Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/Y999ljnVlxTuPdWRhz9Yf5xHZ5o.roa
File:                     Y999ljnVlxTuPdWRhz9Yf5xHZ5o.roa (raw, json)
Hash identifier:          4MqV9IDju8dlETL6wF1jcCEvCdEmbdhdxbjUlJ+l5wc=
Subject key identifier:   63:DF:7D:96:39:D5:97:14:EE:3D:D5:91:87:3F:58:7F:9C:47:67:9A
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       15639218
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/Y999ljnVlxTuPdWRhz9Yf5xHZ5o.roa
Signing time:             Sat 01 Jan 2022 08:04:52 +0000
ROA not before:           Sat 01 Jan 2022 08:04:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62217
IP address blocks:        2a06:3e80::/32 maxlen: 32
                          2a04:a140::/32 maxlen: 32
                          2a05:2d00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 358847000 (0x15639218)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jan  1 08:04:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=63df7d9639d59714ee3dd591873f587f9c47679a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:cb:31:76:d8:cc:8c:91:4e:8c:7f:77:6b:50:
                    bf:20:ad:58:22:f4:46:89:52:42:df:a3:f6:23:e3:
                    66:9f:99:8c:1c:95:49:84:fb:56:77:46:15:d8:fd:
                    d8:8d:7c:28:bb:e0:ee:5e:ff:8f:18:69:8b:af:c7:
                    ee:31:72:62:73:da:e4:c1:0c:42:e3:b2:11:9b:d7:
                    3e:59:b6:f8:82:ea:71:37:65:8b:0d:c1:82:93:9c:
                    59:ea:7d:c8:a4:c2:8e:ae:d6:b5:d7:6f:6e:70:f0:
                    0f:3f:75:0f:39:45:da:cd:b7:05:65:8c:50:37:e4:
                    95:b1:0a:f6:aa:c9:61:8b:ea:d1:91:29:16:92:05:
                    ea:ee:03:a0:28:72:10:fb:3b:db:62:6e:a6:57:98:
                    4a:b9:93:2d:a2:d0:f3:a9:99:de:4f:f3:fc:f3:1f:
                    d6:05:f7:97:94:08:50:5b:06:8c:ed:09:40:ce:8d:
                    09:e7:b9:d4:3f:a8:2d:92:82:a9:65:8c:1e:43:ae:
                    da:69:9e:47:72:07:cf:d8:a4:16:71:e9:34:20:7f:
                    d6:6b:92:fc:a7:6b:45:14:6f:92:b9:4d:9b:99:ef:
                    ac:33:8f:88:0f:99:f0:0d:b0:0d:10:84:e5:88:a0:
                    d5:eb:5e:55:0a:bc:d8:3e:ff:b8:25:37:25:fb:a7:
                    53:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:DF:7D:96:39:D5:97:14:EE:3D:D5:91:87:3F:58:7F:9C:47:67:9A
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/Y999ljnVlxTuPdWRhz9Yf5xHZ5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:a140::/32
                  2a05:2d00::/32
                  2a06:3e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:5a:b4:00:54:8d:e6:1d:42:c6:4e:08:00:ea:dd:11:83:8f:
         1e:a7:2b:66:77:18:38:09:be:4a:27:ce:8c:5a:06:5d:e8:8b:
         87:0e:78:85:4c:80:b7:a4:1a:f3:bc:7b:78:63:0c:a8:ee:49:
         a1:53:12:40:3f:56:47:50:9f:1c:48:e0:5b:74:c3:be:95:23:
         34:48:ee:a2:fd:a4:47:33:c9:d8:3e:a6:3b:3c:c3:87:47:f2:
         9f:d5:6a:a0:b3:88:26:30:29:84:1b:bd:e7:39:b2:c8:c8:d2:
         54:4b:0f:8c:bc:cc:6f:6b:9a:a5:b5:30:3c:4f:2a:95:36:3f:
         3f:7d:28:8a:dc:e3:ac:9c:2e:1e:38:5c:01:5d:dc:28:33:0f:
         4f:74:72:c6:73:13:41:10:9a:bd:a0:f7:0d:1b:c7:e3:ab:6f:
         e7:f4:44:0e:ec:9f:a4:87:35:02:93:0c:f6:dd:44:d0:81:a0:
         03:4c:bf:a1:49:6f:d9:e5:5c:5b:f8:b2:fb:4a:33:97:fb:c8:
         89:96:30:05:71:22:fa:f1:a9:ce:4c:e3:5f:92:92:cb:6c:41:
         3c:84:a2:03:62:c8:47:fc:80:9e:54:7a:c8:f0:5b:57:b3:29:
         61:6b:e8:d8:b2:79:fc:14:55:54:a0:69:f9:d2:1b:7e:9c:8f:
         23:0c:32:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFWOSGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjA3NDM0OTZjN2ZmM2VmZmI4NzA2MDExMzljYWQ5ZDJmMjcxZTEwMB4XDTIyMDEw
MTA4MDQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNkZjdkOTYzOWQ1
OTcxNGVlM2RkNTkxODczZjU4N2Y5YzQ3Njc5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzLMXbYzIyRTox/d2tQvyCtWCL0RolSQt+j9iPjZp+ZjByV
SYT7VndGFdj92I18KLvg7l7/jxhpi6/H7jFyYnPa5MEMQuOyEZvXPlm2+ILqcTdl
iw3BgpOcWep9yKTCjq7WtddvbnDwDz91DzlF2s23BWWMUDfklbEK9qrJYYvq0ZEp
FpIF6u4DoChyEPs722JupleYSrmTLaLQ86mZ3k/z/PMf1gX3l5QIUFsGjO0JQM6N
Cee51D+oLZKCqWWMHkOu2mmeR3IHz9ikFnHpNCB/1muS/KdrRRRvkrlNm5nvrDOP
iA+Z8A2wDRCE5Yig1eteVQq82D7/uCU3JfunU38CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRj332WOdWXFO491ZGHP1h/nEdnmjAfBgNVHSMEGDAWgBSfB0NJbH/z7/uH
BgETnK2dLyceEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L253ZERTV3hfOC1fN2h3WUJFNXl0blM4bkhoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8x
L1k5OTlsam5WbHhUdVBkV1JoejlZZjV4SFo1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8xL253ZERTV3hfOC1f
N2h3WUJFNXl0blM4bkhoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFACoEoUADBQAqBS0AAwUAKgY+gDAN
BgkqhkiG9w0BAQsFAAOCAQEATlq0AFSN5h1Cxk4IAOrdEYOPHqcrZncYOAm+SifO
jFoGXeiLhw54hUyAt6Qa87x7eGMMqO5JoVMSQD9WR1CfHEjgW3TDvpUjNEjuov2k
RzPJ2D6mOzzDh0fyn9VqoLOIJjAphBu95zmyyMjSVEsPjLzMb2uapbUwPE8qlTY/
P30oitzjrJwuHjhcAV3cKDMPT3RyxnMTQRCavaD3DRvH46tv5/REDuyfpIc1ApMM
9t1E0IGgA0y/oUlv2eVcW/iy+0ozl/vIiZYwBXEi+vGpzkzjX5KSy2xBPISiA2LI
R/yAnlR6yPBbV7MpYWvo2LJ5/BRVVKBp+dIbfpyPIwwyLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:00 2024 by rpki-client on console-ams.rpki-client.org