Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/TTQYciIY6Tr3If0KFYufxayQnSo.roa
File:                     TTQYciIY6Tr3If0KFYufxayQnSo.roa (raw, json)
Hash identifier:          UknQ5aFlitgku3btY8NOOjl3eCvdeu7gIxxfajRBosg=
Subject key identifier:   4D:34:18:72:22:18:E9:3A:F7:21:FD:0A:15:8B:9F:C5:AC:90:9D:2A
Certificate issuer:       /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial:       0D9F20B9
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/TTQYciIY6Tr3If0KFYufxayQnSo.roa
Signing time:             Tue 03 May 2022 13:46:47 +0000
ROA not before:           Tue 03 May 2022 13:46:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41241
IP address blocks:        193.16.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228532409 (0xd9f20b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
        Validity
            Not Before: May  3 13:46:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d3418722218e93af721fd0a158b9fc5ac909d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:52:37:4e:3b:19:2d:e0:ae:a0:40:2a:69:82:
                    dd:44:8d:94:e6:7b:b9:57:1c:a8:53:75:66:0d:68:
                    98:cd:93:4d:61:ad:1f:06:d3:4e:38:e9:e6:17:16:
                    9f:4f:f2:92:43:22:59:ed:82:6f:fb:ff:e5:d1:e0:
                    82:18:d1:a5:ed:fc:99:37:58:41:7b:e5:96:27:36:
                    36:6e:a7:c0:01:49:35:13:a2:d5:8b:4a:85:05:57:
                    d7:18:71:db:6a:0f:48:42:0b:f5:e2:17:f4:e0:db:
                    55:a6:00:b8:86:57:a2:bd:a6:44:c3:c3:f2:ba:d1:
                    76:9b:c8:26:c4:f1:b0:18:05:bd:b5:cd:0a:d8:be:
                    fd:39:f5:b8:c6:0f:56:d2:d4:0b:78:52:2e:5a:6a:
                    c8:3f:f9:c8:45:0e:9b:1c:58:dd:70:1a:db:79:95:
                    d7:1e:29:ad:79:01:ad:ce:2e:03:7b:87:16:24:5f:
                    18:4d:db:c2:69:fa:de:77:a0:94:bc:eb:3c:6d:1d:
                    9a:dc:1d:95:93:f3:8a:21:38:79:e6:16:36:0d:2a:
                    95:01:b2:6a:5e:aa:21:d7:76:82:42:d7:ac:e0:f3:
                    2f:67:bb:b1:52:3e:b8:f9:a1:d9:a1:bf:f1:84:87:
                    84:6c:03:26:4e:fd:cc:8d:9b:a1:91:0d:44:7f:9c:
                    d2:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:34:18:72:22:18:E9:3A:F7:21:FD:0A:15:8B:9F:C5:AC:90:9D:2A
            X509v3 Authority Key Identifier:
                keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/TTQYciIY6Tr3If0KFYufxayQnSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:40:dd:4c:5d:53:1c:11:bb:e7:3c:0e:45:8c:c0:87:fd:cb:
         d8:a5:d5:ae:bf:f6:80:b2:d5:5a:01:d4:d0:a7:96:19:23:e6:
         dc:ac:e8:ca:7c:84:08:16:26:a4:90:87:95:65:02:13:cb:be:
         b6:6a:c3:4b:fe:d1:e4:d8:78:81:66:79:53:6a:cb:a4:31:d9:
         73:92:5d:f0:0a:dd:8e:db:0a:20:d1:57:78:1d:27:f1:a5:dd:
         b7:a8:51:a9:24:0c:b8:37:05:50:79:ba:fd:0d:97:9c:6b:f2:
         19:aa:fa:1c:16:74:9c:d0:c6:34:01:f1:d8:2d:a8:f1:c2:aa:
         25:9d:72:ae:ec:3b:d5:b5:b2:6c:df:0a:4e:fe:8e:5b:8c:26:
         fa:58:de:86:49:14:9c:c0:51:31:6f:a4:f6:85:df:52:67:7c:
         d8:ee:d1:61:05:9d:9c:a6:4a:ec:f6:e1:3c:29:ef:ec:83:6f:
         b8:9e:0a:4e:7d:b3:0d:7b:a4:8c:a8:ed:4c:82:e3:8b:a1:2e:
         b5:41:b4:1c:b9:0c:74:18:0f:ce:04:a6:c0:67:09:93:b3:dc:
         f0:45:67:8d:cb:05:d8:d4:30:a2:8c:b9:8d:10:6e:91:5f:31:
         41:68:74:2a:7d:98:ca:fa:c0:32:95:ca:10:86:73:77:9a:74:
         06:91:4b:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDZ8guTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmNjMmJiYWYzZTBkNDM0MmEwMTRmOGI3MGY4NzNjZWU5YThjYWM1MB4XDTIyMDUw
MzEzNDY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQzNDE4NzIyMjE4
ZTkzYWY3MjFmZDBhMTU4YjlmYzVhYzkwOWQyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1SN047GS3grqBAKmmC3USNlOZ7uVccqFN1Zg1omM2TTWGt
HwbTTjjp5hcWn0/ykkMiWe2Cb/v/5dHgghjRpe38mTdYQXvllic2Nm6nwAFJNROi
1YtKhQVX1xhx22oPSEIL9eIX9ODbVaYAuIZXor2mRMPD8rrRdpvIJsTxsBgFvbXN
Cti+/Tn1uMYPVtLUC3hSLlpqyD/5yEUOmxxY3XAa23mV1x4prXkBrc4uA3uHFiRf
GE3bwmn63neglLzrPG0dmtwdlZPziiE4eeYWNg0qlQGyal6qIdd2gkLXrODzL2e7
sVI+uPmh2aG/8YSHhGwDJk79zI2boZENRH+c0oECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRNNBhyIhjpOvch/QoVi5/FrJCdKjAfBgNVHSMEGDAWgBTbzCu68+DUNCoB
T4tw+HPO6ajKxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI4d3J1dlBnMURRcUFVLUxjUGh6enVtb3lzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvNDE0ZWY0LTRjMWYtNDI1Ni04OGM5LWY0ZDVlODRhYzFkZC8x
L1RUUVljaUlZNlRyM0lmMEtGWXVmeGF5UW5Tby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
NDE0ZWY0LTRjMWYtNDI1Ni04OGM5LWY0ZDVlODRhYzFkZC8xLzI4d3J1dlBnMURR
cUFVLUxjUGh6enVtb3lzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEQ6jANBgkqhkiG9w0BAQsFAAOC
AQEAGUDdTF1THBG75zwORYzAh/3L2KXVrr/2gLLVWgHU0KeWGSPm3KzoynyECBYm
pJCHlWUCE8u+tmrDS/7R5Nh4gWZ5U2rLpDHZc5Jd8ArdjtsKINFXeB0n8aXdt6hR
qSQMuDcFUHm6/Q2XnGvyGar6HBZ0nNDGNAHx2C2o8cKqJZ1yruw71bWybN8KTv6O
W4wm+ljehkkUnMBRMW+k9oXfUmd82O7RYQWdnKZK7PbhPCnv7INvuJ4KTn2zDXuk
jKjtTILji6EutUG0HLkMdBgPzgSmwGcJk7Pc8EVnjcsF2NQwooy5jRBukV8xQWh0
Kn2YyvrAMpXKEIZzd5p0BpFLTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:12 2024 by rpki-client on console-fra.rpki-client.org