Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/81YHXCfKrWyJthThFfZwxkegzYs.roa
File:                     81YHXCfKrWyJthThFfZwxkegzYs.roa (raw, json)
Hash identifier:          PiyKo2cIGmoQYkaNOOoGudeBk4NoybLdA1uhxwmQtGo=
Subject key identifier:   F3:56:07:5C:27:CA:AD:6C:89:B6:14:E1:15:F6:70:C6:47:A0:CD:8B
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       014701CD
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/81YHXCfKrWyJthThFfZwxkegzYs.roa
Signing time:             Sat 01 Jan 2022 01:00:17 +0000
ROA not before:           Sat 01 Jan 2022 01:00:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211364
IP address blocks:        2a0c:b641:170::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21430733 (0x14701cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  1 01:00:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f356075c27caad6c89b614e115f670c647a0cd8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:04:d4:9a:15:2c:dc:0d:c2:f4:e8:04:f6:ea:
                    44:7b:9f:75:e7:04:c9:5f:6e:c3:4b:a0:12:c8:4a:
                    16:3b:6b:5d:8a:83:6c:9c:e2:6e:76:78:bc:90:14:
                    de:95:bf:d5:92:f4:d7:3d:d5:ee:a4:a4:03:86:f1:
                    e7:82:e9:a5:4d:b9:b2:6e:3e:12:2e:61:c1:2d:9e:
                    5b:ad:96:6e:35:4e:9b:a0:3d:37:55:c7:01:1b:55:
                    f3:b8:2e:f2:0b:c9:e8:20:a9:c8:7d:af:99:ab:e4:
                    04:18:80:76:8a:11:4f:d8:a8:91:a8:5f:1f:d4:7d:
                    21:1c:fc:b9:9f:34:e4:ae:87:85:7e:70:26:ac:ae:
                    4c:ca:60:1a:44:4f:45:03:b2:84:bd:18:e3:d4:ac:
                    f0:5e:72:52:56:14:1f:0b:ad:c9:de:60:89:2e:80:
                    14:b4:e1:6a:da:f1:83:a1:a9:c7:d9:1e:60:dd:c4:
                    be:54:b0:83:60:bb:fe:f3:52:8d:0b:4e:02:66:e0:
                    8d:e0:29:28:bd:0b:d8:1d:c0:ce:a5:93:bf:f7:f5:
                    c4:24:da:13:57:45:3c:c7:bd:50:6f:4b:00:27:6c:
                    c0:53:09:a2:9c:17:af:0d:3e:a7:82:c5:87:ea:7c:
                    2e:ec:05:09:dd:8f:44:52:ca:f6:60:fd:18:3d:e1:
                    1c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:56:07:5C:27:CA:AD:6C:89:B6:14:E1:15:F6:70:C6:47:A0:CD:8B
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/81YHXCfKrWyJthThFfZwxkegzYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:170::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:06:47:d7:e6:88:64:e4:4c:11:da:6b:e7:26:d4:88:fd:59:
         c0:ce:75:f0:05:6e:f7:b5:21:eb:a9:e5:5b:4c:ab:7e:cc:c5:
         d7:bb:c7:b5:48:9d:f7:ec:37:e6:2b:10:60:48:8b:81:a2:23:
         4f:21:fa:c7:f3:fe:c8:4a:e0:9d:d5:bc:8b:45:b7:aa:2d:c8:
         b0:7e:5c:c2:ae:20:f9:c3:ba:1b:44:4c:a6:23:50:cf:0e:2d:
         44:c8:cb:0e:3b:5f:23:9b:09:2f:4e:7c:ea:74:93:f6:58:9b:
         29:0d:e6:4c:85:73:d5:99:f9:64:4c:fc:0c:a8:03:77:0a:62:
         43:94:93:97:37:01:86:f2:99:cf:12:bc:b2:ea:9c:b7:a6:9f:
         0f:33:d7:10:13:80:1a:b0:b7:8e:a4:fe:08:34:59:db:e4:86:
         39:ae:aa:57:c5:80:cf:b3:08:93:92:12:0a:02:09:06:dd:2e:
         ea:b4:76:ce:98:eb:af:1f:1b:e3:99:1a:c8:5c:b5:2f:bb:97:
         fc:91:1a:4d:c4:fe:01:71:90:6b:dc:40:7b:fc:8b:6e:fa:fc:
         d4:f4:44:0d:45:36:c3:e5:2d:8e:5e:45:46:3b:de:2d:e3:b4:
         12:1a:29:f1:b1:ea:33:62:ff:1a:f8:d8:ed:ce:17:b0:37:f5:
         c8:c2:6c:5b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAUcBzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM1NjA3NWMyN2Nh
YWQ2Yzg5YjYxNGUxMTVmNjcwYzY0N2EwY2Q4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQE1JoVLNwNwvToBPbqRHufdecEyV9uw0ugEshKFjtrXYqD
bJzibnZ4vJAU3pW/1ZL01z3V7qSkA4bx54LppU25sm4+Ei5hwS2eW62WbjVOm6A9
N1XHARtV87gu8gvJ6CCpyH2vmavkBBiAdooRT9iokahfH9R9IRz8uZ805K6HhX5w
JqyuTMpgGkRPRQOyhL0Y49Ss8F5yUlYUHwutyd5giS6AFLThatrxg6Gpx9keYN3E
vlSwg2C7/vNSjQtOAmbgjeApKL0L2B3AzqWTv/f1xCTaE1dFPMe9UG9LACdswFMJ
opwXrw0+p4LFh+p8LuwFCd2PRFLK9mD9GD3hHEsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTzVgdcJ8qtbIm2FOEV9nDGR6DNizAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzgxWUhYQ2ZLcld5SnRoVGhGZlp3eGtlZ3pZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEBcDANBgkqhkiG9w0BAQsF
AAOCAQEAagZH1+aIZORMEdpr5ybUiP1ZwM518AVu97Uh66nlW0yrfszF17vHtUid
9+w35isQYEiLgaIjTyH6x/P+yErgndW8i0W3qi3IsH5cwq4g+cO6G0RMpiNQzw4t
RMjLDjtfI5sJL0586nST9libKQ3mTIVz1Zn5ZEz8DKgDdwpiQ5STlzcBhvKZzxK8
suqct6afDzPXEBOAGrC3jqT+CDRZ2+SGOa6qV8WAz7MIk5ISCgIJBt0u6rR2zpjr
rx8b45kayFy1L7uX/JEaTcT+AXGQa9xAe/yLbvr81PREDUU2w+Utjl5FRjveLeO0
Ehop8bHqM2L/GvjY7c4XsDf1yMJsWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org