Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/TUsg-ogsjMRyBHz7TyGUN_YypKc.roa
File:                     TUsg-ogsjMRyBHz7TyGUN_YypKc.roa (raw, json)
Hash identifier:          VbxoJZjRFRIHzwIJjzgzNHof7BI8ixKFkqaiWrjl1Rc=
Subject key identifier:   4D:4B:20:FA:88:2C:8C:C4:72:04:7C:FB:4F:21:94:37:F6:32:A4:A7
Certificate issuer:       /CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Certificate serial:       0183F83D518A56A2370722F6E6163BA748E3
Authority key identifier: 7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/TUsg-ogsjMRyBHz7TyGUN_YypKc.roa
Signing time:             Fri 21 Oct 2022 01:51:51 +0000
ROA not before:           Fri 21 Oct 2022 01:51:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208830
IP address blocks:        2a0e:7580::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f8:3d:51:8a:56:a2:37:07:22:f6:e6:16:3b:a7:48:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
        Validity
            Not Before: Oct 21 01:51:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d4b20fa882c8cc472047cfb4f219437f632a4a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d4:ab:0c:83:d8:ae:43:db:43:18:e1:73:3b:
                    73:e1:cc:bc:cf:02:47:73:ad:b9:06:e8:f9:06:68:
                    1c:6d:ee:08:ff:b2:8e:8e:78:11:8d:6f:c6:8d:bb:
                    c8:83:1d:68:03:33:3c:64:ec:bf:ca:90:ee:2c:cf:
                    0b:ec:d6:00:17:af:53:c3:bc:22:ed:00:24:53:d4:
                    71:9d:87:02:b9:08:0d:b5:ab:91:56:18:ea:78:e7:
                    20:92:93:82:63:74:0d:4d:9a:37:a8:72:14:4e:f1:
                    53:2b:80:f9:f7:d3:8b:b3:46:ae:16:01:f1:90:39:
                    5b:42:41:7a:e1:5f:12:9e:30:17:dc:6e:60:59:e8:
                    30:82:f0:1e:18:89:7d:b1:10:6e:36:c1:a6:00:53:
                    99:0c:73:9a:d8:d8:92:ef:90:e4:f2:62:6b:7e:47:
                    fe:05:ae:46:95:e5:81:af:92:35:6f:7d:87:4d:d3:
                    9a:91:d8:05:49:0b:34:c7:f1:95:46:92:63:3b:38:
                    78:91:f4:b7:27:7c:f6:ac:76:8f:16:45:1a:30:18:
                    ef:c8:9d:7a:ad:87:e7:53:98:ec:ad:90:55:34:f6:
                    7d:15:01:18:a0:62:44:be:b5:31:73:4a:cd:54:22:
                    ef:70:d4:50:3f:56:be:3d:25:57:73:dc:68:95:07:
                    b2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4B:20:FA:88:2C:8C:C4:72:04:7C:FB:4F:21:94:37:F6:32:A4:A7
            X509v3 Authority Key Identifier:
                keyid:7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/TUsg-ogsjMRyBHz7TyGUN_YypKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/e6K-mEOLmO5ooNG4xBRFIL0KYj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:7580::/29

    Signature Algorithm: sha256WithRSAEncryption
         8c:58:58:e5:40:34:69:dd:dd:bf:8b:55:ae:0f:4c:27:a4:57:
         7d:af:f5:84:93:67:e0:89:64:57:3b:ab:a9:b4:ab:7e:b7:78:
         3f:73:bc:bc:57:e1:a8:25:b4:2a:5d:fe:59:98:12:74:ef:83:
         ba:ed:b3:78:68:f4:83:56:34:8e:9c:8b:b4:a3:b1:a9:33:b4:
         73:3b:23:9b:8d:04:07:7a:52:04:f7:b3:9c:68:45:51:08:cf:
         a8:f2:e2:42:0a:cf:19:3f:dc:6b:f5:17:36:6c:9b:80:9c:b5:
         95:8d:ce:fa:4a:62:46:96:20:3d:db:5a:c4:39:60:b7:cd:8a:
         97:96:19:91:87:96:28:ad:eb:f5:24:2d:eb:48:03:b4:8b:a5:
         e2:2d:02:00:1c:c6:60:3b:64:a3:a9:41:62:a9:05:b3:e6:d5:
         b3:a1:d8:7d:3a:3c:0f:06:e9:95:ff:09:0a:bf:f0:aa:2a:11:
         8e:8b:13:2d:c1:3d:4e:fd:24:f1:a6:0b:ee:c7:5f:e1:ab:f6:
         2e:9a:aa:dd:25:b9:68:53:2c:63:59:55:7f:2a:c6:80:10:13:
         d5:ce:fa:d3:47:20:a5:e9:56:e2:0b:87:09:43:80:94:ef:8a:
         fb:cc:32:f9:3b:fa:8c:78:d8:aa:e9:64:93:70:92:5b:98:51:
         5f:33:a4:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYP4PVGKVqI3ByL25hY7p0jjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTJiZTk4NDM4Yjk4ZWU2OGEwZDFiOGM0MTQ0NTIwYmQw
YTYyM2QwHhcNMjIxMDIxMDE1MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRiMjBmYTg4MmM4Y2M0NzIwNDdjZmI0ZjIxOTQzN2Y2MzJhNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNSrDIPYrkPbQxjhcztz4cy8zwJH
c625Buj5Bmgcbe4I/7KOjngRjW/GjbvIgx1oAzM8ZOy/ypDuLM8L7NYAF69Tw7wi
7QAkU9RxnYcCuQgNtauRVhjqeOcgkpOCY3QNTZo3qHIUTvFTK4D599OLs0auFgHx
kDlbQkF64V8SnjAX3G5gWegwgvAeGIl9sRBuNsGmAFOZDHOa2NiS75Dk8mJrfkf+
Ba5GleWBr5I1b32HTdOakdgFSQs0x/GVRpJjOzh4kfS3J3z2rHaPFkUaMBjvyJ16
rYfnU5jsrZBVNPZ9FQEYoGJEvrUxc0rNVCLvcNRQP1a+PSVXc9xolQeyLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE1LIPqILIzEcgR8+08hlDf2MqSnMB8GA1UdIwQY
MBaAFHuivphDi5juaKDRuMQURSC9CmI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYt
NDkzNWIzZjVjMjA5LzEvVFVzZy1vZ3NqTVJ5Qkh6N1R5R1VOX1l5cEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYtNDkzNWIzZjVjMjA5
LzEvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg51gDAN
BgkqhkiG9w0BAQsFAAOCAQEAjFhY5UA0ad3dv4tVrg9MJ6RXfa/1hJNn4IlkVzur
qbSrfrd4P3O8vFfhqCW0Kl3+WZgSdO+Duu2zeGj0g1Y0jpyLtKOxqTO0czsjm40E
B3pSBPeznGhFUQjPqPLiQgrPGT/ca/UXNmybgJy1lY3O+kpiRpYgPdtaxDlgt82K
l5YZkYeWKK3r9SQt60gDtIul4i0CABzGYDtko6lBYqkFs+bVs6HYfTo8Dwbplf8J
Cr/wqioRjosTLcE9Tv0k8aYL7sdf4av2Lpqq3SW5aFMsY1lVfyrGgBAT1c7600cg
pelW4guHCUOAlO+K+8wy+Tv6jHjYqulkk3CSW5hRXzOkUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:28 2024 by rpki-client on console-ams.rpki-client.org