Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/mEmCK6MBRRRRpYWIo0OETc1BxcY.roa
File:                     mEmCK6MBRRRRpYWIo0OETc1BxcY.roa (raw, json)
Hash identifier:          ullMQPtsF6arWzzjzypWCkof6IfvOyNRp5a0ep+Kts0=
Subject key identifier:   98:49:82:2B:A3:01:45:14:51:A5:85:88:A3:43:84:4D:CD:41:C5:C6
Certificate issuer:       /CN=2cf6136315a52d5247124b7cf369aafb8312227e
Certificate serial:       0181F7768A9599BB59DF0DCA4EBD66D507DD
Authority key identifier: 2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/mEmCK6MBRRRRpYWIo0OETc1BxcY.roa
Signing time:             Wed 13 Jul 2022 12:09:09 +0000
ROA not before:           Wed 13 Jul 2022 12:09:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200735
IP address blocks:        2a09:8e40:5000::/36 maxlen: 36
                          2a09:8e40:4000::/36 maxlen: 36
                          2a09:8e40:3000::/36 maxlen: 36
                          2a09:8e40:2000::/36 maxlen: 36
                          2a09:8e40:1000::/36 maxlen: 36
                          2a09:8e40::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f7:76:8a:95:99:bb:59:df:0d:ca:4e:bd:66:d5:07:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cf6136315a52d5247124b7cf369aafb8312227e
        Validity
            Not Before: Jul 13 12:09:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9849822ba301451451a58588a343844dcd41c5c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a9:02:50:46:5c:2b:87:8c:88:13:30:7a:22:
                    af:fb:4b:d8:9b:71:1a:25:6b:a3:94:aa:1d:1b:27:
                    a5:e7:28:a1:46:e0:6c:66:08:5e:5e:9f:e2:93:b1:
                    10:27:18:76:dd:61:30:a1:0d:bc:ab:b9:4c:8d:f0:
                    8e:db:d1:9f:9a:98:ff:f7:53:3c:02:dd:ff:8c:f5:
                    87:32:25:aa:2d:88:7e:fe:73:7d:a8:da:c2:c7:f8:
                    fd:e1:da:4b:11:b8:55:39:c0:e5:00:b0:29:b1:9b:
                    9d:76:ce:db:b0:74:31:4f:df:0b:f7:33:3b:ac:38:
                    60:e8:91:60:d5:02:c7:16:49:7c:bb:1c:c7:68:70:
                    56:0b:c4:4c:5a:3e:09:9a:52:a8:a2:65:cd:c6:da:
                    93:a5:84:f5:da:ec:10:cb:55:ac:2f:4d:8e:9c:ae:
                    96:67:20:60:d8:e1:42:37:92:50:12:22:da:ef:c7:
                    59:10:f7:f9:65:94:cf:eb:05:be:55:d2:4d:96:1b:
                    9e:a2:e6:86:75:2f:5b:22:ad:62:4f:fa:88:b8:bb:
                    c3:dc:8f:17:ee:db:49:97:8b:da:1c:28:23:49:b0:
                    08:26:0d:53:d6:f0:c7:a8:0d:09:72:4f:4b:67:07:
                    a7:08:10:2b:ce:77:3a:24:41:c1:60:ad:d1:d7:ad:
                    e2:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:49:82:2B:A3:01:45:14:51:A5:85:88:A3:43:84:4D:CD:41:C5:C6
            X509v3 Authority Key Identifier:
                keyid:2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/mEmCK6MBRRRRpYWIo0OETc1BxcY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:8e40::-2a09:8e40:5fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         8a:60:ca:21:03:1c:25:b6:ec:dd:53:7f:8c:7d:f0:71:23:aa:
         d5:b4:f0:23:12:9a:df:a5:89:67:b3:28:9f:2c:e0:cf:5a:7d:
         bb:72:93:fa:8e:91:81:4e:1e:ed:48:e5:66:7e:20:c4:41:0c:
         5b:f1:03:4a:80:e9:7f:7f:e2:97:2c:ea:9b:43:78:6e:78:dc:
         d2:77:1c:a3:3d:fa:c2:ff:fc:34:ce:e1:41:d8:3b:57:a7:67:
         1d:c3:a2:e4:4b:3d:8d:a6:4d:9f:7b:b4:e8:4e:d3:4d:a4:4b:
         f6:1b:e5:47:22:32:bf:89:21:80:65:95:75:61:e3:8f:eb:ba:
         5a:ed:1a:59:ae:7a:b3:38:b8:6e:25:41:c6:ba:1f:bf:31:d3:
         d1:9a:95:7e:75:ca:de:8e:cc:b4:21:cb:f3:5a:6c:15:ec:be:
         13:42:15:78:6a:82:14:9b:1f:42:03:c5:66:64:6f:0f:32:01:
         4d:71:00:3a:38:ef:90:5a:a0:65:e7:5b:70:7d:10:00:17:f2:
         7d:dd:69:a1:eb:89:8f:dd:ce:55:d8:0d:28:be:51:0d:a9:81:
         e4:fb:b9:87:ab:35:ac:16:2b:22:62:c8:bb:e6:ee:9d:54:bc:
         9b:b4:14:f5:35:fb:9e:98:5e:82:53:82:ba:e8:61:15:22:40:
         77:a8:42:e3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYH3doqVmbtZ3w3KTr1m1QfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjYxMzYzMTVhNTJkNTI0NzEyNGI3Y2YzNjlhYWZiODMx
MjIyN2UwHhcNMjIwNzEzMTIwOTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ5ODIyYmEzMDE0NTE0NTFhNTg1ODhhMzQzODQ0ZGNkNDFjNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKkCUEZcK4eMiBMweiKv+0vYm3Ea
JWujlKodGyel5yihRuBsZgheXp/ik7EQJxh23WEwoQ28q7lMjfCO29Gfmpj/91M8
At3/jPWHMiWqLYh+/nN9qNrCx/j94dpLEbhVOcDlALApsZudds7bsHQxT98L9zM7
rDhg6JFg1QLHFkl8uxzHaHBWC8RMWj4JmlKoomXNxtqTpYT12uwQy1WsL02OnK6W
ZyBg2OFCN5JQEiLa78dZEPf5ZZTP6wW+VdJNlhueouaGdS9bIq1iT/qIuLvD3I8X
7ttJl4vaHCgjSbAIJg1T1vDHqA0Jck9LZwenCBArznc6JEHBYK3R163iuQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFJhJgiujAUUUUaWFiKNDhE3NQcXGMB8GA1UdIwQY
MBaAFCz2E2MVpS1SRxJLfPNpqvuDEiJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjIt
NzY4ZDNmYjA4ZTcwLzEvbUVtQ0s2TUJSUlJScFlXSW8wT0VUYzFCeGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjItNzY4ZDNmYjA4ZTcw
LzEvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQYqCY5A
AwYFKgmOQEAwDQYJKoZIhvcNAQELBQADggEBAIpgyiEDHCW27N1Tf4x98HEjqtW0
8CMSmt+liWezKJ8s4M9afbtyk/qOkYFOHu1I5WZ+IMRBDFvxA0qA6X9/4pcs6ptD
eG543NJ3HKM9+sL//DTO4UHYO1enZx3DouRLPY2mTZ97tOhO002kS/Yb5UciMr+J
IYBllXVh44/rulrtGlmuerM4uG4lQca6H78x09GalX51yt6OzLQhy/NabBXsvhNC
FXhqghSbH0IDxWZkbw8yAU1xADo475BaoGXnW3B9EAAX8n3daaHriY/dzlXYDSi+
UQ2pgeT7uYerNawWKyJiyLvm7p1UvJu0FPU1+56YXoJTgrroYRUiQHeoQuM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org