Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/06yC_vomdUW73hI6s-NfiWVfFfI.roa
File:                     06yC_vomdUW73hI6s-NfiWVfFfI.roa (raw, json)
Hash identifier:          2IgD4d2ru4MNM2zlr7F1+t2I0VLlBdJZD7z40+gNT70=
Subject key identifier:   D3:AC:82:FE:FA:26:75:45:BB:DE:12:3A:B3:E3:5F:89:65:5F:15:F2
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       38C6175C
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/06yC_vomdUW73hI6s-NfiWVfFfI.roa
Signing time:             Tue 17 May 2022 05:30:33 +0000
ROA not before:           Tue 17 May 2022 05:30:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210646
IP address blocks:        151.251.66.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 952506204 (0x38c6175c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 17 05:30:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d3ac82fefa267545bbde123ab3e35f89655f15f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:b8:7a:ed:7e:82:78:0b:72:40:20:3b:3d:50:
                    f9:60:6a:96:c8:1a:a7:87:9b:03:46:60:1d:d8:ae:
                    78:11:f8:4f:94:c2:a3:c0:50:ba:9d:ba:2d:eb:17:
                    fc:ed:4c:1b:c0:ac:bb:1c:1d:c5:6d:65:d7:13:50:
                    7a:0b:a3:6b:db:e7:b9:86:14:36:af:d1:65:48:6e:
                    7e:46:a8:f0:6b:b4:2b:d8:3d:99:78:35:4f:1f:14:
                    03:97:fa:5e:16:3f:2a:25:81:6f:ad:45:e8:71:35:
                    fb:70:8d:dd:9a:68:ea:05:0a:96:b0:a0:1e:40:1c:
                    7b:67:e1:8c:5c:f3:52:53:6b:0f:4d:1c:ec:a5:b0:
                    e5:f1:b3:74:b2:ec:dc:8e:f9:b4:ff:67:ce:3c:0c:
                    7b:0f:29:e5:fc:36:45:55:fa:55:07:0e:bc:aa:3f:
                    cf:53:57:83:56:54:25:eb:ba:68:20:43:94:ca:95:
                    7c:29:4e:4d:c7:08:a6:40:33:ce:a9:04:d3:4b:f0:
                    7b:13:8e:70:67:32:b2:0a:1f:af:51:aa:7f:fa:0e:
                    1f:57:a7:34:40:00:81:18:e8:80:92:5c:b6:1e:b6:
                    2f:36:b9:b9:85:be:44:ac:e3:b2:be:45:85:f5:88:
                    b3:f0:97:24:70:19:d4:ca:a7:d4:b4:be:d2:cb:d1:
                    ce:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:AC:82:FE:FA:26:75:45:BB:DE:12:3A:B3:E3:5F:89:65:5F:15:F2
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/06yC_vomdUW73hI6s-NfiWVfFfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.251.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:30:98:72:20:11:21:cc:87:6b:46:ad:a7:d3:72:79:d5:d1:
         02:5b:c3:b2:88:eb:88:bc:a2:33:ed:58:1f:43:b9:38:db:d4:
         e1:cc:01:86:f3:aa:f8:1f:6f:2f:44:20:17:7e:0e:1e:e3:ef:
         51:d1:98:74:f8:88:5f:aa:e8:d7:25:6a:23:d6:da:f4:1b:2c:
         13:6a:4f:a2:1b:85:0b:06:2e:68:e8:72:36:b1:c3:54:40:bf:
         c9:17:76:f9:3b:cf:bc:23:91:4a:d0:a3:5f:ae:b7:29:51:9a:
         ca:23:d6:57:8d:3a:45:e9:25:73:e0:63:64:07:c6:b9:85:bd:
         00:ee:45:10:19:a7:43:21:6d:70:69:d3:3f:0f:ac:c6:aa:bd:
         5c:e3:d3:f8:66:1d:2b:99:1d:74:41:53:95:0f:cb:76:0f:03:
         42:b4:63:44:21:89:68:9a:b7:6e:07:f4:f3:f3:1e:fe:6f:27:
         ca:f5:f8:45:85:aa:ab:0f:f3:97:65:57:b9:4b:ef:2e:ef:c2:
         3b:00:f6:b0:78:29:96:70:cf:44:f8:b6:5b:a0:e0:4e:40:1a:
         9c:b7:da:7d:a5:4f:54:fc:96:ca:b3:bc:80:8a:e5:d2:f6:f9:
         6a:ce:9b:91:60:2c:46:12:83:15:f1:1d:1f:d9:d8:dc:99:a1:
         5d:72:65:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOMYXXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MzAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNhYzgyZmVmYTI2
NzU0NWJiZGUxMjNhYjNlMzVmODk2NTVmMTVmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPa4eu1+gngLckAgOz1Q+WBqlsgap4ebA0ZgHdiueBH4T5TC
o8BQup26LesX/O1MG8CsuxwdxW1l1xNQeguja9vnuYYUNq/RZUhufkao8Gu0K9g9
mXg1Tx8UA5f6XhY/KiWBb61F6HE1+3CN3Zpo6gUKlrCgHkAce2fhjFzzUlNrD00c
7KWw5fGzdLLs3I75tP9nzjwMew8p5fw2RVX6VQcOvKo/z1NXg1ZUJeu6aCBDlMqV
fClOTccIpkAzzqkE00vwexOOcGcysgofr1Gqf/oOH1enNEAAgRjogJJcth62Lza5
uYW+RKzjsr5FhfWIs/CXJHAZ1Mqn1LS+0svRzpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTrIL++iZ1RbveEjqz41+JZV8V8jAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
LzA2eUNfdm9tZFVXNzNoSTZzLU5maVdWZkZmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZf7QjANBgkqhkiG9w0BAQsFAAOC
AQEADzCYciARIcyHa0atp9NyedXRAlvDsojriLyiM+1YH0O5ONvU4cwBhvOq+B9v
L0QgF34OHuPvUdGYdPiIX6ro1yVqI9ba9BssE2pPohuFCwYuaOhyNrHDVEC/yRd2
+TvPvCORStCjX663KVGayiPWV406Reklc+BjZAfGuYW9AO5FEBmnQyFtcGnTPw+s
xqq9XOPT+GYdK5kddEFTlQ/Ldg8DQrRjRCGJaJq3bgf08/Me/m8nyvX4RYWqqw/z
l2VXuUvvLu/COwD2sHgplnDPRPi2W6DgTkAanLfafaVPVPyWyrO8gIrl0vb5as6b
kWAsRhKDFfEdH9nY3JmhXXJlog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:51 2024 by rpki-client on console-ams.rpki-client.org