Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/KAX0Nkiu3zeahVlyu3IWrQEGOEk.roa
File:                     KAX0Nkiu3zeahVlyu3IWrQEGOEk.roa (raw, json)
Hash identifier:          g6YpdTWqNb9SdR+y1bLtsGs7uEvyUOIRvDe2I9sZzpg=
Subject key identifier:   28:05:F4:36:48:AE:DF:37:9A:85:59:72:BB:72:16:AD:01:06:38:49
Certificate issuer:       /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial:       01823EE1D49D0B8819CA780FE9CF0604F526
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/KAX0Nkiu3zeahVlyu3IWrQEGOEk.roa
Signing time:             Wed 27 Jul 2022 08:59:23 +0000
ROA not before:           Wed 27 Jul 2022 08:59:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207945
IP address blocks:        2a0f:6b80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3e:e1:d4:9d:0b:88:19:ca:78:0f:e9:cf:06:04:f5:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
        Validity
            Not Before: Jul 27 08:59:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2805f43648aedf379a855972bb7216ad01063849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c4:c5:ea:21:6c:68:01:49:b5:26:a7:14:fd:
                    2b:34:a1:17:cf:12:ff:e6:ac:25:80:4e:2c:fa:7b:
                    53:bb:9c:96:ac:ec:0e:24:97:50:38:d7:57:a4:87:
                    82:2d:87:e9:10:36:3c:cf:4a:b1:14:39:94:15:4d:
                    87:98:4a:7a:e4:97:12:09:99:75:a1:45:38:1e:5e:
                    4f:5e:28:06:92:05:14:c8:60:e4:88:52:33:4a:c6:
                    65:6a:77:c3:92:a7:ad:6d:b3:bb:34:ff:02:4e:9e:
                    34:93:d9:e1:73:7b:5a:c1:e2:dd:e4:d0:fb:e9:6b:
                    1c:de:f5:22:2f:86:ef:8c:80:74:7b:84:1e:fe:fb:
                    60:3b:8e:10:7d:9c:e6:30:94:6e:48:c0:a8:ae:4f:
                    2e:38:30:c2:07:7b:a5:e4:bb:32:8a:cf:ce:38:47:
                    bf:92:75:c7:d6:49:1f:f2:ee:fc:39:68:b4:68:b8:
                    d7:e2:b0:e7:98:41:87:36:98:83:6b:1b:62:60:49:
                    34:a2:a2:77:02:52:a3:58:61:6c:fb:c9:c1:ad:2e:
                    87:17:08:d1:57:ff:61:57:cc:6d:6c:02:3b:58:02:
                    cb:dd:2b:21:96:a8:3b:79:c6:4f:85:1b:7b:32:c2:
                    01:92:28:de:6f:13:79:cb:81:a7:73:3d:6e:7f:08:
                    02:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:05:F4:36:48:AE:DF:37:9A:85:59:72:BB:72:16:AD:01:06:38:49
            X509v3 Authority Key Identifier:
                keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/KAX0Nkiu3zeahVlyu3IWrQEGOEk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         ab:7f:54:e3:f3:59:a8:33:66:47:63:f3:f4:7b:14:63:44:b9:
         47:05:34:23:c9:7b:b8:e4:f7:3b:99:95:21:a1:75:53:14:a5:
         48:e3:93:4d:cb:43:79:6b:5e:2b:d5:6f:9e:ee:30:cb:f3:6a:
         72:50:0c:68:11:c2:06:4d:bb:34:ab:87:44:2a:34:0c:41:d9:
         7f:79:a1:4e:a9:85:58:b4:ae:7c:0d:48:e3:2d:47:18:24:ee:
         00:16:d0:56:45:59:8d:5a:7d:dd:16:24:29:d7:0a:56:1f:04:
         91:e9:e0:88:a0:8e:3c:f0:5a:5d:ca:34:e2:c0:c2:e6:a7:3c:
         70:bc:3b:f0:41:6a:52:99:5a:cc:50:e9:a7:ca:c8:3d:4c:cb:
         78:4d:ec:2b:e5:8b:42:c9:04:33:98:75:49:47:b8:af:32:f4:
         04:2a:0f:2f:46:da:0d:4a:52:5d:26:4d:f0:49:ac:fb:05:52:
         4c:3e:83:c6:ec:53:65:2c:21:1e:fb:d4:72:66:f7:68:77:a9:
         83:b5:09:f4:88:67:3a:bf:f0:c1:2c:4d:3d:fd:65:79:d8:44:
         52:a5:2c:0d:81:0d:8e:01:bb:b9:be:d7:00:4f:db:1f:8f:ff:
         8b:dd:26:88:3c:2f:b2:67:84:ed:a9:82:13:07:6e:05:61:12:
         90:f1:51:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI+4dSdC4gZyngP6c8GBPUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjIwNzI3MDg1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA1ZjQzNjQ4YWVkZjM3OWE4NTU5NzJiYjcyMTZhZDAxMDYzODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMTF6iFsaAFJtSanFP0rNKEXzxL/
5qwlgE4s+ntTu5yWrOwOJJdQONdXpIeCLYfpEDY8z0qxFDmUFU2HmEp65JcSCZl1
oUU4Hl5PXigGkgUUyGDkiFIzSsZlanfDkqetbbO7NP8CTp40k9nhc3taweLd5ND7
6Wsc3vUiL4bvjIB0e4Qe/vtgO44QfZzmMJRuSMCork8uODDCB3ul5Lsyis/OOEe/
knXH1kkf8u78OWi0aLjX4rDnmEGHNpiDaxtiYEk0oqJ3AlKjWGFs+8nBrS6HFwjR
V/9hV8xtbAI7WALL3Sshlqg7ecZPhRt7MsIBkijebxN5y4Gncz1ufwgC2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCgF9DZIrt83moVZcrtyFq0BBjhJMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvS0FYME5raXUzemVhaFZseXUzSVdyUUVHT0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9rgDAN
BgkqhkiG9w0BAQsFAAOCAQEAq39U4/NZqDNmR2Pz9HsUY0S5RwU0I8l7uOT3O5mV
IaF1UxSlSOOTTctDeWteK9Vvnu4wy/NqclAMaBHCBk27NKuHRCo0DEHZf3mhTqmF
WLSufA1I4y1HGCTuABbQVkVZjVp93RYkKdcKVh8EkengiKCOPPBaXco04sDC5qc8
cLw78EFqUplazFDpp8rIPUzLeE3sK+WLQskEM5h1SUe4rzL0BCoPL0baDUpSXSZN
8Ems+wVSTD6DxuxTZSwhHvvUcmb3aHepg7UJ9IhnOr/wwSxNPf1ledhEUqUsDYEN
jgG7ub7XAE/bH4//i90miDwvsmeE7amCEwduBWESkPFRBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org