Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/bW9nZ4zkckzKh9KLycmvOLOOhh0.roa
File:                     bW9nZ4zkckzKh9KLycmvOLOOhh0.roa (raw, json)
Hash identifier:          RQMalybZ48hnxhu2zaZAK4rMK7j7RIB7EDanxoAZ9UM=
Subject key identifier:   6D:6F:67:67:8C:E4:72:4C:CA:87:D2:8B:C9:C9:AF:38:B3:8E:86:1D
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       025F9143
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/bW9nZ4zkckzKh9KLycmvOLOOhh0.roa
Signing time:             Sat 01 Jan 2022 11:01:44 +0000
ROA not before:           Sat 01 Jan 2022 11:01:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211772
IP address blocks:        2a05:4140:375::/48 maxlen: 48
                          2a05:4140:325::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39817539 (0x25f9143)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Jan  1 11:01:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d6f67678ce4724cca87d28bc9c9af38b38e861d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:aa:d6:32:fb:71:72:e8:f0:f3:e0:72:7e:b4:
                    e8:b9:67:c6:d0:b9:70:82:40:5b:40:90:82:ad:99:
                    9b:76:58:5d:83:c7:cd:b8:15:41:27:f7:79:02:98:
                    1e:9e:39:98:c7:d9:5f:f1:6b:49:98:e2:e8:ce:67:
                    ac:7c:d9:e5:dd:21:6e:f8:b8:ac:52:7e:16:f2:b9:
                    b9:c9:c6:ba:a3:b0:2c:c6:49:3d:b4:f9:83:61:12:
                    7c:73:75:49:83:d4:70:3a:a8:32:4f:f2:60:cb:78:
                    7d:c3:cf:3c:e6:d7:93:f8:f1:4c:36:e2:e1:d1:f9:
                    d0:9d:47:f0:4c:2c:cc:29:b2:7a:d1:9f:55:63:a5:
                    fb:19:5a:7f:a8:06:aa:2b:a0:fd:60:b6:ea:b9:ed:
                    d5:a9:b5:65:1a:27:38:76:fe:55:9b:2f:9c:38:19:
                    e6:84:a5:ff:5f:7a:f7:88:5a:5c:60:dc:4c:44:2f:
                    a2:c6:ff:aa:a4:14:c6:9c:bc:84:82:16:dc:8e:d0:
                    0d:d8:06:3a:60:07:18:61:5b:53:da:4f:93:2d:59:
                    46:db:67:0d:31:08:38:e7:8d:20:9c:4d:93:5a:a3:
                    1b:29:80:5f:3b:06:5a:01:f4:8a:26:26:63:58:f7:
                    4c:28:67:38:be:25:03:fd:64:10:ea:92:89:7b:b6:
                    57:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:6F:67:67:8C:E4:72:4C:CA:87:D2:8B:C9:C9:AF:38:B3:8E:86:1D
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/bW9nZ4zkckzKh9KLycmvOLOOhh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:325::/48
                  2a05:4140:375::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:18:df:0e:7b:ed:cc:ae:7e:37:b8:07:6d:03:7b:8f:8a:c7:
         dc:8d:0d:87:53:8a:81:b9:1b:c5:1c:84:9f:12:26:99:3a:78:
         2f:07:2a:be:d6:a9:1f:f6:7f:61:5f:6d:9d:bd:b7:29:e0:e7:
         c3:7c:cf:2e:40:2b:b4:66:b0:d6:e9:ca:ba:a6:08:ad:85:f1:
         d6:a7:d6:8d:01:3b:6b:e0:19:15:e8:43:6e:07:45:6d:11:bf:
         10:fd:2f:83:40:ec:31:3e:71:0e:d0:8a:ea:e3:50:bd:f2:81:
         05:eb:2c:e2:e0:7c:0e:00:7f:c7:d9:dd:db:41:9f:33:5e:e5:
         0e:e8:8d:b0:78:66:6c:52:70:36:ed:32:7c:66:19:ca:30:d0:
         10:36:be:18:d0:d9:e7:79:71:36:86:bf:a4:73:45:3f:90:48:
         be:e8:67:fa:7b:f4:0e:65:20:a4:cf:73:7d:ec:25:92:59:5d:
         ff:54:7c:1d:23:d6:fa:96:e8:93:2b:0e:72:49:7b:43:d3:14:
         df:e2:96:03:ca:0d:66:91:22:f1:5c:c3:be:c9:a9:46:44:da:
         e4:b7:a0:ab:ac:b5:13:1f:5c:2e:98:00:d0:54:d1:16:1e:28:
         66:45:d9:8c:d9:66:d1:0a:c5:5a:96:5f:17:c4:83:50:b7:8a:
         7c:d9:3c:2e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAl+RQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDEw
MTExMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ2ZjY3Njc4Y2U0
NzI0Y2NhODdkMjhiYzljOWFmMzhiMzhlODYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOq1jL7cXLo8PPgcn606LlnxtC5cIJAW0CQgq2Zm3ZYXYPH
zbgVQSf3eQKYHp45mMfZX/FrSZji6M5nrHzZ5d0hbvi4rFJ+FvK5ucnGuqOwLMZJ
PbT5g2ESfHN1SYPUcDqoMk/yYMt4fcPPPObXk/jxTDbi4dH50J1H8EwszCmyetGf
VWOl+xlaf6gGqiug/WC26rnt1am1ZRonOHb+VZsvnDgZ5oSl/19694haXGDcTEQv
osb/qqQUxpy8hIIW3I7QDdgGOmAHGGFbU9pPky1ZRttnDTEIOOeNIJxNk1qjGymA
XzsGWgH0iiYmY1j3TChnOL4lA/1kEOqSiXu2V9cCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRtb2dnjORyTMqH0ovJya84s46GHTAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
L2JXOW5aNHprY2t6S2g5S0x5Y212T0xPT2hoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoFQUADJQMHACoFQUADdTANBgkq
hkiG9w0BAQsFAAOCAQEAZBjfDnvtzK5+N7gHbQN7j4rH3I0Nh1OKgbkbxRyEnxIm
mTp4LwcqvtapH/Z/YV9tnb23KeDnw3zPLkArtGaw1unKuqYIrYXx1qfWjQE7a+AZ
FehDbgdFbRG/EP0vg0DsMT5xDtCK6uNQvfKBBess4uB8DgB/x9nd20GfM17lDuiN
sHhmbFJwNu0yfGYZyjDQEDa+GNDZ53lxNoa/pHNFP5BIvuhn+nv0DmUgpM9zfewl
klld/1R8HSPW+pbokysOckl7Q9MU3+KWA8oNZpEi8VzDvsmpRkTa5Legq6y1Ex9c
LpgA0FTRFh4oZkXZjNlm0QrFWpZfF8SDULeKfNk8Lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:30 2024 by rpki-client on console-ams.rpki-client.org