Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/K934VQlXzYfsZS_7sWSJ5AYq3TY.roa
File:                     K934VQlXzYfsZS_7sWSJ5AYq3TY.roa (raw, json)
Hash identifier:          fy/uMefmi6PQyrT4yzS+RfENp+ODBepV+0BW6B5ZrvQ=
Subject key identifier:   2B:DD:F8:55:09:57:CD:87:EC:65:2F:FB:B1:64:89:E4:06:2A:DD:36
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       01842458842011FDE5B77844FCFC68FEB894
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/K934VQlXzYfsZS_7sWSJ5AYq3TY.roa
Signing time:             Sat 29 Oct 2022 15:24:51 +0000
ROA not before:           Sat 29 Oct 2022 15:24:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203511
IP address blocks:        2a0c:b641:6d0::/44 maxlen: 48
                          2a0c:b641:e0::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:24:58:84:20:11:fd:e5:b7:78:44:fc:fc:68:fe:b8:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Oct 29 15:24:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2bddf8550957cd87ec652ffbb16489e4062add36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e1:1d:13:ab:23:9a:18:5d:71:45:60:69:33:
                    b1:04:e6:65:c4:9b:be:e0:76:38:bd:7d:bb:80:39:
                    ef:29:07:08:1d:db:25:dd:cc:e9:c8:14:85:59:0b:
                    92:ba:0b:8c:5d:84:c9:3a:66:80:c6:42:27:a3:77:
                    a3:d4:4d:05:31:c3:61:f0:21:d8:21:4d:74:f4:76:
                    af:a5:ee:77:be:62:37:e9:e1:2a:1d:90:32:17:da:
                    bc:c3:57:db:46:70:1d:86:a9:87:fe:4b:39:f7:6d:
                    38:01:72:04:73:2a:6c:1d:70:a3:36:26:64:8c:51:
                    0c:8c:ed:1c:fa:bf:4b:2e:a1:fc:79:ea:bf:f4:e0:
                    4a:56:9a:01:1f:a5:4e:53:7d:d3:a9:36:6b:25:e5:
                    39:a8:93:91:69:19:1e:28:a2:c3:89:9d:b5:51:07:
                    cf:f2:34:61:21:4c:9a:ca:4f:e2:b8:31:c8:47:a7:
                    03:e5:67:c9:96:e4:c3:74:6a:99:c4:4e:82:91:30:
                    35:c5:e9:41:1e:17:8e:a7:81:26:21:8d:7b:55:9a:
                    66:9f:61:0c:81:fa:9c:a6:3a:6b:6d:a8:36:84:50:
                    8b:ac:37:e0:8f:af:6a:43:c0:16:92:2d:88:bd:22:
                    32:44:b1:47:d8:1b:30:a4:cd:44:0c:4c:47:40:15:
                    03:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:DD:F8:55:09:57:CD:87:EC:65:2F:FB:B1:64:89:E4:06:2A:DD:36
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/K934VQlXzYfsZS_7sWSJ5AYq3TY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:e0::/44
                  2a0c:b641:6d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         4f:43:a7:61:3f:4f:ad:95:1e:a0:4c:f9:79:4f:c0:fa:53:30:
         9f:1e:97:dd:f2:f5:84:bd:ee:b0:2e:b4:bb:41:85:b0:79:74:
         6f:53:02:3a:2d:aa:ea:5e:a6:24:5f:e6:74:08:ce:56:86:8d:
         db:01:38:2c:29:71:cd:12:24:5f:04:d6:62:90:e6:fb:88:57:
         e1:04:1a:4a:ab:4d:db:38:dd:0a:ab:45:11:be:d3:02:54:c7:
         02:8e:76:0d:d2:f3:3e:8f:f1:76:d3:47:19:53:44:4d:6f:dc:
         1e:fc:d0:32:bb:3b:0f:25:a2:28:26:88:a8:8b:f1:ec:ef:2b:
         d8:2f:54:ef:ee:1f:17:11:d2:af:f2:c0:9b:fd:1d:1d:b2:58:
         4d:2b:37:a7:a3:f3:4c:13:02:f0:d6:52:9c:1a:61:de:c5:a5:
         d0:55:33:54:7e:eb:3d:89:5b:60:32:82:4c:7a:71:d7:42:b5:
         52:c9:e9:e5:b7:6e:56:01:33:e8:52:e5:fc:39:ae:5f:16:57:
         68:9c:8d:6b:57:5a:2d:af:fe:5d:c5:9d:87:bf:c6:20:b2:c9:
         95:34:27:6e:67:20:b7:e8:d3:2c:d4:51:13:70:d0:92:2a:4f:
         62:3a:93:98:25:ab:32:83:55:ad:e8:00:23:2a:c4:dd:07:4b:
         bd:13:ca:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQkWIQgEf3lt3hE/Pxo/riUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjIxMDI5MTUyNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRkZjg1NTA5NTdjZDg3ZWM2NTJmZmJiMTY0ODllNDA2MmFkZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+EdE6sjmhhdcUVgaTOxBOZlxJu+
4HY4vX27gDnvKQcIHdsl3czpyBSFWQuSuguMXYTJOmaAxkIno3ej1E0FMcNh8CHY
IU109Havpe53vmI36eEqHZAyF9q8w1fbRnAdhqmH/ks59204AXIEcypsHXCjNiZk
jFEMjO0c+r9LLqH8eeq/9OBKVpoBH6VOU33TqTZrJeU5qJORaRkeKKLDiZ21UQfP
8jRhIUyayk/iuDHIR6cD5WfJluTDdGqZxE6CkTA1xelBHheOp4EmIY17VZpmn2EM
gfqcpjprbag2hFCLrDfgj69qQ8AWki2IvSIyRLFH2BswpM1EDExHQBUDpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvd+FUJV82H7GUv+7FkieQGKt02MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvSzkzNFZRbFh6WWZzWlNfN3NXU0o1QVlxM1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgy2QQDg
AwcEKgy2QQbQMA0GCSqGSIb3DQEBCwUAA4IBAQBPQ6dhP0+tlR6gTPl5T8D6UzCf
Hpfd8vWEve6wLrS7QYWweXRvUwI6LarqXqYkX+Z0CM5Who3bATgsKXHNEiRfBNZi
kOb7iFfhBBpKq03bON0Kq0URvtMCVMcCjnYN0vM+j/F200cZU0RNb9we/NAyuzsP
JaIoJoioi/Hs7yvYL1Tv7h8XEdKv8sCb/R0dslhNKzeno/NMEwLw1lKcGmHexaXQ
VTNUfus9iVtgMoJMenHXQrVSyenlt25WATPoUuX8Oa5fFldonI1rV1otr/5dxZ2H
v8YgssmVNCduZyC36NMs1FETcNCSKk9iOpOYJasyg1Wt6AAjKsTdB0u9E8pw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:38 2024 by rpki-client on console-ams.rpki-client.org