Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/6TZQzMbO9Dg4QLIndbhIw23fK5E.roa
File:                     6TZQzMbO9Dg4QLIndbhIw23fK5E.roa (raw, json)
Hash identifier:          ThbYr1qJTtXiGWhpnYFrssUSBWemnobkfEXx7lFh5UU=
Subject key identifier:   E9:36:50:CC:C6:CE:F4:38:38:40:B2:27:75:B8:48:C3:6D:DF:2B:91
Certificate issuer:       /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial:       36908546
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/6TZQzMbO9Dg4QLIndbhIw23fK5E.roa
Signing time:             Sat 01 Jan 2022 01:01:04 +0000
ROA not before:           Sat 01 Jan 2022 01:01:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12670
IP address blocks:        80.231.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 915440966 (0x36908546)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
        Validity
            Not Before: Jan  1 01:01:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e93650ccc6cef4383840b22775b848c36ddf2b91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c2:a8:63:5a:2c:d2:f3:20:49:94:5e:d8:1f:
                    a1:fc:6f:1a:28:4e:2d:f7:30:37:b0:d5:10:7d:7e:
                    e2:2e:1f:39:60:7e:8e:a4:48:00:d6:0a:23:92:64:
                    24:02:84:8d:2b:c7:1d:72:24:85:9e:76:45:90:0f:
                    48:10:a3:b4:a1:d6:c2:d9:b2:82:f2:d4:00:41:b4:
                    d9:e3:ac:09:58:94:b1:d9:f5:75:fb:36:5a:70:23:
                    e3:81:7f:6f:a5:3a:49:6d:51:7a:32:d9:34:43:16:
                    65:ee:8b:f3:3c:24:19:e8:f6:c4:04:5d:74:1f:2c:
                    61:52:c8:0a:e6:e0:79:23:d5:d3:0c:68:68:29:1c:
                    3e:8e:bd:50:3b:bb:5a:d5:c6:89:5d:80:71:f9:9b:
                    ec:ef:53:13:f7:92:1b:4d:bb:2f:b7:a9:da:db:ea:
                    1e:db:59:65:fe:09:90:61:05:4c:9e:5e:55:71:7c:
                    9c:6f:f7:98:b2:60:07:6e:d3:3c:8d:7e:cc:4a:92:
                    32:21:55:79:06:91:cf:c5:b1:90:c7:f8:00:21:67:
                    de:d4:cd:15:44:00:80:0f:ad:f2:62:87:89:a5:a7:
                    fa:7c:fc:2b:1a:0f:b6:77:d9:09:01:e7:52:31:39:
                    08:fe:16:34:4a:89:18:fb:26:a8:30:14:30:42:3f:
                    23:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:36:50:CC:C6:CE:F4:38:38:40:B2:27:75:B8:48:C3:6D:DF:2B:91
            X509v3 Authority Key Identifier:
                keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/6TZQzMbO9Dg4QLIndbhIw23fK5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.231.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         eb:1b:d2:ff:97:e8:2a:8b:c9:26:0e:47:5f:27:47:ee:ed:99:
         47:5c:5c:4c:ec:fd:0c:f1:bc:42:aa:6b:10:0a:b3:5e:75:92:
         cd:bc:bb:8f:ce:72:54:71:20:c6:f0:d8:a3:15:85:8b:e2:62:
         07:3b:34:a6:96:0f:e6:1e:98:09:f4:de:36:45:36:8d:13:97:
         73:b3:72:96:ba:74:b1:ca:7a:ac:2a:64:28:ad:16:ab:d3:31:
         fd:52:49:b3:1e:da:0e:dc:7e:09:e3:39:e4:c6:67:8a:27:3d:
         d7:15:e1:bf:b2:4e:ba:60:74:f8:2c:cc:4f:ba:1e:7a:05:26:
         d6:c6:a0:7b:41:61:c5:fb:84:ea:d8:a5:85:71:c7:94:79:68:
         cb:73:e2:b2:5e:d1:89:2f:d1:a7:93:a0:ca:3c:f8:b9:b4:32:
         42:0b:b9:db:fb:c1:34:7c:28:27:48:11:64:31:56:4d:40:a5:
         14:62:73:55:c2:4c:30:a1:3c:2d:26:a6:6a:af:a6:17:6e:f9:
         f9:95:6a:01:d3:c8:88:0b:b0:fd:2a:ce:fc:5a:43:12:6e:64:
         c2:7c:db:bf:e3:51:f9:4c:46:93:a1:dc:95:5c:5a:2b:36:a7:
         55:eb:95:97:56:9b:eb:87:40:40:c9:2d:63:84:63:08:c8:58:
         13:0e:23:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENpCFRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQxYjI1ODc0OTBhZDA2MWNiMjA3MTc2YmRlZWM4MWE1MzE1ODhjMB4XDTIyMDEw
MTAxMDEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTkzNjUwY2NjNmNl
ZjQzODM4NDBiMjI3NzViODQ4YzM2ZGRmMmI5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHCqGNaLNLzIEmUXtgfofxvGihOLfcwN7DVEH1+4i4fOWB+
jqRIANYKI5JkJAKEjSvHHXIkhZ52RZAPSBCjtKHWwtmygvLUAEG02eOsCViUsdn1
dfs2WnAj44F/b6U6SW1RejLZNEMWZe6L8zwkGej2xARddB8sYVLICubgeSPV0wxo
aCkcPo69UDu7WtXGiV2Acfmb7O9TE/eSG027L7ep2tvqHttZZf4JkGEFTJ5eVXF8
nG/3mLJgB27TPI1+zEqSMiFVeQaRz8WxkMf4ACFn3tTNFUQAgA+t8mKHiaWn+nz8
KxoPtnfZCQHnUjE5CP4WNEqJGPsmqDAUMEI/I+ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTpNlDMxs70ODhAsid1uEjDbd8rkTAfBgNVHSMEGDAWgBRN0bJYdJCtBhyy
Bxdr3uyBpTFYjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkR3lXSFNRclFZY3NnY1hhOTdzZ2FVeFdJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8x
LzZUWlF6TWJPOURnNFFMSW5kYmhJdzIzZks1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MDFkMmFmLTFmMjEtNGI4MC1iNjY1LWRiNDYzYzVmYjBiNC8xL1RkR3lXSFNRclFZ
Y3NnY1hhOTdzZ2FVeFdJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFDnCTANBgkqhkiG9w0BAQsFAAOC
AQEA6xvS/5foKovJJg5HXydH7u2ZR1xcTOz9DPG8QqprEAqzXnWSzby7j85yVHEg
xvDYoxWFi+JiBzs0ppYP5h6YCfTeNkU2jROXc7Nylrp0scp6rCpkKK0Wq9Mx/VJJ
sx7aDtx+CeM55MZniic91xXhv7JOumB0+CzMT7oeegUm1sage0FhxfuE6tilhXHH
lHloy3Pisl7RiS/Rp5Ogyjz4ubQyQgu52/vBNHwoJ0gRZDFWTUClFGJzVcJMMKE8
LSamaq+mF275+ZVqAdPIiAuw/SrO/FpDEm5kwnzbv+NR+UxGk6HclVxaKzanVeuV
l1ab64dAQMktY4RjCMhYEw4j/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:30 2024 by rpki-client on console-fra.rpki-client.org