Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/VfnNIn1gNQq8Mp5PeZHEGjinmgY.roa
File:                     VfnNIn1gNQq8Mp5PeZHEGjinmgY.roa (raw, json)
Hash identifier:          FaXlXueVHrWBbSfGy3SxwbqBae/7oV9oYBLGk5amskA=
Subject key identifier:   55:F9:CD:22:7D:60:35:0A:BC:32:9E:4F:79:91:C4:1A:38:A7:9A:06
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       04C67602
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/VfnNIn1gNQq8Mp5PeZHEGjinmgY.roa
Signing time:             Mon 13 Jun 2022 11:58:14 +0000
ROA not before:           Mon 13 Jun 2022 11:58:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204916
IP address blocks:        2a10:2ec0::/29 maxlen: 36
                          2a0c:ab00::/29 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80115202 (0x4c67602)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jun 13 11:58:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=55f9cd227d60350abc329e4f7991c41a38a79a06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:93:71:87:60:f8:f0:4e:14:71:c0:c3:36:6a:
                    19:0a:8c:af:a3:58:7d:69:f4:45:84:e6:ba:da:ba:
                    8b:7d:db:8e:80:bd:da:d2:4a:02:e2:e4:3c:7c:5f:
                    00:ff:0c:53:e7:17:5d:a4:22:01:1a:f6:7c:d7:ec:
                    23:92:6c:90:38:80:e8:94:16:67:ab:62:db:8f:7e:
                    90:46:ec:14:2f:f4:3e:bb:81:8d:92:0a:18:77:81:
                    e7:5c:64:76:25:a5:33:59:a6:a8:1f:e8:74:75:ec:
                    89:b7:e3:12:e2:22:fc:c5:2a:2b:b5:c7:a5:7a:f6:
                    72:7e:02:e8:47:42:79:5c:2b:d8:75:e5:3f:1b:e9:
                    30:2c:ce:65:f1:5d:cd:bd:68:b2:7a:fd:17:c0:fe:
                    a8:0b:43:58:be:00:0d:86:a4:79:d4:64:b6:fc:43:
                    49:c3:15:38:36:61:4f:6d:6a:6f:a1:a8:08:be:c0:
                    10:17:e4:6b:b2:0c:19:98:0c:dd:5f:7e:3f:a2:7d:
                    60:e7:80:79:9a:5f:b6:d1:b6:9f:14:b4:58:6e:7a:
                    f1:06:27:f6:d3:2e:f1:35:81:e6:7b:c5:3b:cf:42:
                    33:16:da:79:a0:a0:85:d5:2c:f8:9d:b4:32:ec:95:
                    70:15:c7:e5:ae:86:7a:b8:4a:0f:cd:71:71:98:d2:
                    f6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F9:CD:22:7D:60:35:0A:BC:32:9E:4F:79:91:C4:1A:38:A7:9A:06
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/VfnNIn1gNQq8Mp5PeZHEGjinmgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:ab00::/29
                  2a10:2ec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         2f:a4:4e:36:92:87:d1:70:84:17:10:aa:36:e1:56:7e:d0:c9:
         13:94:f1:18:c3:7e:6c:1c:43:1c:44:35:98:b2:33:92:43:26:
         62:0e:09:60:17:47:df:7b:48:12:50:70:b8:6b:16:93:eb:23:
         97:51:1d:ec:b4:4a:b3:6a:a4:6b:56:c9:27:b8:7b:cf:2f:0e:
         8f:8e:cf:f5:d2:e3:f7:1b:36:f0:4d:b8:3a:31:7e:8e:bc:a2:
         bc:7c:de:e4:e8:8b:87:ce:ef:45:9b:f9:79:1f:4f:f2:e4:da:
         45:28:2e:30:c4:6a:b2:3a:a1:39:82:2e:c9:e4:da:e9:fe:7d:
         00:d1:55:6b:26:b8:98:1d:c3:c0:f4:34:4d:ec:cd:d7:7a:62:
         b3:84:a2:25:d0:c4:db:8e:7d:38:42:8b:1c:a8:05:d1:12:61:
         1c:2e:48:82:29:a2:d6:be:4f:86:00:eb:8b:79:3a:4d:43:88:
         65:8d:f4:7a:99:f6:d4:e9:36:4c:c9:52:d7:3d:1a:ef:d3:81:
         b8:1c:a2:09:9e:74:8d:b5:d7:fe:f3:68:de:d3:7e:20:b7:10:
         56:3b:7b:0f:90:ab:41:52:e0:98:ae:66:cd:2c:1d:c0:3c:3b:
         4c:bb:b2:12:2e:a3:57:0f:49:35:67:c3:d7:a6:52:26:9e:e5:
         be:b0:6a:7e
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBMZ2AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Zjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MB4XDTIyMDYx
MzExNTgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTVmOWNkMjI3ZDYw
MzUwYWJjMzI5ZTRmNzk5MWM0MWEzOGE3OWEwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImTcYdg+PBOFHHAwzZqGQqMr6NYfWn0RYTmutq6i33bjoC9
2tJKAuLkPHxfAP8MU+cXXaQiARr2fNfsI5JskDiA6JQWZ6ti249+kEbsFC/0PruB
jZIKGHeB51xkdiWlM1mmqB/odHXsibfjEuIi/MUqK7XHpXr2cn4C6EdCeVwr2HXl
PxvpMCzOZfFdzb1osnr9F8D+qAtDWL4ADYakedRktvxDScMVODZhT21qb6GoCL7A
EBfka7IMGZgM3V9+P6J9YOeAeZpfttG2nxS0WG568QYn9tMu8TWB5nvFO89CMxba
eaCghdUs+J20MuyVcBXH5a6GerhKD81xcZjS9sECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRV+c0ifWA1Crwynk95kcQaOKeaBjAfBgNVHSMEGDAWgBS/hBE1RdkAB2D2
YGKkIhkzoulZ2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8x
L1Zmbk5JbjFnTlFxOE1wNVBlWkhFR2ppbm1nWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFk
ZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoMqwADBQMqEC7AMA0GCSqGSIb3
DQEBCwUAA4IBAQAvpE42kofRcIQXEKo24VZ+0MkTlPEYw35sHEMcRDWYsjOSQyZi
DglgF0ffe0gSUHC4axaT6yOXUR3stEqzaqRrVsknuHvPLw6Pjs/10uP3GzbwTbg6
MX6OvKK8fN7k6IuHzu9Fm/l5H0/y5NpFKC4wxGqyOqE5gi7J5Nrp/n0A0VVrJriY
HcPA9DRN7M3XemKzhKIl0MTbjn04QoscqAXREmEcLkiCKaLWvk+GAOuLeTpNQ4hl
jfR6mfbU6TZMyVLXPRrv04G4HKIJnnSNtdf+82je034gtxBWO3sPkKtBUuCYrmbN
LB3APDtMu7ISLqNXD0k1Z8PXplImnuW+sGp+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org