Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KWzyzIX1uxyDz6-7dvc_k1HfIEs.roa
File:                     KWzyzIX1uxyDz6-7dvc_k1HfIEs.roa (raw, json)
Hash identifier:          kdQZocCBpa0+1mHhaM1/k8vadmTt7CXb4negdgM3nZM=
Subject key identifier:   29:6C:F2:CC:85:F5:BB:1C:83:CF:AF:BB:76:F7:3F:93:51:DF:20:4B
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018345CCC2E57562ED0F50389C8BEEA83F66
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KWzyzIX1uxyDz6-7dvc_k1HfIEs.roa
Signing time:             Fri 16 Sep 2022 10:16:30 +0000
ROA not before:           Fri 16 Sep 2022 10:16:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202297
IP address blocks:        2a0c:9a40:8089::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:cc:c2:e5:75:62:ed:0f:50:38:9c:8b:ee:a8:3f:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Sep 16 10:16:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=296cf2cc85f5bb1c83cfafbb76f73f9351df204b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:f2:5d:a0:fc:24:61:1b:c5:da:18:49:fd:31:
                    a9:29:c3:83:5f:22:b5:df:32:48:eb:07:95:b1:ba:
                    60:85:1e:5b:e3:04:b8:46:f4:d5:00:3d:40:74:e2:
                    46:31:d4:08:80:a8:44:5f:4a:8f:19:3e:8d:cf:54:
                    be:8c:a2:29:14:7a:61:0f:01:42:b0:44:a6:3f:09:
                    ac:51:93:22:d9:57:20:bf:9a:07:8e:f7:5f:20:bb:
                    94:eb:e0:52:b8:20:18:23:5e:39:0a:75:11:3b:27:
                    be:07:20:12:e1:8c:ae:e0:9c:c1:03:39:d7:82:d3:
                    0e:0b:ce:11:f8:16:c4:1f:fe:7d:a4:c2:15:c5:1f:
                    cb:e9:35:90:52:df:49:fe:40:dd:ac:65:76:8b:e9:
                    78:a3:7c:da:0b:94:3f:e3:04:14:f6:1b:2c:dc:d1:
                    e2:47:0d:4c:fc:af:6d:6d:e4:00:e2:74:16:72:20:
                    6c:f6:eb:74:bb:b4:63:8f:36:f6:5f:9c:a8:3f:16:
                    aa:00:7d:5f:08:42:9e:c1:37:f6:97:58:7b:50:90:
                    de:b9:b0:b5:7b:7e:66:06:0a:5c:dd:0a:1d:c1:01:
                    97:65:72:c6:b2:e5:a3:2f:b2:5a:98:e1:de:66:cc:
                    b5:64:70:22:e7:52:2c:1c:67:2d:59:d2:cc:aa:32:
                    f3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:6C:F2:CC:85:F5:BB:1C:83:CF:AF:BB:76:F7:3F:93:51:DF:20:4B
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KWzyzIX1uxyDz6-7dvc_k1HfIEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8089::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:1b:aa:16:74:78:04:de:fe:a7:6f:c3:2f:0f:e4:fb:a2:90:
         44:75:e2:f1:64:d2:92:47:00:cc:a9:39:2f:de:ef:31:d2:65:
         cc:fc:9d:a4:f8:ec:8e:e8:2b:b1:91:9f:ec:2b:6c:73:eb:7f:
         4a:8f:fe:13:ea:5c:2e:6c:c7:69:34:4b:bf:95:e5:de:36:ed:
         5c:51:7d:a5:72:1e:66:1b:e9:d7:36:fa:e9:74:bb:6e:4c:82:
         34:f1:e0:8c:9a:cb:65:cf:01:c7:2b:ab:65:0b:50:31:df:c1:
         59:87:fc:3f:8c:a8:3c:96:52:78:90:81:0a:79:b6:46:07:ed:
         94:30:89:dd:5a:4b:c4:71:07:f5:1b:5c:87:d7:bb:67:c3:ff:
         de:30:b9:56:48:dc:f8:78:ae:c9:92:25:96:b5:4c:3f:8a:6a:
         15:1a:dd:ca:d5:fd:a0:06:24:3c:20:19:8e:01:c1:cb:ff:4d:
         16:77:fc:b0:55:52:2e:90:dd:1e:93:bf:c4:76:e5:d4:a9:85:
         b5:b0:0f:1f:9b:29:f4:e5:23:3c:d4:b8:58:08:01:e2:5a:5a:
         f5:52:c0:e0:ec:d0:df:03:6f:58:d1:f0:b1:14:63:2d:e0:b8:
         72:18:6a:4b:e3:6d:89:8f:f8:be:39:f6:1b:d9:a2:20:be:41:
         9e:62:f6:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzMLldWLtD1A4nIvuqD9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZjZjJjYzg1ZjViYjFjODNjZmFmYmI3NmY3M2Y5MzUxZGYyMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPJdoPwkYRvF2hhJ/TGpKcODXyK1
3zJI6weVsbpghR5b4wS4RvTVAD1AdOJGMdQIgKhEX0qPGT6Nz1S+jKIpFHphDwFC
sESmPwmsUZMi2Vcgv5oHjvdfILuU6+BSuCAYI145CnUROye+ByAS4Yyu4JzBAznX
gtMOC84R+BbEH/59pMIVxR/L6TWQUt9J/kDdrGV2i+l4o3zaC5Q/4wQU9hss3NHi
Rw1M/K9tbeQA4nQWciBs9ut0u7Rjjzb2X5yoPxaqAH1fCEKewTf2l1h7UJDeubC1
e35mBgpc3QodwQGXZXLGsuWjL7JamOHeZsy1ZHAi51IsHGctWdLMqjLzQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCls8syF9bscg8+vu3b3P5NR3yBLMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvS1d6eXpJWDF1eHlEejYtN2R2Y19rMUhmSUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBNG6oWdHgE3v6nb8MvD+T7opBEdeLxZNKSRwDM
qTkv3u8x0mXM/J2k+OyO6CuxkZ/sK2xz639Kj/4T6lwubMdpNEu/leXeNu1cUX2l
ch5mG+nXNvrpdLtuTII08eCMmstlzwHHK6tlC1Ax38FZh/w/jKg8llJ4kIEKebZG
B+2UMIndWkvEcQf1G1yH17tnw//eMLlWSNz4eK7JkiWWtUw/imoVGt3K1f2gBiQ8
IBmOAcHL/00Wd/ywVVIukN0ek7/EduXUqYW1sA8fmyn05SM81LhYCAHiWlr1UsDg
7NDfA29Y0fCxFGMt4LhyGGpL422Jj/i+OfYb2aIgvkGeYvZ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org