-0647-446f-b065-db0dcc08f452/1/Zu8xraxmOFWz3dGTHETPgGTWpus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.160.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:8c:99:2b:77:74:a2:7e:ec:ef:fe:3e:86:52:35:b1:db:ca:
         ed:f4:5c:02:59:c2:dd:ed:14:42:7e:da:94:7e:8c:92:f3:0f:
         a3:4b:b3:15:37:37:4e:de:c1:f2:ce:09:1f:5f:0b:28:7d:92:
         78:50:f5:ab:bc:85:5f:dd:05:ea:f4:45:54:ac:21:52:d6:96:
         ea:9b:a3:40:d5:4c:d4:1a:cc:08:ae:f0:c0:49:9a:18:cc:40:
         46:0e:54:c3:ce:d3:7e:b8:18:90:1e:36:ff:02:53:e4:24:6c:
         a9:f4:54:14:04:2e:a9:e6:ca:42:33:ba:75:cf:65:39:3e:ef:
         54:d2:a8:2f:7e:ee:e4:44:45:af:72:e5:88:fc:6f:44:2d:db:
         e1:2c:c4:a3:97:92:f5:d6:46:52:3b:8e:88:df:97:41:2f:9a:
         c9:c1:3c:39:89:97:9c:32:eb:a4:95:5a:b5:91:05:5b:41:b9:
         8c:95:aa:10:5d:2e:6d:e9:b2:19:3c:c4:61:02:f4:42:e5:6f:
         17:6f:ba:11:9f:ee:04:87:26:a0:91:4d:8a:d8:fd:81:c3:18:
         16:28:3b:c0:7b:7d:af:c4:6f:30:50:be:83:ea:1e:da:9c:76:
         29:fc:14:0a:25:c2:0d:2f:a9:0e:05:59:a6:78:57:c9:4d:0d:
         f0:f6:2b:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECl9HbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmVmMzFhZGFjNjYzODU1YjNkZGQxOTMxYzQ0Y2Y4MDY0ZDZhNmViMB4XDTIyMDUy
NDE0MzExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRmMDg3ODU5NGUz
MTdiZGU4ZDI0MzE1YzBiYzY1ZmQ2NmRkZDUxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOP4+kFVzAjUIFjTuUTyFI73dJ+KlfVyvrdhRjXS7HxX/AjN
l+LLxyCxJAUlgtUZ2XM6C0O5Ns1BpOYNb8Naml65VBCU0vgrZ8dZv4YuCJvW5DtL
mA2GSN4m4rxq8r6naZfSw3IHcTwibQz5pJnwuXVI5W7kio4zFXOaGYVWoUESqRe4
/JXNaMcrbwkK3ylOvHAU7vS5n1h5wJiFc3oYQmSIzczlwyo41ReQlBQSSDD51sgc
mShhsb81F/1LjWTBoLY0hXCMmbdIgzO/khH39dIQYPL6tU7+hg7v/g1I8Jjn6Sc/
uZZ3kknEbaAFEIK448rRQeu77P0YlIZDybbO/wcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS08IeFlOMXvejSQxXAvGX9Zt3VGzAfBgNVHSMEGDAWgBRm7zGtrGY4VbPd
0ZMcRM+AZNam6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p1OHhyYXhtT0ZXejNkR1RIRVRQZ0dUV3B1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvZWQ0ZGEwLTA2NDctNDQ2Zi1iMDY1LWRiMGRjYzA4ZjQ1Mi8x
L3RQQ0hoWlRqRjczbzBrTVZ3THhsX1diZDFScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ZWQ0ZGEwLTA2NDctNDQ2Zi1iMDY1LWRiMGRjYzA4ZjQ1Mi8xL1p1OHhyYXhtT0ZX
ejNkR1RIRVRQZ0dUV3B1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGgmzANBgkqhkiG9w0BAQsFAAOC
AQEAjIyZK3d0on7s7/4+hlI1sdvK7fRcAlnC3e0UQn7alH6MkvMPo0uzFTc3Tt7B
8s4JH18LKH2SeFD1q7yFX90F6vRFVKwhUtaW6pujQNVM1BrMCK7wwEmaGMxARg5U
w87TfrgYkB42/wJT5CRsqfRUFAQuqebKQjO6dc9lOT7vVNKoL37u5ERFr3LliPxv
RC3b4SzEo5eS9dZGUjuOiN+XQS+aycE8OYmXnDLrpJVatZEFW0G5jJWqEF0ubemy
GTzEYQL0QuVvF2+6EZ/uBIcmoJFNitj9gcMYFig7wHt9r8RvMFC+g+oe2px2KfwU
CiXCDS+pDgVZpnhXyU0N8PYrOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:01 2024 by rpki-client on console-fra.rpki-client.org