Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/t9ILBS7tc4fPX9Pmfn5_8y5rILg.roa
File:                     t9ILBS7tc4fPX9Pmfn5_8y5rILg.roa (raw, json)
Hash identifier:          SCOXN5lOVoGqBrsgvF4WzVz0azSJgbi/5DqHqx//7L4=
Subject key identifier:   B7:D2:0B:05:2E:ED:73:87:CF:5F:D3:E6:7E:7E:7F:F3:2E:6B:20:B8
Certificate issuer:       /CN=6c1a761795f0f66bff2478b468cde0d851ed1887
Certificate serial:       0183C252F4AA33234DE47EF22EACB7A83944
Authority key identifier: 6C:1A:76:17:95:F0:F6:6B:FF:24:78:B4:68:CD:E0:D8:51:ED:18:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/t9ILBS7tc4fPX9Pmfn5_8y5rILg.roa
Signing time:             Mon 10 Oct 2022 14:35:59 +0000
ROA not before:           Mon 10 Oct 2022 14:35:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51704
IP address blocks:        46.60.128.0/17 maxlen: 24
                          185.224.12.0/22 maxlen: 24
                          2a03:c500::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c2:52:f4:aa:33:23:4d:e4:7e:f2:2e:ac:b7:a8:39:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c1a761795f0f66bff2478b468cde0d851ed1887
        Validity
            Not Before: Oct 10 14:35:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7d20b052eed7387cf5fd3e67e7e7ff32e6b20b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d7:6a:a2:3e:b2:c3:ce:a8:8c:5a:ff:4f:bc:
                    2f:0c:8a:08:19:40:d6:f8:a2:cb:8d:b4:51:ca:f2:
                    b1:bc:1b:14:ee:93:a0:09:98:70:ee:46:dc:76:40:
                    55:87:85:8e:41:34:63:9e:93:00:b4:57:e6:05:cc:
                    99:ba:5b:65:80:ae:99:e3:a1:8c:b9:f7:1c:6a:97:
                    d9:56:a4:46:8e:8f:bb:93:b6:4d:4d:25:94:8d:9b:
                    a1:fe:39:2b:91:fa:a3:c0:3f:c4:27:0e:f0:31:f3:
                    12:03:86:83:69:78:73:59:bc:d0:ff:56:e5:31:73:
                    44:98:42:5d:69:8e:e8:d5:07:08:3d:38:18:58:04:
                    46:17:5d:22:de:37:54:09:d1:e4:38:3e:df:58:85:
                    d4:bf:9a:f1:f9:f4:bc:9b:9b:4b:b7:bf:d8:70:54:
                    0b:67:b5:6a:70:d7:83:27:4d:fd:11:fd:5f:a1:b5:
                    7c:c6:e9:67:18:4a:d1:5a:95:87:b1:cc:1b:75:ae:
                    d5:d0:d6:71:ee:5e:fb:fd:44:56:65:d7:e2:30:c0:
                    90:4a:c5:b0:6d:a3:79:3c:38:3a:92:a9:02:c1:71:
                    d3:01:d2:c6:52:17:40:a6:b2:a4:8a:66:dd:99:42:
                    99:70:bd:8c:20:55:e3:7f:56:fd:d8:48:b3:59:19:
                    a0:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D2:0B:05:2E:ED:73:87:CF:5F:D3:E6:7E:7E:7F:F3:2E:6B:20:B8
            X509v3 Authority Key Identifier:
                keyid:6C:1A:76:17:95:F0:F6:6B:FF:24:78:B4:68:CD:E0:D8:51:ED:18:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/t9ILBS7tc4fPX9Pmfn5_8y5rILg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a2c386-d5e9-4ad9-938a-0d1d174c4351/1/bBp2F5Xw9mv_JHi0aM3g2FHtGIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.60.128.0/17
                  185.224.12.0/22
                IPv6:
                  2a03:c500::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:5d:7b:67:89:d9:21:c7:2a:66:31:a9:58:00:96:f8:50:69:
         33:4a:32:0d:eb:4b:5d:ca:b8:cf:23:8d:b0:e5:0d:f5:cb:b2:
         a5:5b:ae:d8:c8:1c:35:08:4d:70:f7:92:cf:f5:98:6b:d9:6c:
         7d:8c:9a:d8:b3:3a:00:69:a3:ab:cb:1e:59:74:92:a5:51:a3:
         09:eb:21:f7:2a:7d:b4:77:04:8f:e5:9b:fd:12:38:0c:5d:cb:
         31:77:3d:7b:af:ef:1c:12:93:e9:a2:b5:0c:82:42:84:b2:c2:
         f3:6c:d2:40:69:93:60:b3:93:fa:3d:68:88:9d:bf:f4:c0:9e:
         38:37:4d:18:f4:38:88:90:7f:0c:3b:ed:45:2c:ee:d9:0c:f2:
         7c:94:27:dd:7e:b6:9d:ff:79:f7:07:e9:2c:1a:05:b7:cd:bf:
         06:d6:00:af:86:4c:3e:4b:0c:86:50:9e:71:c6:0a:f3:a8:ba:
         a4:1d:1c:94:84:c2:a2:31:cf:75:ca:59:a1:d8:25:0d:a8:fb:
         c9:ba:8f:34:39:ba:c4:2e:a9:49:ba:9f:12:03:b2:b1:8c:6c:
         3d:90:ae:34:43:b0:2f:d0:a4:27:80:f3:b4:ec:76:2a:a8:83:
         4d:58:d3:f2:e3:62:06:3b:12:0d:98:41:37:86:75:5d:78:8f:
         14:3c:2f:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYPCUvSqMyNN5H7yLqy3qDlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMWE3NjE3OTVmMGY2NmJmZjI0NzhiNDY4Y2RlMGQ4NTFl
ZDE4ODcwHhcNMjIxMDEwMTQzNTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QyMGIwNTJlZWQ3Mzg3Y2Y1ZmQzZTY3ZTdlN2ZmMzJlNmIyMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9dqoj6yw86ojFr/T7wvDIoIGUDW
+KLLjbRRyvKxvBsU7pOgCZhw7kbcdkBVh4WOQTRjnpMAtFfmBcyZultlgK6Z46GM
ufccapfZVqRGjo+7k7ZNTSWUjZuh/jkrkfqjwD/EJw7wMfMSA4aDaXhzWbzQ/1bl
MXNEmEJdaY7o1QcIPTgYWARGF10i3jdUCdHkOD7fWIXUv5rx+fS8m5tLt7/YcFQL
Z7VqcNeDJ039Ef1fobV8xulnGErRWpWHscwbda7V0NZx7l77/URWZdfiMMCQSsWw
baN5PDg6kqkCwXHTAdLGUhdAprKkimbdmUKZcL2MIFXjf1b92EizWRmgbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLfSCwUu7XOHz1/T5n5+f/MuayC4MB8GA1UdIwQY
MBaAFGwadheV8PZr/yR4tGjN4NhR7RiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJwMkY1WHc5bXZfSkhpMGFNM2cyRkh0R0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMmMzODYtZDVlOS00YWQ5LTkzOGEt
MGQxZDE3NGM0MzUxLzEvdDlJTEJTN3RjNGZQWDlQbWZuNV84eTVySUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMmMzODYtZDVlOS00YWQ5LTkzOGEtMGQxZDE3NGM0MzUx
LzEvYkJwMkY1WHc5bXZfSkhpMGFNM2cyRkh0R0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHLjyAAwQC
ueAMMA0EAgACMAcDBQAqA8UAMA0GCSqGSIb3DQEBCwUAA4IBAQBRXXtnidkhxypm
MalYAJb4UGkzSjIN60tdyrjPI42w5Q31y7KlW67YyBw1CE1w95LP9Zhr2Wx9jJrY
szoAaaOryx5ZdJKlUaMJ6yH3Kn20dwSP5Zv9EjgMXcsxdz17r+8cEpPporUMgkKE
ssLzbNJAaZNgs5P6PWiInb/0wJ44N00Y9DiIkH8MO+1FLO7ZDPJ8lCfdfrad/3n3
B+ksGgW3zb8G1gCvhkw+SwyGUJ5xxgrzqLqkHRyUhMKiMc91ylmh2CUNqPvJuo80
ObrELqlJup8SA7KxjGw9kK40Q7Av0KQngPO07HYqqINNWNPy42IGOxINmEE3hnVd
eI8UPC9j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org