Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/0moaxBr-egsSg9F9OEaO-veyL3Y.roa
File:                     0moaxBr-egsSg9F9OEaO-veyL3Y.roa (raw, json)
Hash identifier:          Tyz4LJlzZ+eS1k2j2a0HokwILUBUes27TAbQQ8Dff94=
Subject key identifier:   D2:6A:1A:C4:1A:FE:7A:0B:12:83:D1:7D:38:46:8E:FA:F7:B2:2F:76
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01856CE5DED6A2464DCBFD649A8282C171D2
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/0moaxBr-egsSg9F9OEaO-veyL3Y.roa
Signing time:             Sun 01 Jan 2023 10:34:42 +0000
ROA not before:           Sun 01 Jan 2023 10:34:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210864
IP address blocks:        2a10:4646:a0::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e5:de:d6:a2:46:4d:cb:fd:64:9a:82:82:c1:71:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Jan  1 10:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d26a1ac41afe7a0b1283d17d38468efaf7b22f76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:52:8f:21:61:3a:f8:65:eb:d3:0f:fc:f4:11:
                    d4:19:ca:69:3b:a8:4f:a9:67:68:4d:a5:c5:82:3d:
                    07:03:f5:9d:a8:7c:5a:99:d7:a8:82:ac:d7:71:d1:
                    ab:72:e3:1b:63:33:48:ff:cb:d6:36:c6:e2:e1:11:
                    c4:87:e9:a2:d7:ed:cc:5d:b9:16:91:e7:60:8c:63:
                    fc:ed:d1:19:54:25:f8:f7:9c:b8:54:f5:d5:b1:70:
                    e8:47:c5:09:f4:ab:53:11:98:af:ae:a1:80:8e:8a:
                    28:bb:fe:af:a7:b1:e2:cf:df:7f:ec:56:66:62:07:
                    be:43:2b:57:e3:b0:eb:92:fd:67:8e:f3:96:61:02:
                    0a:a3:ad:87:bc:f9:2b:75:a2:c9:46:c7:c0:08:89:
                    13:33:91:90:38:9b:af:01:c6:40:3f:cd:c9:e1:ca:
                    34:dd:36:74:af:c3:2e:ef:59:15:e3:6b:14:7a:f8:
                    22:ce:85:fb:9e:17:a5:9e:1c:97:5f:13:a1:dd:e2:
                    aa:67:1d:ec:8c:e4:97:67:df:fa:ba:5c:0e:68:3e:
                    0b:53:a7:0a:50:83:1c:97:b4:04:9e:d3:41:95:27:
                    13:4c:3c:2f:64:39:f6:2a:c4:b0:0f:a6:e0:17:ae:
                    b4:5a:34:a6:36:a9:4b:c5:8a:a1:06:a9:23:44:17:
                    90:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:6A:1A:C4:1A:FE:7A:0B:12:83:D1:7D:38:46:8E:FA:F7:B2:2F:76
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/0moaxBr-egsSg9F9OEaO-veyL3Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:e7:54:5f:df:1e:6f:4c:05:5d:e2:56:45:04:4f:cb:40:ae:
         3a:7f:e3:c9:fe:b6:b4:af:a4:12:d6:73:ca:6c:69:62:46:42:
         3b:09:bc:cd:dc:18:4c:2b:2f:9f:4f:b6:9f:b2:f8:f4:b5:8d:
         52:ff:02:10:02:ae:35:89:c0:6e:31:c3:fa:1f:9b:9c:1f:50:
         ed:8c:fd:f2:49:0b:f6:e3:b8:ad:e1:74:f6:6b:a4:c3:2f:fb:
         7f:cc:16:13:c2:89:a6:6c:89:ba:49:15:9f:a9:b7:dc:c2:8a:
         ee:02:d5:f2:73:fe:3a:c7:c6:84:62:68:3a:ca:70:9f:cd:bb:
         3c:64:ea:c2:cc:b4:fc:d1:90:21:a0:8e:5e:b3:12:0d:88:7e:
         61:52:e9:1c:8b:47:48:f3:2d:30:21:bf:3b:85:bb:88:09:a2:
         4a:41:91:08:7c:77:f4:d4:38:41:cc:d3:6b:8e:87:a8:ea:3a:
         fc:4a:54:f2:25:37:e8:70:c9:51:8f:26:08:1b:c3:32:30:6a:
         0a:18:90:aa:b1:c9:a3:8b:9d:f2:1f:d3:ac:62:a0:db:b6:2e:
         58:58:26:df:35:c5:71:80:f0:a3:62:b2:2f:ea:4e:50:03:1c:
         5d:fd:6b:32:a0:68:88:70:85:39:f5:a5:e4:f0:8f:52:52:16:
         7c:87:f2:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs5d7WokZNy/1kmoKCwXHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMTAxMTAzNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZhMWFjNDFhZmU3YTBiMTI4M2QxN2QzODQ2OGVmYWY3YjIyZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVKPIWE6+GXr0w/89BHUGcppO6hP
qWdoTaXFgj0HA/WdqHxamdeogqzXcdGrcuMbYzNI/8vWNsbi4RHEh+mi1+3MXbkW
kedgjGP87dEZVCX495y4VPXVsXDoR8UJ9KtTEZivrqGAjooou/6vp7Hiz99/7FZm
Yge+QytX47Drkv1njvOWYQIKo62HvPkrdaLJRsfACIkTM5GQOJuvAcZAP83J4co0
3TZ0r8Mu71kV42sUevgizoX7nhelnhyXXxOh3eKqZx3sjOSXZ9/6ulwOaD4LU6cK
UIMcl7QEntNBlScTTDwvZDn2KsSwD6bgF660WjSmNqlLxYqhBqkjRBeQAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNJqGsQa/noLEoPRfThGjvr3si92MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvMG1vYXhCci1lZ3NTZzlGOU9FYU8tdmV5TDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBq51Rf3x5vTAVd4lZFBE/LQK46f+PJ/ra0r6QS
1nPKbGliRkI7CbzN3BhMKy+fT7afsvj0tY1S/wIQAq41icBuMcP6H5ucH1DtjP3y
SQv247it4XT2a6TDL/t/zBYTwommbIm6SRWfqbfcworuAtXyc/46x8aEYmg6ynCf
zbs8ZOrCzLT80ZAhoI5esxINiH5hUukci0dI8y0wIb87hbuICaJKQZEIfHf01DhB
zNNrjoeo6jr8SlTyJTfocMlRjyYIG8MyMGoKGJCqscmji53yH9OsYqDbti5YWCbf
NcVxgPCjYrIv6k5QAxxd/WsyoGiIcIU59aXk8I9SUhZ8h/J6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org