Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zDRyCm-9zNCRxLinU0-yXkZVunA.roa
File:                     zDRyCm-9zNCRxLinU0-yXkZVunA.roa (raw, json)
Hash identifier:          lun6gl44Zh/TbuOXcrIGHroR//275tlMJ5/RhZD2Lqg=
Subject key identifier:   CC:34:72:0A:6F:BD:CC:D0:91:C4:B8:A7:53:4F:B2:5E:46:55:BA:70
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018345CCBE6F6F4C6F74EC3A5424BF22D85E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zDRyCm-9zNCRxLinU0-yXkZVunA.roa
Signing time:             Fri 16 Sep 2022 10:16:29 +0000
ROA not before:           Fri 16 Sep 2022 10:16:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43927
IP address blocks:        2a0c:9a40:8088::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:cc:be:6f:6f:4c:6f:74:ec:3a:54:24:bf:22:d8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Sep 16 10:16:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc34720a6fbdccd091c4b8a7534fb25e4655ba70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:25:aa:68:8b:55:9b:05:b4:20:54:f8:3c:ec:
                    c0:d1:13:98:32:a1:50:68:7b:47:aa:64:d9:27:2d:
                    b5:d8:7c:2f:13:1c:56:5f:c2:69:98:5f:9c:ce:42:
                    44:3e:77:29:cb:1e:a6:8d:e5:cb:97:42:f7:a9:24:
                    5a:0a:57:52:00:11:da:1a:61:6b:ce:56:70:e8:3e:
                    3d:4f:aa:f3:f8:dd:ad:52:88:ad:2b:7e:90:2e:8a:
                    a1:46:f5:ab:10:05:f7:fa:da:00:3b:68:d6:68:28:
                    4c:4b:6e:73:1f:78:57:b5:91:73:74:f7:fb:fd:b8:
                    f9:12:fb:a9:6e:a6:62:5e:eb:f9:54:4e:f2:0e:10:
                    d0:c7:ae:19:91:72:36:e8:55:37:f6:92:99:76:17:
                    63:97:70:d4:15:28:8d:2c:a4:b9:04:80:45:b9:75:
                    76:f8:03:c8:f4:05:68:01:83:dd:fe:8b:1a:4b:9f:
                    bc:85:1b:fc:f5:c9:45:5c:f1:35:0b:da:b3:7b:f6:
                    a2:6e:a7:95:fa:20:b4:b3:bd:0c:2f:9b:de:9a:4b:
                    d1:ce:31:2a:3e:16:0b:75:03:2a:5b:e0:bc:2a:09:
                    5e:1e:7d:da:1d:98:cf:e9:5b:0f:43:7a:53:b5:e6:
                    f5:ce:61:fe:c9:a3:32:49:df:49:7a:4d:64:c8:3a:
                    f8:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:34:72:0A:6F:BD:CC:D0:91:C4:B8:A7:53:4F:B2:5E:46:55:BA:70
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zDRyCm-9zNCRxLinU0-yXkZVunA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8088::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:ed:7f:b7:57:bb:aa:87:9e:e7:59:e0:f4:b2:f7:0b:2b:92:
         42:c4:d7:33:64:3b:ae:67:ad:20:cb:12:19:33:7c:4c:97:d9:
         f3:7d:b7:76:b2:f4:22:fb:63:66:10:eb:07:0e:87:27:67:c9:
         32:6e:23:07:b9:07:5e:cb:81:98:36:8d:ed:ac:27:a1:40:4e:
         e7:af:55:02:b8:ce:21:d7:e7:3f:14:6e:cf:2d:8e:0a:3d:22:
         75:87:12:55:ea:54:22:e8:2e:2c:f2:7f:cb:2e:04:ed:d0:a7:
         b5:c4:aa:7f:33:ce:ee:ea:ba:07:13:38:bf:13:a1:c5:d6:8d:
         4a:0f:2a:99:28:69:dd:d3:8c:ae:e3:07:dd:1d:d9:9d:b6:7c:
         d8:9d:d2:56:72:48:2d:ce:f5:76:95:b4:b5:c1:70:66:d2:b8:
         b6:be:5a:de:c4:f6:c8:c8:c3:00:86:a8:7a:be:c2:35:96:e9:
         33:b9:a4:26:6f:00:ba:90:0c:64:e1:77:ec:59:a1:1e:af:6e:
         7f:af:44:62:9a:37:d4:ac:f3:3c:28:12:70:7d:a1:63:51:38:
         a1:dd:0e:34:9a:1f:17:4c:01:ae:e3:8e:d5:ed:20:1a:c8:23:
         4d:6b:f0:09:d1:dd:3c:ac:03:58:3e:d8:2e:04:07:99:c8:74:
         2c:0d:6c:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzL5vb0xvdOw6VCS/ItheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzM0NzIwYTZmYmRjY2QwOTFjNGI4YTc1MzRmYjI1ZTQ2NTViYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyWqaItVmwW0IFT4POzA0ROYMqFQ
aHtHqmTZJy212HwvExxWX8JpmF+czkJEPncpyx6mjeXLl0L3qSRaCldSABHaGmFr
zlZw6D49T6rz+N2tUoitK36QLoqhRvWrEAX3+toAO2jWaChMS25zH3hXtZFzdPf7
/bj5EvupbqZiXuv5VE7yDhDQx64ZkXI26FU39pKZdhdjl3DUFSiNLKS5BIBFuXV2
+API9AVoAYPd/osaS5+8hRv89clFXPE1C9qze/aibqeV+iC0s70ML5vemkvRzjEq
PhYLdQMqW+C8KgleHn3aHZjP6VsPQ3pTteb1zmH+yaMySd9Jek1kyDr4zwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMw0cgpvvczQkcS4p1NPsl5GVbpwMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvekRSeUNtLTl6TkNSeExpblUwLXlYa1pWdW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICI
MA0GCSqGSIb3DQEBCwUAA4IBAQB37X+3V7uqh57nWeD0svcLK5JCxNczZDuuZ60g
yxIZM3xMl9nzfbd2svQi+2NmEOsHDocnZ8kybiMHuQdey4GYNo3trCehQE7nr1UC
uM4h1+c/FG7PLY4KPSJ1hxJV6lQi6C4s8n/LLgTt0Ke1xKp/M87u6roHEzi/E6HF
1o1KDyqZKGnd04yu4wfdHdmdtnzYndJWckgtzvV2lbS1wXBm0ri2vlrexPbIyMMA
hqh6vsI1lukzuaQmbwC6kAxk4XfsWaEer25/r0RimjfUrPM8KBJwfaFjUTih3Q40
mh8XTAGu447V7SAayCNNa/AJ0d08rANYPtguBAeZyHQsDWxm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org