Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/awsErrrrkZj3Y5jmbmxXFXpqUOM.roa
File:                     awsErrrrkZj3Y5jmbmxXFXpqUOM.roa (raw, json)
Hash identifier:          DeWY3+vEIOfXuMfLO5+BOERXNsWrYQStDHZ1dfRtqwo=
Subject key identifier:   6B:0B:04:AE:BA:EB:91:98:F7:63:98:E6:6E:6C:57:15:7A:6A:50:E3
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       018262BBFC53929E2D32EE45EE06348B0745
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/awsErrrrkZj3Y5jmbmxXFXpqUOM.roa
Signing time:             Wed 03 Aug 2022 08:04:23 +0000
ROA not before:           Wed 03 Aug 2022 08:04:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13347
IP address blocks:        62.100.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:62:bb:fc:53:92:9e:2d:32:ee:45:ee:06:34:8b:07:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Aug  3 08:04:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b0b04aebaeb9198f76398e66e6c57157a6a50e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:47:9b:9c:98:2b:69:2e:50:a3:31:a1:b0:0c:
                    c2:5d:4a:58:59:4e:f0:64:7a:56:1a:e5:e4:18:6a:
                    3a:06:09:57:9f:14:ed:f4:4d:84:29:e4:fc:f9:06:
                    9b:63:23:c3:e3:0b:d9:26:b2:e6:16:e3:de:30:75:
                    19:4f:89:79:53:b7:37:a5:fc:48:a5:23:4c:73:b5:
                    44:1c:f1:05:39:72:a6:f1:f0:2a:91:d9:5b:6c:5e:
                    54:3d:95:ec:66:20:9b:17:38:94:4a:84:b9:b6:0c:
                    a4:b2:18:86:1e:48:04:bd:39:f3:11:13:f3:2e:4b:
                    e9:9c:9a:4d:d0:98:1c:39:5e:f8:52:ee:78:af:23:
                    de:e1:6f:c9:1d:63:58:6a:15:3a:a3:ac:fe:13:4d:
                    bb:57:ec:36:45:e9:fc:52:85:cb:f5:20:a5:96:79:
                    c0:de:2c:fb:b4:22:02:89:b3:58:70:53:69:6c:ee:
                    0d:c0:8e:82:09:b3:23:f7:97:fd:12:8f:30:83:3f:
                    da:4d:f0:46:d5:6c:3b:e0:19:7a:82:d6:7b:cb:a5:
                    97:fe:36:2e:45:2a:1a:49:54:4d:44:a5:65:88:fb:
                    6b:78:62:c5:24:16:08:41:a9:41:33:47:ad:b4:15:
                    93:41:3c:53:12:05:d8:40:7f:ef:fa:36:5a:eb:66:
                    7e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:0B:04:AE:BA:EB:91:98:F7:63:98:E6:6E:6C:57:15:7A:6A:50:E3
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/awsErrrrkZj3Y5jmbmxXFXpqUOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.100.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:0a:1c:b2:46:be:18:9d:2e:4e:73:3d:34:7d:3e:1b:f7:4d:
         bc:aa:48:82:57:1b:e6:fd:55:cb:9a:30:c7:29:32:88:5a:49:
         5e:c7:c1:70:7e:b6:53:fc:fe:06:2b:f2:1f:62:8c:64:7b:71:
         39:41:fa:4a:b4:fc:b6:99:62:e1:9a:6a:1f:5c:c6:2a:1f:a5:
         ce:92:ef:f6:98:d7:bd:5a:18:a8:67:77:09:87:a5:79:3b:42:
         c3:2c:b6:90:4b:c1:df:91:e6:76:07:ba:9f:2a:d0:a7:be:fe:
         a1:39:43:e2:62:64:7d:ea:17:f1:01:ae:92:5f:66:fa:8f:8a:
         b2:05:c0:b6:44:a3:b5:89:8c:ae:7d:84:64:96:39:da:99:1b:
         a7:6e:a6:14:91:4a:ba:a5:e6:55:2c:11:88:0e:16:d6:16:15:
         ad:20:df:f9:c4:6e:0f:a5:f3:60:96:00:78:2c:b3:4f:08:61:
         6c:f2:36:cf:e7:16:eb:be:7e:01:bb:1c:7e:66:c0:5c:26:36:
         a8:81:0e:14:db:c3:d5:35:db:5e:4a:e9:8e:d9:43:ba:d1:15:
         0e:8b:93:bb:80:da:a2:56:ea:a5:0d:75:65:38:37:d6:fa:d3:
         6d:96:a0:6f:a9:d7:6c:2a:cc:34:b6:45:8f:20:ad:8b:6c:fd:
         55:c3:01:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJiu/xTkp4tMu5F7gY0iwdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjIwODAzMDgwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBiMDRhZWJhZWI5MTk4Zjc2Mzk4ZTY2ZTZjNTcxNTdhNmE1MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0ebnJgraS5QozGhsAzCXUpYWU7w
ZHpWGuXkGGo6BglXnxTt9E2EKeT8+QabYyPD4wvZJrLmFuPeMHUZT4l5U7c3pfxI
pSNMc7VEHPEFOXKm8fAqkdlbbF5UPZXsZiCbFziUSoS5tgykshiGHkgEvTnzERPz
LkvpnJpN0JgcOV74Uu54ryPe4W/JHWNYahU6o6z+E027V+w2Ren8UoXL9SCllnnA
3iz7tCICibNYcFNpbO4NwI6CCbMj95f9Eo8wgz/aTfBG1Ww74Bl6gtZ7y6WX/jYu
RSoaSVRNRKVliPtreGLFJBYIQalBM0ettBWTQTxTEgXYQH/v+jZa62Z+xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsLBK6665GY92OY5m5sVxV6alDjMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvYXdzRXJycnJrWmozWTVqbWJteFhGWHBxVU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmTRMA0G
CSqGSIb3DQEBCwUAA4IBAQCBChyyRr4YnS5Ocz00fT4b9028qkiCVxvm/VXLmjDH
KTKIWklex8FwfrZT/P4GK/IfYoxke3E5QfpKtPy2mWLhmmofXMYqH6XOku/2mNe9
WhioZ3cJh6V5O0LDLLaQS8HfkeZ2B7qfKtCnvv6hOUPiYmR96hfxAa6SX2b6j4qy
BcC2RKO1iYyufYRkljnamRunbqYUkUq6peZVLBGIDhbWFhWtIN/5xG4PpfNglgB4
LLNPCGFs8jbP5xbrvn4Buxx+ZsBcJjaogQ4U28PVNdteSumO2UO60RUOi5O7gNqi
VuqlDXVlODfW+tNtlqBvqddsKsw0tkWPIK2LbP1VwwFD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:19 2024 by rpki-client on console-fra.rpki-client.org