Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2f3229-a130-4dc8-a47b-2dc26dc4bc11/1/2NrSJ2aAZpqfwzVaJB4woRmDtGU.roa
File:                     2NrSJ2aAZpqfwzVaJB4woRmDtGU.roa (raw, json)
Hash identifier:          CPNExA8CZX/6HNJwkhtFYLkE3QotChk0ixj0yZ87UzA=
Subject key identifier:   D8:DA:D2:27:66:80:66:9A:9F:C3:35:5A:24:1E:30:A1:19:83:B4:65
Certificate issuer:       /CN=9f63cff2446ececbebe0124636980b47e0b20fa6
Certificate serial:       0DCDDB
Authority key identifier: 9F:63:CF:F2:44:6E:CE:CB:EB:E0:12:46:36:98:0B:47:E0:B2:0F:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n2PP8kRuzsvr4BJGNpgLR-CyD6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/2f3229-a130-4dc8-a47b-2dc26dc4bc11/1/2NrSJ2aAZpqfwzVaJB4woRmDtGU.roa
Signing time:             Wed 16 Mar 2022 18:56:37 +0000
ROA not before:           Wed 16 Mar 2022 18:56:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206565
IP address blocks:        167.160.15.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 904667 (0xdcddb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f63cff2446ececbebe0124636980b47e0b20fa6
        Validity
            Not Before: Mar 16 18:56:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d8dad2276680669a9fc3355a241e30a11983b465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:22:82:dc:f2:e5:d4:d2:01:28:cf:f1:77:9a:
                    bb:ea:52:e8:f6:63:18:b6:74:de:09:f1:0d:01:e9:
                    3b:b1:e8:1b:75:57:a0:fb:dd:33:b2:c5:66:95:c2:
                    6c:3b:25:54:22:14:76:a4:e1:3b:ac:2d:ac:18:ca:
                    7b:12:16:5f:a2:d5:71:5a:2e:b2:db:39:74:9e:6c:
                    f0:90:5d:01:24:f4:94:c0:71:0d:22:8a:0b:fd:ba:
                    67:93:98:5c:bf:4b:e9:e7:6b:09:f1:26:9e:cd:9c:
                    2d:2c:e1:67:ea:46:c6:35:90:9f:5c:2b:8d:fb:d6:
                    8a:c1:ee:9f:7f:bd:e8:55:5e:d7:0b:bd:23:ba:59:
                    2e:24:b5:7b:36:68:7d:58:bd:a5:e5:58:ac:7f:bb:
                    59:ed:76:6d:01:61:19:02:1d:00:fa:ee:6d:fc:35:
                    15:1b:41:cf:b0:a6:13:37:40:83:2c:58:4f:fa:96:
                    bf:00:d4:0d:a3:fa:37:5d:d9:22:f5:02:51:34:bf:
                    ae:5f:29:44:d0:a5:31:73:19:8b:ea:99:9d:b3:3d:
                    8b:51:50:62:ad:db:04:32:ba:c4:91:23:ca:d1:04:
                    38:b2:0a:e7:de:cb:9f:dd:9f:10:df:35:9a:aa:6e:
                    02:ba:32:2d:8c:65:94:1f:1d:d6:60:99:ed:23:8f:
                    9e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:DA:D2:27:66:80:66:9A:9F:C3:35:5A:24:1E:30:A1:19:83:B4:65
            X509v3 Authority Key Identifier:
                keyid:9F:63:CF:F2:44:6E:CE:CB:EB:E0:12:46:36:98:0B:47:E0:B2:0F:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2PP8kRuzsvr4BJGNpgLR-CyD6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f3229-a130-4dc8-a47b-2dc26dc4bc11/1/2NrSJ2aAZpqfwzVaJB4woRmDtGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2f3229-a130-4dc8-a47b-2dc26dc4bc11/1/n2PP8kRuzsvr4BJGNpgLR-CyD6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.160.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:9f:5a:09:9f:3e:30:f1:9a:e7:b6:e2:12:9a:d2:80:91:de:
         5e:c7:78:a0:9d:17:d5:9a:3c:99:e5:17:0f:77:eb:7c:d2:00:
         71:64:d5:d9:30:19:b9:30:3a:ce:18:75:57:10:a0:0f:11:c3:
         5e:60:90:d0:7e:76:c2:ce:8c:53:fb:f8:d3:52:b9:9f:2b:0c:
         58:46:69:f1:f4:cd:07:a5:e2:e9:30:13:29:59:ae:42:e6:34:
         ba:4e:c4:9f:d3:d2:f5:e0:24:03:f1:7d:94:b1:3d:ac:76:95:
         0b:62:2c:0f:6f:dc:32:d4:87:e8:ec:73:a9:3c:f0:51:d9:d5:
         6d:04:6e:a4:63:d8:99:da:5e:66:3e:45:15:50:72:9c:72:ce:
         d7:b4:14:cf:d5:7a:61:40:59:0d:86:4d:06:05:33:9b:e8:5f:
         35:ba:ea:da:ac:d9:8e:b6:76:1c:26:0f:dc:53:f3:22:43:c9:
         67:65:aa:a2:37:29:86:34:f5:87:62:d2:c0:a5:53:2d:18:c4:
         53:1e:a8:59:fc:5c:42:91:a1:5e:d4:49:03:34:65:c1:e9:b7:
         9c:11:94:76:17:32:83:e3:1b:61:c9:1a:55:5a:cd:6b:20:72:
         1d:61:cc:5c:c6:9e:8d:ab:a2:03:70:67:d9:92:60:1f:7f:3d:
         b9:6c:61:5b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDDc3bMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
NjNjZmYyNDQ2ZWNlY2JlYmUwMTI0NjM2OTgwYjQ3ZTBiMjBmYTYwHhcNMjIwMzE2
MTg1NjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkOGRhZDIyNzY2ODA2
NjlhOWZjMzM1NWEyNDFlMzBhMTE5ODNiNDY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqSKC3PLl1NIBKM/xd5q76lLo9mMYtnTeCfENAek7segbdVeg
+90zssVmlcJsOyVUIhR2pOE7rC2sGMp7EhZfotVxWi6y2zl0nmzwkF0BJPSUwHEN
IooL/bpnk5hcv0vp52sJ8SaezZwtLOFn6kbGNZCfXCuN+9aKwe6ff73oVV7XC70j
ulkuJLV7Nmh9WL2l5Visf7tZ7XZtAWEZAh0A+u5t/DUVG0HPsKYTN0CDLFhP+pa/
ANQNo/o3Xdki9QJRNL+uXylE0KUxcxmL6pmdsz2LUVBirdsEMrrEkSPK0QQ4sgrn
3suf3Z8Q3zWaqm4CujItjGWUHx3WYJntI4+eoQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNja0idmgGaan8M1WiQeMKEZg7RlMB8GA1UdIwQYMBaAFJ9jz/JEbs7L6+AS
RjaYC0fgsg+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bjJQUDhrUnV6c3ZyNEJKR05wZ0xSLUN5RDZZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMi8yZjMyMjktYTEzMC00ZGM4LWE0N2ItMmRjMjZkYzRiYzExLzEv
Mk5yU0oyYUFacHFmd3pWYUpCNHdvUm1EdEdVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8y
ZjMyMjktYTEzMC00ZGM4LWE0N2ItMmRjMjZkYzRiYzExLzEvbjJQUDhrUnV6c3Zy
NEJKR05wZ0xSLUN5RDZZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAp6APMA0GCSqGSIb3DQEBCwUAA4IB
AQApn1oJnz4w8ZrntuISmtKAkd5ex3ignRfVmjyZ5RcPd+t80gBxZNXZMBm5MDrO
GHVXEKAPEcNeYJDQfnbCzoxT+/jTUrmfKwxYRmnx9M0HpeLpMBMpWa5C5jS6TsSf
09L14CQD8X2UsT2sdpULYiwPb9wy1Ifo7HOpPPBR2dVtBG6kY9iZ2l5mPkUVUHKc
cs7XtBTP1XphQFkNhk0GBTOb6F81uurarNmOtnYcJg/cU/MiQ8lnZaqiNymGNPWH
YtLApVMtGMRTHqhZ/FxCkaFe1EkDNGXB6becEZR2FzKD4xthyRpVWs1rIHIdYcxc
xp6Nq6IDcGfZkmAffz25bGFb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:43 2024 by rpki-client on console-fra.rpki-client.org