Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa
File:                     tsaBSCAQz5R8SEDrES5mfoHPeHs.roa (raw, json)
Hash identifier:          aLWgxP1/U+9aQLiznQvmxK0Fh7OxrO6GPaABqLXW2x4=
Subject key identifier:   B6:C6:81:48:20:10:CF:94:7C:48:40:EB:11:2E:66:7E:81:CF:78:7B
Certificate issuer:       /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial:       0185057A056FCAD157B2C2EEAFCA0FB03B26
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa
Signing time:             Mon 12 Dec 2022 08:36:00 +0000
ROA not before:           Mon 12 Dec 2022 08:36:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56911
IP address blocks:        139.28.158.0/24 maxlen: 24
                          139.28.157.0/24 maxlen: 24
                          139.28.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:05:7a:05:6f:ca:d1:57:b2:c2:ee:af:ca:0f:b0:3b:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
        Validity
            Not Before: Dec 12 08:36:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6c681482010cf947c4840eb112e667e81cf787b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:67:36:fe:96:19:df:cf:c8:ee:23:85:2e:13:
                    d0:1a:a6:e1:e8:07:b2:f1:15:33:f8:3a:56:91:49:
                    d8:f3:c6:1a:ac:15:b3:af:e7:a8:6a:8b:be:38:34:
                    f2:f5:a1:22:26:cc:b6:3b:3d:97:ee:07:9a:99:9a:
                    81:20:0e:1a:5e:1f:61:57:b5:f1:e8:33:39:1b:15:
                    74:dc:a6:16:7b:cd:d5:af:73:ba:16:c6:d0:a5:75:
                    91:8b:bc:66:43:41:52:3c:5d:d1:bc:f9:69:49:07:
                    0a:67:77:37:3b:cd:1d:1c:3e:59:54:45:60:0e:d9:
                    d2:b9:86:68:54:d8:4e:be:d1:68:8e:04:66:5e:e7:
                    b4:11:ce:03:b2:f3:df:33:4b:c9:61:a7:c7:f9:ef:
                    f0:8a:11:24:5e:a5:91:64:96:ce:35:2d:0d:32:09:
                    cc:d1:66:e3:2a:b3:e3:d9:9b:47:53:8d:57:c1:0f:
                    18:2f:33:df:91:a6:17:9f:93:58:e6:d1:fe:10:66:
                    f4:3d:ff:6c:ef:1f:31:90:c4:5e:3e:6f:fc:09:97:
                    28:b2:55:f6:68:3f:cd:b2:0e:67:b9:55:05:b1:fa:
                    6c:38:d8:e2:e2:1d:48:54:a7:93:53:67:63:89:e1:
                    58:82:36:bc:7d:b3:20:0c:f4:a6:49:55:3b:4e:16:
                    a9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:C6:81:48:20:10:CF:94:7C:48:40:EB:11:2E:66:7E:81:CF:78:7B
            X509v3 Authority Key Identifier:
                keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/tsaBSCAQz5R8SEDrES5mfoHPeHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.28.157.0-139.28.159.255

    Signature Algorithm: sha256WithRSAEncryption
         21:17:cd:fb:af:20:56:f5:cb:b7:ce:ef:b4:19:a4:b7:8a:a3:
         e3:8b:ca:9e:2c:36:47:bc:a2:8d:20:d8:d8:3f:d9:9c:b8:3e:
         40:b6:37:c4:f1:f8:54:b3:6a:b0:f5:a5:b6:27:91:98:94:d1:
         9a:ad:b4:f1:0d:ef:b2:76:16:b0:58:93:81:61:85:a0:f2:4c:
         47:a0:e5:1c:6e:6f:ac:18:bc:ad:0e:8d:bd:d8:3f:af:9d:da:
         90:7d:d7:5a:5a:28:e5:59:1d:03:6c:e5:69:e7:cc:7b:49:6d:
         33:33:d1:6b:22:0b:fb:9e:42:fd:6f:31:7e:ce:a7:05:1d:a4:
         0f:0e:50:94:d9:fd:4f:c4:45:8e:5f:60:00:3d:cf:4b:59:fe:
         e6:07:6e:1d:de:cd:77:d2:01:b5:87:ea:84:f5:08:68:03:e6:
         0e:a5:94:9a:8a:ef:e4:67:c5:c7:49:48:28:9a:f1:a8:da:56:
         b4:44:66:37:ea:65:fe:0f:8c:af:b2:65:af:ba:be:5f:96:d1:
         42:14:0b:27:5e:c5:08:5e:bf:e6:c0:8e:6b:07:56:cb:5b:56:
         eb:cc:82:b7:d5:c3:17:13:b3:2e:8a:6f:34:de:24:08:f9:30:
         66:54:c6:90:bc:81:8b:b6:67:4b:56:f7:5c:22:37:1f:55:5e:
         cd:8b:65:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUFegVvytFXssLur8oPsDsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjIxMjEyMDgzNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM2ODE0ODIwMTBjZjk0N2M0ODQwZWIxMTJlNjY3ZTgxY2Y3ODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2c2/pYZ38/I7iOFLhPQGqbh6Aey
8RUz+DpWkUnY88YarBWzr+eoaou+ODTy9aEiJsy2Oz2X7geamZqBIA4aXh9hV7Xx
6DM5GxV03KYWe83Vr3O6FsbQpXWRi7xmQ0FSPF3RvPlpSQcKZ3c3O80dHD5ZVEVg
DtnSuYZoVNhOvtFojgRmXue0Ec4DsvPfM0vJYafH+e/wihEkXqWRZJbONS0NMgnM
0WbjKrPj2ZtHU41XwQ8YLzPfkaYXn5NY5tH+EGb0Pf9s7x8xkMRePm/8CZcoslX2
aD/Nsg5nuVUFsfpsONji4h1IVKeTU2djieFYgja8fbMgDPSmSVU7Thap/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLbGgUggEM+UfEhA6xEuZn6Bz3h7MB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEvdHNhQlNDQVF6NVI4U0VEckVTNW1mb0hQZUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACLHJ0D
BAWLHIAwDQYJKoZIhvcNAQELBQADggEBACEXzfuvIFb1y7fO77QZpLeKo+OLyp4s
Nke8oo0g2Ng/2Zy4PkC2N8Tx+FSzarD1pbYnkZiU0ZqttPEN77J2FrBYk4FhhaDy
TEeg5Rxub6wYvK0Ojb3YP6+d2pB911paKOVZHQNs5WnnzHtJbTMz0WsiC/ueQv1v
MX7OpwUdpA8OUJTZ/U/ERY5fYAA9z0tZ/uYHbh3ezXfSAbWH6oT1CGgD5g6llJqK
7+RnxcdJSCia8ajaVrREZjfqZf4PjK+yZa+6vl+W0UIUCydexQhev+bAjmsHVstb
VuvMgrfVwxcTsy6KbzTeJAj5MGZUxpC8gYu2Z0tW91wiNx9VXs2LZRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:30 2024 by rpki-client on console-ams.rpki-client.org