Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/F-2Jh8OZEle2kUI6REEddOt7pJs.roa
File:                     F-2Jh8OZEle2kUI6REEddOt7pJs.roa (raw, json)
Hash identifier:          MF4FmV2d+rJf9fjZYONhZqpCLTZ+IBPql89jr/6chZs=
Subject key identifier:   17:ED:89:87:C3:99:12:57:B6:91:42:3A:44:41:1D:74:EB:7B:A4:9B
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       01847C6D3A04B1C99CCD3839561A73F59399
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/F-2Jh8OZEle2kUI6REEddOt7pJs.roa
Signing time:             Tue 15 Nov 2022 17:54:03 +0000
ROA not before:           Tue 15 Nov 2022 17:54:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204729
IP address blocks:        2a05:4140:1220::/43 maxlen: 43

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7c:6d:3a:04:b1:c9:9c:cd:38:39:56:1a:73:f5:93:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Nov 15 17:54:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17ed8987c3991257b691423a44411d74eb7ba49b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a1:0e:c7:e9:5a:42:ed:b0:6a:0b:c6:53:53:
                    ee:d5:80:13:81:32:e4:b7:f4:df:5b:19:3f:2f:71:
                    14:72:f2:3c:6a:6e:5b:93:43:e7:2c:5b:ff:71:fd:
                    f9:97:e6:b9:89:63:2f:22:f9:33:ff:12:c9:b7:1f:
                    f5:07:01:47:10:ee:67:33:5c:55:00:8a:6c:6b:59:
                    07:0a:f4:f0:bb:83:53:3e:7f:9b:8b:16:bf:fe:4b:
                    74:b6:19:dd:b8:27:d8:0a:95:e8:a9:ae:18:53:26:
                    50:1f:21:a4:c0:69:e4:db:7d:a1:73:18:93:31:64:
                    8a:5e:c6:75:ee:67:78:db:9a:19:e7:b5:76:ba:5f:
                    7b:a9:8d:ec:a5:11:0c:f7:59:9b:8b:a5:b6:a7:80:
                    e1:4f:82:ff:ee:22:22:5e:db:9e:c4:f6:c3:52:c9:
                    a8:32:cd:f4:03:41:72:f7:6e:c8:1d:dc:38:8d:17:
                    c0:ce:5b:5e:27:f1:6f:bf:50:a2:f0:bb:88:cb:11:
                    d3:8e:66:30:46:1c:7e:0e:ed:b6:2c:30:86:e6:2b:
                    1d:3d:2c:03:15:ad:ae:fd:36:0e:05:44:a5:dd:cf:
                    35:8e:5c:8d:68:09:59:99:42:7a:80:cc:f9:ba:26:
                    9a:ff:e7:06:dd:41:29:06:4b:ac:27:2e:cb:0b:8e:
                    cb:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:ED:89:87:C3:99:12:57:B6:91:42:3A:44:41:1D:74:EB:7B:A4:9B
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/F-2Jh8OZEle2kUI6REEddOt7pJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:1220::/43

    Signature Algorithm: sha256WithRSAEncryption
         5b:ef:dc:a3:3c:7f:90:d1:d6:c4:ac:80:b8:13:86:f8:28:9f:
         88:24:1f:d2:22:65:bc:7d:e9:02:66:a6:2f:ea:ec:14:1a:a4:
         cb:6f:60:5c:8c:47:9d:98:ab:1b:b7:65:b8:10:c2:76:84:ba:
         6a:ab:b0:f2:38:2d:a7:af:d7:b4:09:5a:ef:db:e6:d2:8f:51:
         1d:6c:a5:f4:04:c9:55:20:ce:c0:2c:24:b7:90:de:ae:aa:3a:
         6a:39:ae:af:82:c3:69:2f:9a:a2:20:7c:c2:cc:f1:42:e6:f3:
         ec:e4:fa:53:af:2b:d4:12:09:9d:61:67:da:54:35:45:a3:d9:
         f3:ee:53:3c:36:56:6f:ec:ce:45:27:b7:63:82:bb:19:20:4d:
         34:a6:ef:79:2f:c7:47:70:6e:be:1b:db:6b:19:97:e8:a9:b3:
         ec:d2:d2:08:bb:0a:7a:8a:81:76:1e:b8:ef:cd:fc:f8:7c:7c:
         54:04:72:6e:65:28:63:7e:30:ad:75:5f:02:51:a5:d6:9c:49:
         3b:83:58:8f:26:7b:76:3c:24:f4:21:91:10:5f:a7:99:f6:f2:
         db:e5:5b:32:46:a1:81:a9:c6:94:68:44:08:e4:2c:86:62:dc:
         5e:b8:db:75:ce:1b:97:2a:cb:93:a8:0b:b3:49:04:b9:7e:7e:
         9b:79:b7:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYR8bToEscmczTg5Vhpz9ZOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIxMTE1MTc1NDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2VkODk4N2MzOTkxMjU3YjY5MTQyM2E0NDQxMWQ3NGViN2JhNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKEOx+laQu2wagvGU1Pu1YATgTLk
t/TfWxk/L3EUcvI8am5bk0PnLFv/cf35l+a5iWMvIvkz/xLJtx/1BwFHEO5nM1xV
AIpsa1kHCvTwu4NTPn+bixa//kt0thnduCfYCpXoqa4YUyZQHyGkwGnk232hcxiT
MWSKXsZ17md425oZ57V2ul97qY3spREM91mbi6W2p4DhT4L/7iIiXtuexPbDUsmo
Ms30A0Fy927IHdw4jRfAzlteJ/Fvv1Ci8LuIyxHTjmYwRhx+Du22LDCG5isdPSwD
Fa2u/TYOBUSl3c81jlyNaAlZmUJ6gMz5uiaa/+cG3UEpBkusJy7LC47LwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBftiYfDmRJXtpFCOkRBHXTre6SbMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvRi0ySmg4T1pFbGUya1VJNlJFRWRkT3Q3cEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKgVBQBIg
MA0GCSqGSIb3DQEBCwUAA4IBAQBb79yjPH+Q0dbErIC4E4b4KJ+IJB/SImW8fekC
ZqYv6uwUGqTLb2BcjEedmKsbt2W4EMJ2hLpqq7DyOC2nr9e0CVrv2+bSj1EdbKX0
BMlVIM7ALCS3kN6uqjpqOa6vgsNpL5qiIHzCzPFC5vPs5PpTryvUEgmdYWfaVDVF
o9nz7lM8NlZv7M5FJ7djgrsZIE00pu95L8dHcG6+G9trGZfoqbPs0tIIuwp6ioF2
Hrjvzfz4fHxUBHJuZShjfjCtdV8CUaXWnEk7g1iPJnt2PCT0IZEQX6eZ9vLb5Vsy
RqGBqcaUaEQI5CyGYtxeuNt1zhuXKsuTqAuzSQS5fn6bebf1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:30 2024 by rpki-client on console-ams.rpki-client.org