Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TF_BzlHBcNlxdyj7cqfETg6uZQM.roa
File:                     TF_BzlHBcNlxdyj7cqfETg6uZQM.roa (raw, json)
Hash identifier:          izX+cvpyX+3k8n/fqYWJkPVJmzWYTXvb5bi1wmebe2Y=
Subject key identifier:   4C:5F:C1:CE:51:C1:70:D9:71:77:28:FB:72:A7:C4:4E:0E:AE:65:03
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1950EC4B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TF_BzlHBcNlxdyj7cqfETg6uZQM.roa
Signing time:             Sun 27 Mar 2022 08:54:07 +0000
ROA not before:           Sun 27 Mar 2022 08:54:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        5.181.151.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 424733771 (0x1950ec4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Mar 27 08:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c5fc1ce51c170d9717728fb72a7c44e0eae6503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:da:2f:f0:89:16:06:69:78:45:a7:3f:55:
                    4d:7c:b3:42:b3:47:70:45:bc:e2:df:6f:22:cf:f5:
                    63:bf:86:73:c6:bf:e7:4b:68:13:ff:42:13:c4:d7:
                    89:60:48:fc:f1:df:df:3d:fb:58:8a:9f:73:c3:37:
                    93:fd:d6:cb:6a:bf:bc:2c:d3:83:8c:e2:42:a3:f7:
                    8e:76:e0:9e:2b:99:2a:36:e7:e6:fc:f3:aa:02:ba:
                    35:82:69:64:de:41:6d:b4:a7:9b:a9:64:2a:59:fc:
                    3c:af:8f:05:e9:5c:14:27:a4:3d:f5:b4:ce:da:d3:
                    23:de:8e:00:50:a5:eb:65:87:12:14:93:2f:35:e0:
                    b7:fb:69:a3:0e:4c:d6:38:7f:39:4e:75:30:a6:73:
                    41:25:1d:bb:ac:d7:55:be:f4:7e:75:e7:48:98:9a:
                    87:e4:86:72:ba:a9:b9:34:5a:bc:36:4c:7e:e7:9a:
                    fb:01:cb:a0:60:56:fd:38:53:11:42:2e:1e:c8:d5:
                    f6:bc:39:76:30:7a:76:59:99:cc:1e:8b:4d:0b:27:
                    6e:26:40:83:f8:d4:92:e7:e1:3b:b5:f9:d3:3b:dc:
                    ad:5c:e0:06:39:c3:71:f9:fc:79:00:dd:20:82:f7:
                    78:96:9a:cd:68:80:47:e9:1b:fd:59:1a:43:f9:00:
                    8b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:5F:C1:CE:51:C1:70:D9:71:77:28:FB:72:A7:C4:4E:0E:AE:65:03
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/TF_BzlHBcNlxdyj7cqfETg6uZQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:8e:51:11:fc:b7:9c:35:96:cf:15:fa:bf:92:e9:a8:ee:54:
         67:22:d4:43:fd:83:72:bf:b6:35:bb:4c:4f:34:0b:18:d0:89:
         f2:cd:70:bc:a3:92:95:d8:ec:ae:1f:74:a9:47:14:b2:07:7d:
         4e:92:96:67:36:f9:17:ea:94:5b:d9:73:82:25:55:4b:8d:bc:
         f7:3b:18:23:20:6f:ee:9e:fe:09:dc:99:51:6c:cc:c9:58:32:
         44:94:6a:45:f4:3d:0e:73:b8:c9:dc:24:42:61:5a:e2:9d:5d:
         ba:e1:54:4b:1d:e3:cc:03:03:ea:82:9c:03:a9:c8:a3:1e:ce:
         b0:1d:7c:8c:fb:d3:d0:a4:41:5b:26:35:a6:7f:6e:75:f9:5e:
         2d:c3:30:39:93:2d:52:3b:c1:18:81:69:1f:f9:ea:76:f8:26:
         09:a7:36:35:c3:e8:67:92:4b:3d:13:6b:b4:e4:0e:3d:ba:aa:
         9d:41:f2:27:7e:b7:a8:f5:0c:23:db:f9:00:f6:c6:a0:78:8e:
         25:bd:f8:f1:e0:31:b7:66:a8:9f:6d:31:13:c9:cc:d9:73:a8:
         6c:54:79:60:47:29:c1:21:b8:ce:41:a8:ad:e2:67:5c:4a:a3:
         43:de:ab:8a:bb:0d:c0:d4:02:bf:82:d8:d4:9c:2e:be:b3:9e:
         15:4b:2d:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGVDsSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMy
NzA4NTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM1ZmMxY2U1MWMx
NzBkOTcxNzcyOGZiNzJhN2M0NGUwZWFlNjUwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdM2i/wiRYGaXhFpz9VTXyzQrNHcEW84t9vIs/1Y7+Gc8a/
50toE/9CE8TXiWBI/PHf3z37WIqfc8M3k/3Wy2q/vCzTg4ziQqP3jnbgniuZKjbn
5vzzqgK6NYJpZN5BbbSnm6lkKln8PK+PBelcFCekPfW0ztrTI96OAFCl62WHEhST
LzXgt/tpow5M1jh/OU51MKZzQSUdu6zXVb70fnXnSJiah+SGcrqpuTRavDZMfuea
+wHLoGBW/ThTEUIuHsjV9rw5djB6dlmZzB6LTQsnbiZAg/jUkufhO7X50zvcrVzg
BjnDcfn8eQDdIIL3eJaazWiAR+kb/VkaQ/kAiy0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMX8HOUcFw2XF3KPtyp8RODq5lAzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1RGX0J6bEhCY05seGR5ajdjcWZFVGc2dVpRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW1lzANBgkqhkiG9w0BAQsFAAOC
AQEAqY5REfy3nDWWzxX6v5LpqO5UZyLUQ/2Dcr+2NbtMTzQLGNCJ8s1wvKOSldjs
rh90qUcUsgd9TpKWZzb5F+qUW9lzgiVVS4289zsYIyBv7p7+CdyZUWzMyVgyRJRq
RfQ9DnO4ydwkQmFa4p1duuFUSx3jzAMD6oKcA6nIox7OsB18jPvT0KRBWyY1pn9u
dfleLcMwOZMtUjvBGIFpH/nqdvgmCac2NcPoZ5JLPRNrtOQOPbqqnUHyJ363qPUM
I9v5APbGoHiOJb348eAxt2aon20xE8nM2XOobFR5YEcpwSG4zkGoreJnXEqjQ96r
irsNwNQCv4LY1JwuvrOeFUstiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org