Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/06pok5GaOj9sAaF0TjDgArC2alU.roa
File:                     06pok5GaOj9sAaF0TjDgArC2alU.roa (raw, json)
Hash identifier:          /fZNm1cViOd68EKfQ0AqtcEbd1+eOOF2TrnFtRi2VZs=
Subject key identifier:   D3:AA:68:93:91:9A:3A:3F:6C:01:A1:74:4E:30:E0:02:B0:B6:6A:55
Certificate issuer:       /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial:       018499E385D894ED8DE57D4C0190BC7AF555
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/06pok5GaOj9sAaF0TjDgArC2alU.roa
Signing time:             Mon 21 Nov 2022 11:12:15 +0000
ROA not before:           Mon 21 Nov 2022 11:12:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        185.246.131.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:e3:85:d8:94:ed:8d:e5:7d:4c:01:90:bc:7a:f5:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
        Validity
            Not Before: Nov 21 11:12:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3aa6893919a3a3f6c01a1744e30e002b0b66a55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:13:0d:4a:cb:ed:cd:3d:ba:c3:79:ea:c9:4c:
                    cc:10:1f:3b:e2:be:0b:fc:30:9f:e7:3a:42:5d:b7:
                    8b:7f:2f:0d:e6:64:22:8c:21:47:24:1d:c6:0e:dc:
                    88:6a:98:f0:52:f5:ed:2a:56:6d:49:cb:3d:52:55:
                    bf:73:c6:a6:b6:9a:c9:4b:de:56:96:5e:e2:de:fb:
                    74:1c:3b:9f:af:71:d8:1c:61:f6:78:c9:8b:a9:9c:
                    ad:38:98:68:f0:2b:8a:33:91:05:33:94:92:ab:3f:
                    0a:c1:90:45:99:f1:89:9f:d8:3f:33:13:ac:96:cb:
                    3c:2d:44:d4:b4:6a:d8:c7:f5:fb:90:bb:a5:b0:86:
                    a7:ea:2c:1b:8a:87:38:13:bd:de:5c:f6:d1:b5:f0:
                    0e:83:11:f0:d9:68:cd:29:19:9e:5e:cd:d0:ef:bd:
                    07:70:24:7d:eb:85:ab:6b:0b:66:b0:84:23:81:dc:
                    d1:fb:17:85:db:5e:99:3e:0d:7d:75:1e:43:82:75:
                    8d:23:18:72:58:3c:bb:f7:c0:c7:c0:69:9e:ed:b6:
                    fa:75:7d:4f:d1:5e:4c:95:60:c5:e2:fe:79:c4:33:
                    f4:a5:83:83:e9:95:08:88:28:ea:c8:99:50:96:22:
                    f8:07:d6:10:08:fb:af:36:e8:0f:9f:c4:d4:93:17:
                    82:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:AA:68:93:91:9A:3A:3F:6C:01:A1:74:4E:30:E0:02:B0:B6:6A:55
            X509v3 Authority Key Identifier:
                keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/06pok5GaOj9sAaF0TjDgArC2alU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.246.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:85:16:eb:48:3a:c9:73:58:29:a5:54:68:6f:4d:ce:e9:41:
         da:3e:36:01:94:a8:6c:4c:db:75:f5:c8:76:5a:7c:83:c3:a9:
         ce:1d:a5:d3:d8:61:e6:ba:69:31:1a:57:f9:c9:c6:b3:3f:c9:
         53:56:55:5b:cc:d5:5e:b8:2d:5b:fd:4c:b5:b6:f8:5d:9e:bd:
         a4:18:06:f4:b7:77:85:d8:77:1b:fe:5a:8e:f6:f0:c7:62:0a:
         17:95:d3:21:2d:b9:dc:d4:be:f6:f9:7a:ca:00:fa:97:7f:5c:
         f5:bd:19:b9:54:d8:89:45:8c:60:8e:5d:5a:af:e4:18:67:34:
         eb:26:e3:02:c5:33:c3:d1:ef:f7:2e:00:0f:33:96:a8:65:2d:
         06:e5:0f:e2:59:e3:c5:7d:14:a7:76:fa:85:09:c1:6f:3b:34:
         16:40:70:01:8b:18:ef:20:18:ce:30:e1:c4:40:4b:38:ac:e9:
         e9:44:51:43:67:44:76:72:5c:4f:36:8a:6f:eb:a4:1d:21:75:
         d1:6b:19:62:79:0d:4e:70:58:06:60:3e:83:f1:c9:37:ce:04:
         91:ef:25:84:3e:6c:2f:f1:d5:4b:1d:eb:15:1d:82:82:9f:b2:
         09:d7:75:05:80:cc:bc:08:43:27:a1:17:b9:1b:06:3f:d6:7b:
         fe:c8:5b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSZ44XYlO2N5X1MAZC8evVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjIxMTIxMTExMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FhNjg5MzkxOWEzYTNmNmMwMWExNzQ0ZTMwZTAwMmIwYjY2YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBMNSsvtzT26w3nqyUzMEB874r4L
/DCf5zpCXbeLfy8N5mQijCFHJB3GDtyIapjwUvXtKlZtScs9UlW/c8amtprJS95W
ll7i3vt0HDufr3HYHGH2eMmLqZytOJho8CuKM5EFM5SSqz8KwZBFmfGJn9g/MxOs
lss8LUTUtGrYx/X7kLulsIan6iwbioc4E73eXPbRtfAOgxHw2WjNKRmeXs3Q770H
cCR964WrawtmsIQjgdzR+xeF216ZPg19dR5DgnWNIxhyWDy798DHwGme7bb6dX1P
0V5MlWDF4v55xDP0pYOD6ZUIiCjqyJlQliL4B9YQCPuvNugPn8TUkxeC9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNOqaJORmjo/bAGhdE4w4AKwtmpVMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvMDZwb2s1R2FPajlzQWFGMFRqRGdBckMyYWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufaDMA0G
CSqGSIb3DQEBCwUAA4IBAQA8hRbrSDrJc1gppVRob03O6UHaPjYBlKhsTNt19ch2
WnyDw6nOHaXT2GHmumkxGlf5ycazP8lTVlVbzNVeuC1b/Uy1tvhdnr2kGAb0t3eF
2Hcb/lqO9vDHYgoXldMhLbnc1L72+XrKAPqXf1z1vRm5VNiJRYxgjl1ar+QYZzTr
JuMCxTPD0e/3LgAPM5aoZS0G5Q/iWePFfRSndvqFCcFvOzQWQHABixjvIBjOMOHE
QEs4rOnpRFFDZ0R2clxPNopv66QdIXXRaxlieQ1OcFgGYD6D8ck3zgSR7yWEPmwv
8dVLHesVHYKCn7IJ13UFgMy8CEMnoRe5GwY/1nv+yFvG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org