Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/ttviOK2YrP73osFDUBy61J0xYqg.roa
File:                     ttviOK2YrP73osFDUBy61J0xYqg.roa (raw, json)
Hash identifier:          Eyeig6i9ihZ4v9pElbYQxq9sPd4NCvllmtcTgDi4ddA=
Subject key identifier:   B6:DB:E2:38:AD:98:AC:FE:F7:A2:C1:43:50:1C:BA:D4:9D:31:62:A8
Certificate issuer:       /CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Certificate serial:       305E22FA
Authority key identifier: 7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/ttviOK2YrP73osFDUBy61J0xYqg.roa
Signing time:             Sat 01 Jan 2022 04:59:08 +0000
ROA not before:           Sat 01 Jan 2022 04:59:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211334
IP address blocks:        94.229.89.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 811475706 (0x305e22fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
        Validity
            Not Before: Jan  1 04:59:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6dbe238ad98acfef7a2c143501cbad49d3162a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:23:98:e0:8e:ad:e8:68:4b:cf:1d:19:74:6d:
                    7f:4a:c2:b3:1d:b5:e0:47:b9:93:63:ca:ba:14:f9:
                    eb:0a:1b:63:57:1a:6c:7e:0b:b6:b4:34:25:a1:d4:
                    7d:5d:e7:51:d8:50:07:d3:a4:75:c8:00:f7:3c:1b:
                    c6:ff:46:65:a8:1d:ed:14:b9:d7:ab:3a:d4:85:76:
                    a3:6d:8d:82:82:6f:5c:4f:2d:7a:f0:05:f9:e3:98:
                    78:b7:57:f6:7a:b4:8c:9b:b2:c7:e7:c1:ed:90:35:
                    b5:6c:c6:6c:b1:51:42:a4:02:8e:99:76:55:3c:9f:
                    b5:98:9f:59:e3:d7:b1:59:c4:a2:9c:2f:51:8d:9d:
                    a6:be:b5:0c:97:0e:3f:d8:51:b9:41:b6:3b:fc:84:
                    99:d8:fb:7f:3a:b8:31:cc:bf:e6:fa:ea:93:80:50:
                    2c:dc:fa:07:0d:26:0c:b6:c4:07:58:c5:77:19:14:
                    ed:18:cd:22:bb:aa:1b:53:8b:b0:f9:a1:61:e1:b2:
                    22:1f:c3:80:21:ad:26:dc:f0:77:b5:f1:ab:e8:d9:
                    61:3d:0f:06:d9:11:06:c9:4f:83:f5:8c:0c:4e:2b:
                    2d:e3:6d:d0:1e:38:d6:55:ff:83:77:f2:04:e1:5d:
                    c4:9a:52:fa:f7:3b:c4:59:29:e8:11:0d:6f:f5:9a:
                    2c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:DB:E2:38:AD:98:AC:FE:F7:A2:C1:43:50:1C:BA:D4:9D:31:62:A8
            X509v3 Authority Key Identifier:
                keyid:7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/ttviOK2YrP73osFDUBy61J0xYqg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/fPySsKdbia0uPFf3y6DkeGhCGc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.229.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:66:7f:f7:c7:d4:70:fc:c7:6e:0b:3d:67:56:be:51:e7:7f:
         d3:05:ba:cc:3d:ae:fb:0d:c7:87:0c:cc:24:5a:a6:3e:c9:0d:
         6c:50:dc:cf:c6:86:63:96:f7:e7:c1:91:1b:4d:e2:e4:47:04:
         16:00:24:85:d4:5f:5c:44:e1:0b:2c:4d:6c:b1:02:7d:9e:c6:
         a5:9f:05:98:6a:8c:7f:e2:12:f9:6f:70:0d:14:74:d2:54:a1:
         8c:60:58:d2:d1:97:df:c7:16:cb:46:51:1f:f9:69:fb:be:a1:
         07:71:df:4b:ba:61:86:51:62:90:89:7d:69:1b:6d:43:ea:6f:
         33:60:e9:c8:ff:c5:94:99:ab:3e:03:b5:3d:29:20:1c:ec:c6:
         a5:0f:c9:55:ca:42:77:63:36:0f:19:34:f9:ce:6d:b5:31:c5:
         8b:10:17:14:0e:9c:58:d2:eb:db:f2:53:0f:b7:1d:44:7b:55:
         f0:9a:e8:cf:49:9c:d0:d0:5f:41:5a:ba:1d:1b:f0:a3:c6:5d:
         c5:56:ce:8a:c3:b8:13:70:4a:43:02:57:6b:87:51:60:66:cc:
         8b:03:73:4f:9f:b5:3d:22:f2:90:b2:22:6e:c2:d5:59:e7:51:
         76:7c:03:ea:34:19:1d:39:77:c8:1a:5f:40:6c:c9:53:0c:34:
         e6:d2:80:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMF4i+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2ZjOTJiMGE3NWI4OWFkMmUzYzU3ZjdjYmEwZTQ3ODY4NDIxOWNlMB4XDTIyMDEw
MTA0NTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZkYmUyMzhhZDk4
YWNmZWY3YTJjMTQzNTAxY2JhZDQ5ZDMxNjJhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAjmOCOrehoS88dGXRtf0rCsx214Ee5k2PKuhT56wobY1ca
bH4LtrQ0JaHUfV3nUdhQB9OkdcgA9zwbxv9GZagd7RS516s61IV2o22NgoJvXE8t
evAF+eOYeLdX9nq0jJuyx+fB7ZA1tWzGbLFRQqQCjpl2VTyftZifWePXsVnEopwv
UY2dpr61DJcOP9hRuUG2O/yEmdj7fzq4Mcy/5vrqk4BQLNz6Bw0mDLbEB1jFdxkU
7RjNIruqG1OLsPmhYeGyIh/DgCGtJtzwd7Xxq+jZYT0PBtkRBslPg/WMDE4rLeNt
0B441lX/g3fyBOFdxJpS+vc7xFkp6BENb/WaLKsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS22+I4rZis/veiwUNQHLrUnTFiqDAfBgNVHSMEGDAWgBR8/JKwp1uJrS48
V/fLoOR4aEIZzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZQeVNzS2RiaWEwdVBGZjN5NkRrZUdoQ0djNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMTc3NmNiLTFjNzgtNGRjYy1iNDNiLTM2ZDdiNGY4NGU1Yy8x
L3R0dmlPSzJZclA3M29zRkRVQnk2MUoweFlxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MTc3NmNiLTFjNzgtNGRjYy1iNDNiLTM2ZDdiNGY4NGU1Yy8xL2ZQeVNzS2RiaWEw
dVBGZjN5NkRrZUdoQ0djNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF7lWTANBgkqhkiG9w0BAQsFAAOC
AQEAZGZ/98fUcPzHbgs9Z1a+Ued/0wW6zD2u+w3HhwzMJFqmPskNbFDcz8aGY5b3
58GRG03i5EcEFgAkhdRfXEThCyxNbLECfZ7GpZ8FmGqMf+IS+W9wDRR00lShjGBY
0tGX38cWy0ZRH/lp+76hB3HfS7phhlFikIl9aRttQ+pvM2DpyP/FlJmrPgO1PSkg
HOzGpQ/JVcpCd2M2Dxk0+c5ttTHFixAXFA6cWNLr2/JTD7cdRHtV8Jroz0mc0NBf
QVq6HRvwo8ZdxVbOisO4E3BKQwJXa4dRYGbMiwNzT5+1PSLykLIibsLVWedRdnwD
6jQZHTl3yBpfQGzJUww05tKAcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org