Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b4515e-8641-45b0-b75f-096921c91c41/1/Ua9FtLCujAkZHJD_WcSmaxJ_z4g.roa
File:                     Ua9FtLCujAkZHJD_WcSmaxJ_z4g.roa (raw, json)
Hash identifier:          VA4zdr2EtJT2hC2//bi/NPhvkXGyxgfr6ZgARATipy4=
Subject key identifier:   51:AF:45:B4:B0:AE:8C:09:19:1C:90:FF:59:C4:A6:6B:12:7F:CF:88
Certificate issuer:       /CN=defc2686c29abef18f40b30e7e9513247a66ef13
Certificate serial:       063A7C93
Authority key identifier: DE:FC:26:86:C2:9A:BE:F1:8F:40:B3:0E:7E:95:13:24:7A:66:EF:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3vwmhsKavvGPQLMOfpUTJHpm7xM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/b4515e-8641-45b0-b75f-096921c91c41/1/Ua9FtLCujAkZHJD_WcSmaxJ_z4g.roa
Signing time:             Sat 01 Jan 2022 00:53:09 +0000
ROA not before:           Sat 01 Jan 2022 00:53:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207782
IP address blocks:        212.6.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104496275 (0x63a7c93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=defc2686c29abef18f40b30e7e9513247a66ef13
        Validity
            Not Before: Jan  1 00:53:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51af45b4b0ae8c09191c90ff59c4a66b127fcf88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b6:e0:42:e4:71:67:07:c5:9d:5e:ed:49:1e:
                    d2:4b:14:81:87:51:ef:a7:02:b6:4e:ae:21:30:60:
                    0d:5a:79:66:95:8d:34:f8:3c:25:3a:37:57:6b:38:
                    13:54:2b:74:95:bf:95:a6:9d:28:df:99:e9:cf:19:
                    92:60:46:3a:40:07:c1:cc:82:40:41:a2:e3:09:c9:
                    69:0a:3a:b7:76:d6:97:ad:d5:54:61:6f:9b:bb:4f:
                    4b:a7:0f:dc:e2:23:b2:c9:fc:c4:37:bc:b2:68:c6:
                    ec:6a:2f:d7:d5:0e:a8:b7:e2:55:c1:ec:91:cc:c3:
                    f1:09:c6:4d:03:5c:5c:2d:71:0d:83:2b:f9:68:8d:
                    c2:45:f9:e2:08:5a:bc:85:2f:a2:98:bb:dc:a1:75:
                    b5:49:a8:7a:35:11:c4:e4:38:2b:8f:19:89:52:77:
                    ac:09:b3:c3:b7:8f:23:b3:c5:dd:9d:f6:75:a5:15:
                    f4:34:b4:a5:6e:ec:e4:8b:9f:cc:52:de:f9:c7:15:
                    cd:60:f7:81:87:54:53:b8:7b:53:ca:14:d8:92:47:
                    37:5f:36:4f:0f:94:ef:21:42:1a:50:fb:59:86:5c:
                    8a:6f:a1:e3:9e:c6:58:8e:c8:a7:7b:66:9b:cf:a4:
                    79:c5:05:26:25:a8:58:17:ca:33:2b:b8:83:36:2e:
                    95:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AF:45:B4:B0:AE:8C:09:19:1C:90:FF:59:C4:A6:6B:12:7F:CF:88
            X509v3 Authority Key Identifier:
                keyid:DE:FC:26:86:C2:9A:BE:F1:8F:40:B3:0E:7E:95:13:24:7A:66:EF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3vwmhsKavvGPQLMOfpUTJHpm7xM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b4515e-8641-45b0-b75f-096921c91c41/1/Ua9FtLCujAkZHJD_WcSmaxJ_z4g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b4515e-8641-45b0-b75f-096921c91c41/1/3vwmhsKavvGPQLMOfpUTJHpm7xM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.6.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:28:2e:0e:c7:54:02:3c:de:3a:4a:66:36:ad:95:c8:24:70:
         fd:41:e2:bd:7c:44:ef:84:d0:ac:28:f2:4d:1e:48:8d:ad:dc:
         0f:80:64:91:a4:b7:90:a1:63:8f:85:b9:31:84:96:59:66:7d:
         ba:37:8c:21:d7:50:33:5a:1f:47:c4:26:d1:b5:bb:9b:44:d6:
         08:74:3c:44:97:d1:60:f7:db:d9:5e:9b:fa:a1:a2:42:3c:c5:
         80:3a:7f:af:8e:d7:70:f0:78:7c:fc:62:b5:df:ca:aa:7a:46:
         34:23:4a:14:2d:e3:6e:18:1f:14:68:db:6d:f0:6f:38:0b:e6:
         0c:8e:fb:70:77:33:73:37:76:7f:54:e3:7c:5e:3d:f5:38:db:
         c2:1b:fd:ff:20:33:ec:97:b1:a5:e8:f1:28:c1:05:72:61:0a:
         e6:f9:a5:05:5f:4b:55:66:44:5d:77:0a:9f:3a:12:4c:f4:97:
         59:f5:ac:84:4b:37:d8:90:30:7d:dd:15:66:9d:ef:ee:40:97:
         db:d2:8d:06:73:18:06:2f:7e:f5:9d:f0:aa:c1:4f:57:e9:6e:
         ef:92:62:1f:51:74:41:3c:bf:a3:89:d7:20:df:1d:1c:44:1a:
         c1:29:8f:3a:64:2b:0d:53:bd:a5:11:0e:ec:20:ae:11:42:f3:
         1d:0e:f1:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBjp8kzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZWZjMjY4NmMyOWFiZWYxOGY0MGIzMGU3ZTk1MTMyNDdhNjZlZjEzMB4XDTIyMDEw
MTAwNTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFhZjQ1YjRiMGFl
OGMwOTE5MWM5MGZmNTljNGE2NmIxMjdmY2Y4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMq24ELkcWcHxZ1e7Uke0ksUgYdR76cCtk6uITBgDVp5ZpWN
NPg8JTo3V2s4E1QrdJW/laadKN+Z6c8ZkmBGOkAHwcyCQEGi4wnJaQo6t3bWl63V
VGFvm7tPS6cP3OIjssn8xDe8smjG7Gov19UOqLfiVcHskczD8QnGTQNcXC1xDYMr
+WiNwkX54ghavIUvopi73KF1tUmoejURxOQ4K48ZiVJ3rAmzw7ePI7PF3Z32daUV
9DS0pW7s5IufzFLe+ccVzWD3gYdUU7h7U8oU2JJHN182Tw+U7yFCGlD7WYZcim+h
457GWI7Ip3tmm8+kecUFJiWoWBfKMyu4gzYuldECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRRr0W0sK6MCRkckP9ZxKZrEn/PiDAfBgNVHSMEGDAWgBTe/CaGwpq+8Y9A
sw5+lRMkembvEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN2d21oc0thdnZHUFFMTU9mcFVUSkhwbTd4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYjQ1MTVlLTg2NDEtNDViMC1iNzVmLTA5NjkyMWM5MWM0MS8x
L1VhOUZ0TEN1akFrWkhKRF9XY1NtYXhKX3o0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YjQ1MTVlLTg2NDEtNDViMC1iNzVmLTA5NjkyMWM5MWM0MS8xLzN2d21oc0thdnZH
UFFMTU9mcFVUSkhwbTd4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQGITANBgkqhkiG9w0BAQsFAAOC
AQEANyguDsdUAjzeOkpmNq2VyCRw/UHivXxE74TQrCjyTR5Ija3cD4BkkaS3kKFj
j4W5MYSWWWZ9ujeMIddQM1ofR8Qm0bW7m0TWCHQ8RJfRYPfb2V6b+qGiQjzFgDp/
r47XcPB4fPxitd/KqnpGNCNKFC3jbhgfFGjbbfBvOAvmDI77cHczczd2f1TjfF49
9Tjbwhv9/yAz7JexpejxKMEFcmEK5vmlBV9LVWZEXXcKnzoSTPSXWfWshEs32JAw
fd0VZp3v7kCX29KNBnMYBi9+9Z3wqsFPV+lu75JiH1F0QTy/o4nXIN8dHEQawSmP
OmQrDVO9pREO7CCuEULzHQ7xDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:24 2024 by rpki-client on console-ams.rpki-client.org