Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dMMREbWYl84KnSAClXtE8wapsAU.roa
File:                     dMMREbWYl84KnSAClXtE8wapsAU.roa (raw, json)
Hash identifier:          oN5wEP82dQAWasl4WIxXGC05/K3hyFPw5D5iOtgq0AM=
Subject key identifier:   74:C3:11:11:B5:98:97:CE:0A:9D:20:02:95:7B:44:F3:06:A9:B0:05
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018345CCBBC5E6B392DCE71BDA693B34BEB2
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dMMREbWYl84KnSAClXtE8wapsAU.roa
Signing time:             Fri 16 Sep 2022 10:16:28 +0000
ROA not before:           Fri 16 Sep 2022 10:16:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7489
IP address blocks:        2a0c:9a40:8085::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:cc:bb:c5:e6:b3:92:dc:e7:1b:da:69:3b:34:be:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Sep 16 10:16:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=74c31111b59897ce0a9d2002957b44f306a9b005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:02:f3:b8:88:33:36:83:45:bc:70:df:21:50:
                    39:5f:42:b1:b9:83:8b:d0:82:9b:b8:a9:af:50:c5:
                    71:c9:fb:37:84:7a:6f:5b:05:72:90:05:50:61:51:
                    43:b1:f7:3c:de:3f:b8:07:5d:34:08:cc:ff:00:62:
                    f6:8b:75:9b:a9:f2:c8:11:aa:36:6e:f1:da:9d:79:
                    42:64:56:18:67:6b:de:ac:f8:a2:80:54:91:bd:94:
                    56:ca:66:40:8e:fa:15:f0:66:f0:dd:58:48:80:b7:
                    a7:72:6c:33:d6:0f:33:20:40:14:8e:3e:f9:74:66:
                    95:ab:50:9c:ae:9c:6b:07:0a:41:12:5a:b1:22:aa:
                    ac:da:3b:2f:d3:56:18:55:18:e3:0e:08:df:63:70:
                    f7:d4:c4:0f:0b:0a:dc:d3:71:91:16:8c:af:32:03:
                    91:15:17:9f:8b:a2:11:43:d0:fc:9d:04:8b:87:5b:
                    e7:17:44:10:81:f7:c2:3f:f9:79:25:73:23:00:a0:
                    2c:1e:be:cd:fe:24:16:21:c9:9e:f9:4a:4c:0c:d1:
                    b7:71:f3:e6:fc:e1:3f:d5:a2:8f:dc:aa:0a:a6:c6:
                    7e:d1:80:64:09:4e:90:85:4f:cf:6c:02:b2:17:6b:
                    2c:76:60:46:7f:bb:a9:c3:39:66:78:77:2c:40:d5:
                    d4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C3:11:11:B5:98:97:CE:0A:9D:20:02:95:7B:44:F3:06:A9:B0:05
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/dMMREbWYl84KnSAClXtE8wapsAU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8085::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:ec:66:b4:27:16:96:15:fd:42:db:b0:21:85:68:ae:90:dd:
         a2:53:3b:d6:5c:be:4c:4c:ca:08:b8:84:45:dc:d9:e3:97:ae:
         ec:36:0c:f2:ef:cb:18:84:68:a7:62:f0:a9:00:17:c8:63:55:
         21:27:cf:0a:52:8f:0c:4e:9e:3a:55:0c:52:0d:6d:86:af:ce:
         3a:41:f5:89:8f:a5:1c:6f:02:85:b3:92:d0:59:6a:d2:a1:7f:
         1a:06:f7:a4:bd:fa:88:0c:01:e0:3e:dd:a7:41:44:e9:eb:09:
         07:8c:fd:10:cc:ac:01:39:0b:fa:70:ed:c2:46:9c:a5:9f:87:
         2b:51:24:2e:e6:26:d3:f9:6d:3c:87:67:d1:5d:24:0e:53:1f:
         63:8a:5a:c1:fc:8c:a6:8b:0e:16:85:62:74:d1:64:48:0e:34:
         8a:6b:e4:36:04:1d:ad:bf:6f:12:ff:cd:25:19:5d:3f:c8:f7:
         19:c2:ff:b7:e5:11:b3:dd:27:ef:fc:78:f2:6c:b8:e7:1c:bc:
         5f:f1:56:a0:e0:81:02:00:0c:6e:e4:64:35:e7:d2:48:c5:20:
         f6:b7:ef:77:0c:51:ca:9b:6a:c9:96:92:6b:da:e8:63:35:e4:
         a1:25:1b:99:a9:b2:3a:c0:08:77:41:f1:05:ae:23:0c:94:a4:
         a2:bc:88:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzLvF5rOS3Ocb2mk7NL6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGMzMTExMWI1OTg5N2NlMGE5ZDIwMDI5NTdiNDRmMzA2YTliMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQLzuIgzNoNFvHDfIVA5X0KxuYOL
0IKbuKmvUMVxyfs3hHpvWwVykAVQYVFDsfc83j+4B100CMz/AGL2i3WbqfLIEao2
bvHanXlCZFYYZ2verPiigFSRvZRWymZAjvoV8Gbw3VhIgLencmwz1g8zIEAUjj75
dGaVq1CcrpxrBwpBElqxIqqs2jsv01YYVRjjDgjfY3D31MQPCwrc03GRFoyvMgOR
FRefi6IRQ9D8nQSLh1vnF0QQgffCP/l5JXMjAKAsHr7N/iQWIcme+UpMDNG3cfPm
/OE/1aKP3KoKpsZ+0YBkCU6QhU/PbAKyF2ssdmBGf7upwzlmeHcsQNXUmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHTDERG1mJfOCp0gApV7RPMGqbAFMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZE1NUkViV1lsODRLblNBQ2xYdEU4d2Fwc0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICF
MA0GCSqGSIb3DQEBCwUAA4IBAQBd7Ga0JxaWFf1C27AhhWiukN2iUzvWXL5MTMoI
uIRF3Nnjl67sNgzy78sYhGinYvCpABfIY1UhJ88KUo8MTp46VQxSDW2Gr846QfWJ
j6UcbwKFs5LQWWrSoX8aBvekvfqIDAHgPt2nQUTp6wkHjP0QzKwBOQv6cO3CRpyl
n4crUSQu5ibT+W08h2fRXSQOUx9jilrB/Iymiw4WhWJ00WRIDjSKa+Q2BB2tv28S
/80lGV0/yPcZwv+35RGz3Sfv/HjybLjnHLxf8Vag4IECAAxu5GQ159JIxSD2t+93
DFHKm2rJlpJr2uhjNeShJRuZqbI6wAh3QfEFriMMlKSivIhL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org