Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/awiKfU6l8P0CkLjHds_vUurOjB4.roa
File:                     awiKfU6l8P0CkLjHds_vUurOjB4.roa (raw, json)
Hash identifier:          URvwmgkbc2xTq0eOvCpwy2tFojFH0bj4lUiX1N5dPkk=
Subject key identifier:   6B:08:8A:7D:4E:A5:F0:FD:02:90:B8:C7:76:CF:EF:52:EA:CE:8C:1E
Certificate issuer:       /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial:       2D2553E0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/awiKfU6l8P0CkLjHds_vUurOjB4.roa
Signing time:             Tue 15 Feb 2022 11:02:19 +0000
ROA not before:           Tue 15 Feb 2022 11:02:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203756
IP address blocks:        2001:1a68:53::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 757421024 (0x2d2553e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
        Validity
            Not Before: Feb 15 11:02:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b088a7d4ea5f0fd0290b8c776cfef52eace8c1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cc:ae:6f:ac:f7:66:5b:eb:52:c3:71:d9:98:
                    47:2a:42:19:29:f6:0b:5a:d9:cb:00:55:73:07:19:
                    a5:3f:dc:8f:72:f5:fc:9c:5c:ee:fa:47:e7:77:75:
                    1e:3f:c2:1b:00:ea:17:c6:2b:43:66:16:8f:76:0a:
                    01:49:2f:42:82:66:a1:ec:cd:ad:86:fa:ea:0c:25:
                    9f:97:56:d3:a0:c6:f2:62:d9:7e:f9:11:13:63:d6:
                    73:93:c0:f9:0e:5d:16:a6:ca:ce:53:f6:8b:b9:c3:
                    a8:19:f7:53:7e:77:cb:46:a9:04:a7:32:7a:a0:25:
                    65:84:13:be:b0:ac:4b:ee:68:5d:19:47:bc:3e:35:
                    e9:49:c0:ce:1d:d1:9f:a2:95:69:7e:41:a5:96:81:
                    23:5b:15:9f:38:02:cc:52:94:ab:d3:a8:55:3f:fc:
                    8f:bf:d8:5b:da:7d:9c:bc:df:67:ae:41:bb:f5:39:
                    8f:70:8e:3b:18:4e:c6:34:5b:77:44:43:2f:d4:e4:
                    ac:a5:81:07:88:9b:1b:f4:15:5b:02:b6:a0:f2:01:
                    e3:35:c6:37:0c:62:ca:44:2a:72:ef:78:b4:eb:c3:
                    89:f3:2d:87:b0:98:e1:15:2c:0b:74:ea:de:0e:e2:
                    6a:e2:a9:fe:ad:8b:e6:ee:d4:f0:b5:ad:be:a9:b0:
                    87:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:08:8A:7D:4E:A5:F0:FD:02:90:B8:C7:76:CF:EF:52:EA:CE:8C:1E
            X509v3 Authority Key Identifier:
                keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/awiKfU6l8P0CkLjHds_vUurOjB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:1a68:53::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:32:4d:b6:22:31:26:9c:e2:1d:f0:fe:16:e4:ef:a6:67:eb:
         d5:d2:fc:e8:c2:0e:09:da:b5:d2:8c:7e:89:63:31:5b:1f:d9:
         f0:3f:a9:fb:cf:82:ad:60:63:22:9c:a9:9c:b3:6b:67:cb:48:
         db:c6:3e:d2:39:a6:a9:78:bb:92:79:02:dc:54:a3:1a:1f:fe:
         af:73:31:e1:4f:23:8a:da:74:cd:c9:1a:d8:1a:76:28:f3:14:
         05:31:b6:8a:19:6c:47:c1:c5:79:d6:b3:fe:21:16:ec:df:f2:
         92:0d:9d:1e:66:f1:3a:ca:76:0f:e6:89:4c:52:30:13:ba:9f:
         f5:10:a3:9e:7d:03:ee:26:81:87:0f:42:18:0d:45:c3:ab:10:
         cf:bf:b4:1d:75:dc:91:1f:6a:ba:8b:a3:ab:b5:c6:cb:3c:2d:
         a7:c3:e7:9c:35:a2:c8:ac:ab:b9:7a:f4:d0:ae:84:7d:0b:fe:
         d3:ef:98:d8:7a:47:fe:36:15:de:a9:cc:a3:28:a1:4d:25:cf:
         62:12:9a:b1:f1:9a:f0:ad:c5:a8:4c:fa:03:f8:d2:26:63:64:
         88:8c:0c:52:65:2e:3c:e4:97:9b:c0:1e:4f:94:aa:fc:c1:8a:
         ef:2e:dd:21:9a:01:1c:99:44:0b:de:cb:4b:e3:4a:5c:75:a5:
         3b:53:de:bb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIELSVT4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDIx
NTExMDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIwODhhN2Q0ZWE1
ZjBmZDAyOTBiOGM3NzZjZmVmNTJlYWNlOGMxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXMrm+s92Zb61LDcdmYRypCGSn2C1rZywBVcwcZpT/cj3L1
/Jxc7vpH53d1Hj/CGwDqF8YrQ2YWj3YKAUkvQoJmoezNrYb66gwln5dW06DG8mLZ
fvkRE2PWc5PA+Q5dFqbKzlP2i7nDqBn3U353y0apBKcyeqAlZYQTvrCsS+5oXRlH
vD416UnAzh3Rn6KVaX5BpZaBI1sVnzgCzFKUq9OoVT/8j7/YW9p9nLzfZ65Bu/U5
j3COOxhOxjRbd0RDL9TkrKWBB4ibG/QVWwK2oPIB4zXGNwxiykQqcu94tOvDifMt
h7CY4RUsC3Tq3g7iauKp/q2L5u7U8LWtvqmwhykCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRrCIp9TqXw/QKQuMd2z+9S6s6MHjAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L2F3aUtmVTZsOFAwQ2tMakhkc192VXVyT2pCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABGmgAUzANBgkqhkiG9w0BAQsF
AAOCAQEAADJNtiIxJpziHfD+FuTvpmfr1dL86MIOCdq10ox+iWMxWx/Z8D+p+8+C
rWBjIpypnLNrZ8tI28Y+0jmmqXi7knkC3FSjGh/+r3Mx4U8jitp0zcka2Bp2KPMU
BTG2ihlsR8HFedaz/iEW7N/ykg2dHmbxOsp2D+aJTFIwE7qf9RCjnn0D7iaBhw9C
GA1Fw6sQz7+0HXXckR9quoujq7XGyzwtp8PnnDWiyKyruXr00K6EfQv+0++Y2HpH
/jYV3qnMoyihTSXPYhKasfGa8K3FqEz6A/jSJmNkiIwMUmUuPOSXm8AeT5Sq/MGK
7y7dIZoBHJlEC97LS+NKXHWlO1Peuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:52 2024 by rpki-client on console-ams.rpki-client.org