Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4a8b67-cc91-4e96-8060-82bcab16656f/1/Ip_MdqAs_thvosG9r7c_xbNY0ZA.roa
File:                     Ip_MdqAs_thvosG9r7c_xbNY0ZA.roa (raw, json)
Hash identifier:          jup1n1GdRPZC0vwHX9OxzI3H5PaWnVdMprNG95lDsy4=
Subject key identifier:   22:9F:CC:76:A0:2C:FE:D8:6F:A2:C1:BD:AF:B7:3F:C5:B3:58:D1:90
Certificate issuer:       /CN=9e76a07a335fb7a1ded63aacc51338adc8472670
Certificate serial:       01823B559E90D2F2E664E984B126B6A27F47
Authority key identifier: 9E:76:A0:7A:33:5F:B7:A1:DE:D6:3A:AC:C5:13:38:AD:C8:47:26:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nnagejNft6He1jqsxRM4rchHJnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/4a8b67-cc91-4e96-8060-82bcab16656f/1/Ip_MdqAs_thvosG9r7c_xbNY0ZA.roa
Signing time:             Tue 26 Jul 2022 16:27:23 +0000
ROA not before:           Tue 26 Jul 2022 16:27:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205414
IP address blocks:        2001:67c:2d20::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3b:55:9e:90:d2:f2:e6:64:e9:84:b1:26:b6:a2:7f:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e76a07a335fb7a1ded63aacc51338adc8472670
        Validity
            Not Before: Jul 26 16:27:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=229fcc76a02cfed86fa2c1bdafb73fc5b358d190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:db:b4:f7:a5:e6:35:69:8d:dd:50:ea:b3:1f:
                    1f:b6:ce:6e:bd:4f:dd:fc:37:d0:44:20:5f:86:9d:
                    f0:4e:39:a9:1d:b1:5f:42:a0:2f:9b:7b:3b:87:ae:
                    f5:0e:e6:34:ec:e6:0c:af:31:eb:a4:2e:2f:38:87:
                    c1:de:cb:42:dd:50:7e:0c:c6:6d:4a:0c:2e:ef:ab:
                    48:8b:9f:5a:64:d9:06:dc:97:2b:a0:ad:ee:e5:fd:
                    6c:3e:44:2e:6e:a1:d9:19:b2:1f:e1:01:90:bb:4f:
                    02:07:38:d4:34:a5:dd:e1:5d:8a:81:48:f6:80:28:
                    89:00:d1:48:a8:86:9b:68:13:fa:03:ad:0a:17:da:
                    d8:6d:a0:66:9c:5e:75:8b:27:2a:8e:f3:38:d0:e6:
                    c2:34:97:f3:2a:71:17:11:6c:c6:6c:19:1a:0c:c7:
                    ec:13:9d:7c:c5:fc:f4:40:8c:66:64:66:e8:0b:d0:
                    af:2b:81:81:73:d1:5b:1c:c3:72:b5:cf:4f:61:39:
                    55:11:b7:44:58:56:c6:4a:2c:90:52:f4:98:86:3d:
                    eb:9e:65:d6:19:5f:61:5f:a3:ed:f9:f8:6a:c3:a7:
                    45:2c:23:e6:1e:05:0a:ce:1a:f1:cf:59:2a:dc:2f:
                    00:0b:96:2f:25:dc:fe:f7:88:74:db:b1:46:4e:07:
                    f0:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:9F:CC:76:A0:2C:FE:D8:6F:A2:C1:BD:AF:B7:3F:C5:B3:58:D1:90
            X509v3 Authority Key Identifier:
                keyid:9E:76:A0:7A:33:5F:B7:A1:DE:D6:3A:AC:C5:13:38:AD:C8:47:26:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nnagejNft6He1jqsxRM4rchHJnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4a8b67-cc91-4e96-8060-82bcab16656f/1/Ip_MdqAs_thvosG9r7c_xbNY0ZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4a8b67-cc91-4e96-8060-82bcab16656f/1/nnagejNft6He1jqsxRM4rchHJnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2d20::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:fe:26:60:9a:a9:29:5b:f4:b2:c8:57:da:8a:91:c0:cc:5d:
         6e:d0:f0:9c:4a:f7:cd:55:cd:7f:80:c7:55:21:73:9d:e8:43:
         c2:95:ee:15:58:35:3c:8a:fe:8c:8b:d4:c1:0f:93:5a:d2:da:
         60:87:16:09:36:bc:48:d4:b3:f8:a0:6a:d9:c9:0a:b2:45:9e:
         9d:7c:76:a4:19:18:e2:81:ef:ad:11:0b:80:5b:46:dd:d4:73:
         89:af:aa:53:85:9e:61:89:60:21:3f:9e:fa:95:f1:b8:61:4d:
         84:0e:c5:c2:63:0e:6e:24:ea:65:a2:ed:b8:aa:dc:ff:b3:92:
         9a:f5:ec:32:4a:03:24:ca:5c:00:cc:48:78:1e:dc:9a:b7:91:
         00:d5:4b:73:0f:bc:94:e0:84:6c:3d:c7:cf:e4:13:bb:67:0c:
         2b:dc:5b:b3:4d:3f:90:c1:c6:b6:20:e9:66:9b:b8:57:39:66:
         6f:41:e1:67:e9:3c:b0:35:28:b9:39:ef:4d:70:ae:66:3c:13:
         a0:70:77:63:31:81:8d:6a:da:6e:a8:df:1c:52:dd:3f:a9:73:
         5d:b7:71:b4:3c:9e:a3:0f:4e:36:f6:d6:42:a5:cf:df:fe:c1:
         72:1a:b1:03:df:48:0a:1e:b9:bd:ae:c6:d3:72:5d:41:cc:ab:
         07:fc:53:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYI7VZ6Q0vLmZOmEsSa2on9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNzZhMDdhMzM1ZmI3YTFkZWQ2M2FhY2M1MTMzOGFkYzg0
NzI2NzAwHhcNMjIwNzI2MTYyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjlmY2M3NmEwMmNmZWQ4NmZhMmMxYmRhZmI3M2ZjNWIzNThkMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudu096XmNWmN3VDqsx8fts5uvU/d
/DfQRCBfhp3wTjmpHbFfQqAvm3s7h671DuY07OYMrzHrpC4vOIfB3stC3VB+DMZt
Sgwu76tIi59aZNkG3JcroK3u5f1sPkQubqHZGbIf4QGQu08CBzjUNKXd4V2KgUj2
gCiJANFIqIabaBP6A60KF9rYbaBmnF51iycqjvM40ObCNJfzKnEXEWzGbBkaDMfs
E518xfz0QIxmZGboC9CvK4GBc9FbHMNytc9PYTlVEbdEWFbGSiyQUvSYhj3rnmXW
GV9hX6Pt+fhqw6dFLCPmHgUKzhrxz1kq3C8AC5YvJdz+94h027FGTgfwHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCKfzHagLP7Yb6LBva+3P8WzWNGQMB8GA1UdIwQY
MBaAFJ52oHozX7eh3tY6rMUTOK3IRyZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm5hZ2VqTmZ0NkhlMWpxc3hSTTRyY2hISm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YThiNjctY2M5MS00ZTk2LTgwNjAt
ODJiY2FiMTY2NTZmLzEvSXBfTWRxQXNfdGh2b3NHOXI3Y194Yk5ZMFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YThiNjctY2M5MS00ZTk2LTgwNjAtODJiY2FiMTY2NTZm
LzEvbm5hZ2VqTmZ0NkhlMWpxc3hSTTRyY2hISm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0g
MA0GCSqGSIb3DQEBCwUAA4IBAQBg/iZgmqkpW/SyyFfaipHAzF1u0PCcSvfNVc1/
gMdVIXOd6EPCle4VWDU8iv6Mi9TBD5Na0tpghxYJNrxI1LP4oGrZyQqyRZ6dfHak
GRjige+tEQuAW0bd1HOJr6pThZ5hiWAhP576lfG4YU2EDsXCYw5uJOplou24qtz/
s5Ka9ewySgMkylwAzEh4Htyat5EA1UtzD7yU4IRsPcfP5BO7Zwwr3FuzTT+Qwca2
IOlmm7hXOWZvQeFn6TywNSi5Oe9NcK5mPBOgcHdjMYGNatpuqN8cUt0/qXNdt3G0
PJ6jD0429tZCpc/f/sFyGrED30gKHrm9rsbTcl1BzKsH/FNy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:33 2024 by rpki-client on console-fra.rpki-client.org