Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Gg2XtQ0b81TVNPWMJX0qrbyxKUg.roa
File:                     Gg2XtQ0b81TVNPWMJX0qrbyxKUg.roa (raw, json)
Hash identifier:          ClLjPQkshqJH9J5hNBAzKu5IscEo2lm53bUgW0hnre8=
Subject key identifier:   1A:0D:97:B5:0D:1B:F3:54:D5:34:F5:8C:25:7D:2A:AD:BC:B1:29:48
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018345CCBEC595FBA66FB2426FCE6DC596A1
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Gg2XtQ0b81TVNPWMJX0qrbyxKUg.roa
Signing time:             Fri 16 Sep 2022 10:16:29 +0000
ROA not before:           Fri 16 Sep 2022 10:16:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48646
IP address blocks:        2a0c:9a40:808a::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:cc:be:c5:95:fb:a6:6f:b2:42:6f:ce:6d:c5:96:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Sep 16 10:16:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1a0d97b50d1bf354d534f58c257d2aadbcb12948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a9:de:f6:4d:43:09:a4:8a:92:40:19:fc:5c:
                    24:ce:f8:36:4f:b9:3c:f5:b1:e0:91:20:c0:8a:ef:
                    1f:af:07:1b:ce:b5:19:2e:dc:66:55:8b:f4:63:15:
                    9d:39:1b:b0:30:55:b7:cd:b4:0f:c8:ae:24:8c:19:
                    aa:e0:46:7f:fb:ad:37:0d:f3:66:1c:71:ab:0c:ad:
                    74:53:58:aa:d2:87:85:99:bd:8a:69:c2:95:5a:f1:
                    97:16:f7:0e:cc:77:51:cd:e7:51:17:46:d7:9f:a0:
                    e8:22:3c:ce:e3:1e:a9:6d:33:4b:4c:1d:d2:d2:a0:
                    79:ee:73:1b:f4:fc:78:37:3e:6e:5b:c6:b7:3e:2d:
                    2f:1a:ba:df:41:e6:4f:20:2f:5f:83:76:5e:01:87:
                    ce:56:ae:0f:05:e3:a7:05:5b:c5:fb:d5:d1:81:fc:
                    8a:d9:66:73:41:28:be:29:70:cd:f1:97:16:b7:f2:
                    1a:b6:03:ab:ad:ad:10:97:bb:8f:6a:0b:ba:74:20:
                    2c:ef:f2:73:76:92:3e:6c:93:b8:6c:ac:83:10:53:
                    82:4a:bb:14:c1:16:ff:21:2a:e9:f9:b3:16:ef:cb:
                    4a:4b:1a:d4:c5:5a:63:1f:f2:b9:27:34:8b:88:70:
                    af:4c:bf:90:0a:8d:14:ad:db:a3:13:e5:95:4b:dc:
                    5e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0D:97:B5:0D:1B:F3:54:D5:34:F5:8C:25:7D:2A:AD:BC:B1:29:48
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Gg2XtQ0b81TVNPWMJX0qrbyxKUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:808a::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:43:53:28:8a:50:90:ee:c6:32:80:4c:a1:70:4c:05:14:1a:
         b5:ef:f3:5f:2c:30:43:a5:ce:50:96:c4:b0:93:d7:7d:e3:f1:
         fa:89:c8:81:73:85:89:a5:ad:fa:70:20:37:9d:fc:dd:d2:96:
         be:07:14:fb:12:00:94:d7:c8:71:43:60:bf:89:72:6f:95:e3:
         e2:b0:f6:e7:72:2c:1a:93:33:de:69:80:d0:a1:3e:59:c7:c8:
         6f:8f:36:0b:45:11:85:95:90:d1:90:97:eb:82:3b:5b:91:d0:
         22:c8:94:67:9c:d7:2d:01:00:0f:87:7c:71:41:2b:f3:0b:7f:
         ac:81:d0:b6:bd:53:0c:b3:51:1a:6b:d7:bf:80:d3:1d:13:87:
         67:7c:49:9d:d0:06:cd:87:19:0d:a1:f6:a6:de:a5:8a:5b:9a:
         f4:e8:65:ad:99:73:ca:01:39:22:24:d2:50:ef:40:a2:73:61:
         af:a1:92:80:b1:2a:d6:fe:46:3d:61:50:ba:75:8e:0e:1e:3b:
         13:f1:d2:14:f8:93:ea:ea:ea:1c:ed:fb:13:eb:c7:ff:44:af:
         ec:06:6e:0a:61:ac:c6:cf:d1:d4:58:9c:e8:15:df:bd:2e:0c:
         63:7c:59:ec:ae:4a:dc:24:98:45:ea:84:81:36:e5:17:9a:28:
         d0:e4:71:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzL7Flfumb7JCb85txZahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTBkOTdiNTBkMWJmMzU0ZDUzNGY1OGMyNTdkMmFhZGJjYjEyOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqne9k1DCaSKkkAZ/Fwkzvg2T7k8
9bHgkSDAiu8frwcbzrUZLtxmVYv0YxWdORuwMFW3zbQPyK4kjBmq4EZ/+603DfNm
HHGrDK10U1iq0oeFmb2KacKVWvGXFvcOzHdRzedRF0bXn6DoIjzO4x6pbTNLTB3S
0qB57nMb9Px4Nz5uW8a3Pi0vGrrfQeZPIC9fg3ZeAYfOVq4PBeOnBVvF+9XRgfyK
2WZzQSi+KXDN8ZcWt/IatgOrra0Ql7uPagu6dCAs7/JzdpI+bJO4bKyDEFOCSrsU
wRb/ISrp+bMW78tKSxrUxVpjH/K5JzSLiHCvTL+QCo0UrdujE+WVS9xeSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBoNl7UNG/NU1TT1jCV9Kq28sSlIMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvR2cyWHRRMGI4MVRWTlBXTUpYMHFyYnl4S1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICK
MA0GCSqGSIb3DQEBCwUAA4IBAQBaQ1MoilCQ7sYygEyhcEwFFBq17/NfLDBDpc5Q
lsSwk9d94/H6iciBc4WJpa36cCA3nfzd0pa+BxT7EgCU18hxQ2C/iXJvlePisPbn
ciwakzPeaYDQoT5Zx8hvjzYLRRGFlZDRkJfrgjtbkdAiyJRnnNctAQAPh3xxQSvz
C3+sgdC2vVMMs1Eaa9e/gNMdE4dnfEmd0AbNhxkNofam3qWKW5r06GWtmXPKATki
JNJQ70Cic2GvoZKAsSrW/kY9YVC6dY4OHjsT8dIU+JPq6uoc7fsT68f/RK/sBm4K
YazGz9HUWJzoFd+9LgxjfFnsrkrcJJhF6oSBNuUXmijQ5HE4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:49 2024 by rpki-client on console-fra.rpki-client.org