Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/N0uhDTM2zBhQEhNqZk6CYSM3t30.roa
File:                     N0uhDTM2zBhQEhNqZk6CYSM3t30.roa (raw, json)
Hash identifier:          Fyzo9cbGfI2aC/hB/RhQCyxRyp0X17Sr0wnZqDYu9kU=
Subject key identifier:   37:4B:A1:0D:33:36:CC:18:50:12:13:6A:66:4E:82:61:23:37:B7:7D
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       01830803177661A1A17F3707A8FF9CB89518
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/N0uhDTM2zBhQEhNqZk6CYSM3t30.roa
Signing time:             Sun 04 Sep 2022 10:19:23 +0000
ROA not before:           Sun 04 Sep 2022 10:19:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212271
IP address blocks:        2a05:4140::/29 maxlen: 48
                          2a05:4143::/32 maxlen: 48
                          2a05:4140:187::/48 maxlen: 48
                          2a05:4140:400::/40 maxlen: 48
                          2a05:4140:100::/40 maxlen: 48
                          2a05:4140:300::/40 maxlen: 40
                          2a05:4140:10::/48 maxlen: 48
                          2a05:4140:190::/48 maxlen: 48
                          2a05:4140:16::/48 maxlen: 48
                          2a05:4140:4::/48 maxlen: 48
                          2a05:4144::/32 maxlen: 32
                          2a05:4140:5::/48 maxlen: 48
                          2a05:4140:8::/48 maxlen: 48
                          2a05:4140:3::/48 maxlen: 48
                          2a05:4140:9::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:08:03:17:76:61:a1:a1:7f:37:07:a8:ff:9c:b8:95:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Sep  4 10:19:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=374ba10d3336cc185012136a664e82612337b77d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:41:cf:2e:4f:da:1e:b4:a7:3a:02:5a:77:06:
                    21:11:cf:8c:f6:1a:15:dc:2f:10:dc:94:37:32:c4:
                    8f:f0:15:f1:a2:92:41:3f:df:08:3f:6a:dd:a9:d9:
                    21:94:2c:e3:47:0d:f4:b6:9e:53:cc:ef:84:f2:52:
                    c8:b6:ec:d0:5d:c6:40:e3:ae:73:eb:19:63:9d:05:
                    aa:98:24:da:af:51:d3:df:50:e7:98:d5:d9:16:da:
                    da:ec:f2:25:88:c9:13:e0:41:6d:aa:fb:43:c9:d9:
                    e5:84:89:57:a9:99:43:79:40:6a:32:5b:6b:d5:99:
                    12:d6:a5:55:a1:a5:ec:e5:7c:01:2e:c2:ba:5b:bc:
                    b2:8b:f0:1a:85:28:c0:66:f6:1b:35:bb:64:ec:a3:
                    47:6a:7e:ff:94:5d:ca:90:20:7e:ad:45:c5:92:b2:
                    ab:ce:3a:f6:cd:63:41:61:88:76:c7:b7:3d:48:6d:
                    a9:30:b1:ba:3f:9b:6c:9a:21:31:ed:34:35:c6:f4:
                    3d:7d:60:10:11:b9:9c:ac:d5:77:d3:c0:42:20:82:
                    72:9a:11:ca:77:2b:ac:06:86:62:3c:58:18:d7:e8:
                    21:1c:e7:88:44:90:02:0a:db:8a:31:25:a5:35:88:
                    70:82:db:c2:79:a1:bb:b6:14:43:50:92:a8:fd:bc:
                    d4:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4B:A1:0D:33:36:CC:18:50:12:13:6A:66:4E:82:61:23:37:B7:7D
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/N0uhDTM2zBhQEhNqZk6CYSM3t30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140::/29

    Signature Algorithm: sha256WithRSAEncryption
         24:a0:7f:50:29:38:d9:c5:f6:31:8f:40:df:d3:79:99:5d:e3:
         4a:c5:2f:d0:e9:20:c7:51:d0:0c:47:0a:e1:bd:de:d5:75:fe:
         7a:7c:a0:68:82:63:3b:c8:ce:7b:be:3d:d4:a4:c0:b6:fb:f6:
         81:29:1d:f6:1d:cf:0a:08:30:53:7c:d9:3f:5f:37:bd:7a:63:
         a6:92:46:7f:aa:93:8a:ae:d9:27:34:a7:c5:18:5c:05:d0:f2:
         ad:57:67:30:76:b4:50:cb:68:66:02:9d:1a:ca:1e:9d:10:61:
         48:30:b2:a8:9c:40:14:92:d0:77:fe:f9:e9:9c:29:8e:10:ea:
         c5:ae:8a:b0:34:c1:22:1e:2f:e1:45:41:f1:fc:c2:b9:5c:b7:
         b6:f4:2a:ef:8d:1e:9f:90:34:29:18:42:dd:62:59:aa:5f:c3:
         8d:c5:08:0c:80:5b:73:02:b9:38:e4:1a:f0:2d:d5:c2:f2:7e:
         dc:ff:bd:5e:90:f9:e5:8f:2c:0a:7f:8c:22:17:31:fd:82:87:
         99:44:c4:3e:13:63:36:14:a5:f3:eb:40:2f:ce:e5:4e:17:47:
         11:ac:ac:ff:9d:e2:9f:14:1f:6f:83:4e:fa:39:35:0e:e0:54:
         89:1c:49:9a:6f:74:5f:78:45:48:31:03:a2:91:60:02:1f:32:
         89:51:19:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMIAxd2YaGhfzcHqP+cuJUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjIwOTA0MTAxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzRiYTEwZDMzMzZjYzE4NTAxMjEzNmE2NjRlODI2MTIzMzdiNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUHPLk/aHrSnOgJadwYhEc+M9hoV
3C8Q3JQ3MsSP8BXxopJBP98IP2rdqdkhlCzjRw30tp5TzO+E8lLItuzQXcZA465z
6xljnQWqmCTar1HT31DnmNXZFtra7PIliMkT4EFtqvtDydnlhIlXqZlDeUBqMltr
1ZkS1qVVoaXs5XwBLsK6W7yyi/AahSjAZvYbNbtk7KNHan7/lF3KkCB+rUXFkrKr
zjr2zWNBYYh2x7c9SG2pMLG6P5tsmiEx7TQ1xvQ9fWAQEbmcrNV308BCIIJymhHK
dyusBoZiPFgY1+ghHOeIRJACCtuKMSWlNYhwgtvCeaG7thRDUJKo/bzUnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDdLoQ0zNswYUBITamZOgmEjN7d9MB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvTjB1aERUTTJ6QmhRRWhOcVprNkNZU00zdDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVBQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJKB/UCk42cX2MY9A39N5mV3jSsUv0Okgx1HQDEcK
4b3e1XX+enygaIJjO8jOe7491KTAtvv2gSkd9h3PCggwU3zZP183vXpjppJGf6qT
iq7ZJzSnxRhcBdDyrVdnMHa0UMtoZgKdGsoenRBhSDCyqJxAFJLQd/756ZwpjhDq
xa6KsDTBIh4v4UVB8fzCuVy3tvQq740en5A0KRhC3WJZql/DjcUIDIBbcwK5OOQa
8C3VwvJ+3P+9XpD55Y8sCn+MIhcx/YKHmUTEPhNjNhSl8+tAL87lThdHEays/53i
nxQfb4NO+jk1DuBUiRxJmm90X3hFSDEDopFgAh8yiVEZkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org