Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/b6DKO308KDkW8AVd9yj6TemGIG8.roa
File:                     b6DKO308KDkW8AVd9yj6TemGIG8.roa (raw, json)
Hash identifier:          y6LolxP+ArXP2D92xECco689nxYI12EyeytslU1svOk=
Subject key identifier:   6F:A0:CA:3B:7D:3C:28:39:16:F0:05:5D:F7:28:FA:4D:E9:86:20:6F
Certificate issuer:       /CN=35a1b48587c430cf3d8bfd7598c595bda1c66874
Certificate serial:       010757FF
Authority key identifier: 35:A1:B4:85:87:C4:30:CF:3D:8B:FD:75:98:C5:95:BD:A1:C6:68:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaG0hYfEMM89i_11mMWVvaHGaHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/b6DKO308KDkW8AVd9yj6TemGIG8.roa
Signing time:             Sat 01 Jan 2022 06:58:01 +0000
ROA not before:           Sat 01 Jan 2022 06:58:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201504
IP address blocks:        80.73.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17258495 (0x10757ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a1b48587c430cf3d8bfd7598c595bda1c66874
        Validity
            Not Before: Jan  1 06:58:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fa0ca3b7d3c283916f0055df728fa4de986206f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:91:ae:ef:24:17:18:1a:fa:93:87:d5:36:01:
                    69:94:28:22:97:28:68:e9:f2:43:4a:8e:56:72:88:
                    d8:db:6e:0d:d8:3c:43:6d:b1:38:13:91:1e:0f:d8:
                    b5:72:f7:9f:2c:f0:0f:d4:ed:3e:b0:fc:05:80:82:
                    28:2c:43:54:22:a8:b7:ee:56:ba:2a:ca:9b:e0:b2:
                    ea:7d:72:0a:6b:63:9f:bc:3e:13:75:7c:2a:a2:42:
                    92:d1:e1:a9:64:99:40:54:71:49:0c:ea:11:d9:f4:
                    33:ac:69:b7:51:e2:29:c6:bf:6f:41:d8:0a:bf:ac:
                    d1:6c:aa:cf:98:4e:ed:cb:31:52:26:53:88:f5:e0:
                    90:50:70:fc:b2:bb:55:f9:f1:ec:d2:76:9e:2e:8d:
                    0e:06:e1:b4:5a:10:b9:d7:a2:a2:4a:da:34:bc:ea:
                    4b:f4:62:75:c2:2a:23:96:70:c5:36:6f:b2:99:37:
                    09:6b:b3:6b:cf:f7:f5:6d:f9:ca:1f:11:c7:87:2e:
                    21:a2:38:0d:21:e4:f4:49:8e:58:fb:72:6b:da:b7:
                    53:53:87:6e:dd:ee:c4:97:a6:69:8d:bf:02:90:f4:
                    fe:95:f0:b7:27:42:2f:e6:a2:bd:54:f9:94:c4:82:
                    29:9a:18:8b:95:08:f5:3a:4b:63:db:b3:7b:fd:01:
                    d7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:A0:CA:3B:7D:3C:28:39:16:F0:05:5D:F7:28:FA:4D:E9:86:20:6F
            X509v3 Authority Key Identifier:
                keyid:35:A1:B4:85:87:C4:30:CF:3D:8B:FD:75:98:C5:95:BD:A1:C6:68:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaG0hYfEMM89i_11mMWVvaHGaHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/b6DKO308KDkW8AVd9yj6TemGIG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/4f46c1-20b4-4249-881e-ffbc0a979b20/1/NaG0hYfEMM89i_11mMWVvaHGaHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.73.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:fe:47:4b:c3:85:eb:82:7e:7c:df:67:b6:bf:7c:bd:fc:7e:
         95:5a:32:be:04:86:5a:eb:ad:6c:c5:6f:c9:b1:e5:20:f4:2d:
         37:66:8f:3c:9a:a3:20:f3:d9:bb:aa:15:96:b3:36:4d:76:aa:
         0b:a8:83:c4:04:d8:c8:7d:13:46:92:76:12:28:ec:02:89:7c:
         73:59:08:94:33:68:e6:2a:5e:59:c2:7b:cf:08:9d:1b:85:5f:
         e4:36:6d:e2:ab:07:7f:c0:ef:46:e8:42:1d:98:e6:67:80:40:
         6f:e9:4f:f0:d9:d7:5b:c6:29:66:d2:33:ff:3f:0b:9d:96:5e:
         38:8a:1a:35:5a:01:e5:8a:07:f5:b8:47:29:35:6b:91:5a:f2:
         03:87:0a:3c:8b:1d:ba:cd:05:17:de:88:6b:7a:8c:52:96:38:
         4b:39:c4:34:6e:dd:06:aa:bf:48:ac:0d:7a:db:23:b3:bd:4e:
         88:1e:15:47:62:77:9d:37:73:0b:24:c8:e4:43:4a:c5:b1:44:
         d3:77:00:6c:3b:b8:db:1f:c5:45:23:a6:72:6d:e6:3c:3b:b4:
         ef:07:8c:04:0f:1b:81:c7:ed:77:bf:59:ca:64:2b:b0:a3:6d:
         ab:96:85:5d:1c:07:66:95:7f:3b:2e:58:51:64:79:85:23:f5:
         aa:fc:4f:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQdX/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NWExYjQ4NTg3YzQzMGNmM2Q4YmZkNzU5OGM1OTViZGExYzY2ODc0MB4XDTIyMDEw
MTA2NTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZhMGNhM2I3ZDNj
MjgzOTE2ZjAwNTVkZjcyOGZhNGRlOTg2MjA2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeRru8kFxga+pOH1TYBaZQoIpcoaOnyQ0qOVnKI2NtuDdg8
Q22xOBORHg/YtXL3nyzwD9TtPrD8BYCCKCxDVCKot+5WuirKm+Cy6n1yCmtjn7w+
E3V8KqJCktHhqWSZQFRxSQzqEdn0M6xpt1HiKca/b0HYCr+s0Wyqz5hO7csxUiZT
iPXgkFBw/LK7Vfnx7NJ2ni6NDgbhtFoQudeiokraNLzqS/RidcIqI5ZwxTZvspk3
CWuza8/39W35yh8Rx4cuIaI4DSHk9EmOWPtya9q3U1OHbt3uxJemaY2/ApD0/pXw
tydCL+aivVT5lMSCKZoYi5UI9TpLY9uze/0B16UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRvoMo7fTwoORbwBV33KPpN6YYgbzAfBgNVHSMEGDAWgBQ1obSFh8Qwzz2L
/XWYxZW9ocZodDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05hRzBoWWZFTU04OWlfMTFtTVdWdmFIR2FIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvNGY0NmMxLTIwYjQtNDI0OS04ODFlLWZmYmMwYTk3OWIyMC8x
L2I2REtPMzA4S0RrVzhBVmQ5eWo2VGVtR0lHOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
NGY0NmMxLTIwYjQtNDI0OS04ODFlLWZmYmMwYTk3OWIyMC8xL05hRzBoWWZFTU04
OWlfMTFtTVdWdmFIR2FIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBJ9TANBgkqhkiG9w0BAQsFAAOC
AQEAG/5HS8OF64J+fN9ntr98vfx+lVoyvgSGWuutbMVvybHlIPQtN2aPPJqjIPPZ
u6oVlrM2TXaqC6iDxATYyH0TRpJ2EijsAol8c1kIlDNo5ipeWcJ7zwidG4Vf5DZt
4qsHf8DvRuhCHZjmZ4BAb+lP8NnXW8YpZtIz/z8LnZZeOIoaNVoB5YoH9bhHKTVr
kVryA4cKPIsdus0FF96Ia3qMUpY4SznENG7dBqq/SKwNetsjs71OiB4VR2J3nTdz
CyTI5ENKxbFE03cAbDu42x/FRSOmcm3mPDu07weMBA8bgcftd79ZymQrsKNtq5aF
XRwHZpV/Oy5YUWR5hSP1qvxPRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org