Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DU6ZycQgRwYMsOWH2F-MeyxDXe8.roa
File:                     DU6ZycQgRwYMsOWH2F-MeyxDXe8.roa (raw, json)
Hash identifier:          tIO29ly/t4d01J0mNv/jNfvd1589qFI5NUCZu7xsfac=
Subject key identifier:   0D:4E:99:C9:C4:20:47:06:0C:B0:E5:87:D8:5F:8C:7B:2C:43:5D:EF
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       0183080316C61FCE1BC33C5B4F7AF5E1C269
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DU6ZycQgRwYMsOWH2F-MeyxDXe8.roa
Signing time:             Sun 04 Sep 2022 10:19:23 +0000
ROA not before:           Sun 04 Sep 2022 10:19:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203323
IP address blocks:        2a05:4140:3f0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:08:03:16:c6:1f:ce:1b:c3:3c:5b:4f:7a:f5:e1:c2:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Sep  4 10:19:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0d4e99c9c42047060cb0e587d85f8c7b2c435def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:aa:b9:9c:d5:99:ed:b2:02:1e:43:73:34:66:
                    7f:0a:94:a1:b9:96:71:0c:e0:eb:d0:fd:6a:46:78:
                    1b:51:e0:6a:b5:d3:5a:20:ad:55:ed:64:18:7e:6c:
                    35:94:4e:70:cb:39:9f:0c:81:b4:e7:8d:09:22:e6:
                    5d:5a:cf:ab:88:b3:18:8a:38:1c:68:92:be:0d:a0:
                    ba:d2:16:ef:e4:1b:55:28:8e:58:da:7f:73:31:e3:
                    dc:bc:b3:6a:06:e2:5f:6e:36:25:43:b2:c2:63:fd:
                    21:4c:1b:ae:5b:66:e0:d4:8f:e9:0c:a4:67:6c:ac:
                    fa:2d:f4:e1:2d:9e:bd:9c:d6:a5:41:98:e0:96:23:
                    cc:a0:a4:3b:ce:06:c2:b7:be:e4:5f:bd:0e:46:26:
                    42:78:83:f7:b2:56:a9:dc:1c:f7:02:c2:cf:9f:ac:
                    b4:b0:5a:33:cb:d1:e4:46:11:b7:c5:be:18:f9:fb:
                    e7:e3:70:5d:fe:bf:06:fc:53:a4:2f:de:ed:9b:7e:
                    77:5c:87:f0:53:cc:d2:30:52:87:b7:a5:67:32:9d:
                    74:e4:17:78:c8:48:0c:29:58:d9:56:79:f5:61:bd:
                    35:db:32:c4:42:7d:71:06:be:0c:60:5f:b9:01:59:
                    41:94:07:95:e5:a3:08:c2:f1:3a:dc:e0:2d:3b:35:
                    d6:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4E:99:C9:C4:20:47:06:0C:B0:E5:87:D8:5F:8C:7B:2C:43:5D:EF
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DU6ZycQgRwYMsOWH2F-MeyxDXe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:3f0::/44

    Signature Algorithm: sha256WithRSAEncryption
         16:07:ef:14:a8:00:56:08:0b:d4:97:1e:19:a2:fe:36:16:c7:
         86:2b:df:8b:52:87:bd:66:07:ef:e0:9b:06:e4:55:e5:ac:c3:
         66:84:ac:b2:ae:ab:07:13:2d:05:eb:31:25:3a:df:d6:a7:1d:
         64:4b:fa:3b:a4:2f:e3:f4:5e:b1:3a:6e:e6:f6:df:2d:42:b1:
         1f:a2:8d:3b:51:80:9b:bd:34:3f:38:d2:38:7c:63:9d:f4:de:
         62:a0:7e:df:33:cc:bd:2c:cf:2d:99:42:8a:a0:4e:d9:dd:38:
         19:a4:e2:26:a9:05:37:2b:a8:af:77:44:96:7b:c1:40:f2:99:
         1f:82:84:f7:37:1b:36:71:b8:33:98:a0:4f:b0:3c:7c:97:cb:
         2d:0e:13:63:c0:dc:82:98:72:90:07:aa:65:ed:74:55:aa:89:
         90:eb:cc:8c:36:30:64:99:af:dd:9a:b6:64:4b:fc:ad:ab:be:
         f9:51:e9:95:27:2d:41:b1:11:b0:bd:d2:e2:64:5e:3d:2a:52:
         a4:b5:0f:81:cc:de:55:4e:2a:68:f3:7a:e0:ae:a9:50:c1:a4:
         93:72:f1:58:bc:b3:49:ee:1d:1b:0c:12:ad:6e:ab:d4:7c:81:
         11:05:92:83:ad:80:18:bf:ef:44:5f:13:48:ec:14:47:28:c1:
         00:ab:1f:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMIAxbGH84bwzxbT3r14cJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIwOTA0MTAxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRlOTljOWM0MjA0NzA2MGNiMGU1ODdkODVmOGM3YjJjNDM1ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKq5nNWZ7bICHkNzNGZ/CpShuZZx
DODr0P1qRngbUeBqtdNaIK1V7WQYfmw1lE5wyzmfDIG0540JIuZdWs+riLMYijgc
aJK+DaC60hbv5BtVKI5Y2n9zMePcvLNqBuJfbjYlQ7LCY/0hTBuuW2bg1I/pDKRn
bKz6LfThLZ69nNalQZjgliPMoKQ7zgbCt77kX70ORiZCeIP3slap3Bz3AsLPn6y0
sFozy9HkRhG3xb4Y+fvn43Bd/r8G/FOkL97tm353XIfwU8zSMFKHt6VnMp105Bd4
yEgMKVjZVnn1Yb012zLEQn1xBr4MYF+5AVlBlAeV5aMIwvE63OAtOzXWuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA1OmcnEIEcGDLDlh9hfjHssQ13vMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvRFU2WnljUWdSd1lNc09XSDJGLU1leXhEWGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgVBQAPw
MA0GCSqGSIb3DQEBCwUAA4IBAQAWB+8UqABWCAvUlx4Zov42FseGK9+LUoe9Zgfv
4JsG5FXlrMNmhKyyrqsHEy0F6zElOt/Wpx1kS/o7pC/j9F6xOm7m9t8tQrEfoo07
UYCbvTQ/ONI4fGOd9N5ioH7fM8y9LM8tmUKKoE7Z3TgZpOImqQU3K6ivd0SWe8FA
8pkfgoT3Nxs2cbgzmKBPsDx8l8stDhNjwNyCmHKQB6pl7XRVqomQ68yMNjBkma/d
mrZkS/ytq775UemVJy1BsRGwvdLiZF49KlKktQ+BzN5VTipo83rgrqlQwaSTcvFY
vLNJ7h0bDBKtbqvUfIERBZKDrYAYv+9EXxNI7BRHKMEAqx9Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:30 2024 by rpki-client on console-ams.rpki-client.org