Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZwsBhST9OBJ7muxhhnmJ0FBSJDA.roa
File:                     ZwsBhST9OBJ7muxhhnmJ0FBSJDA.roa (raw, json)
Hash identifier:          WYfigIMfDbF/OMhHtdr2xDEPSCzD5OCWzHO+5Ngmdto=
Subject key identifier:   67:0B:01:85:24:FD:38:12:7B:9A:EC:61:86:79:89:D0:50:52:24:30
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       0106D2A2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZwsBhST9OBJ7muxhhnmJ0FBSJDA.roa
Signing time:             Sat 01 Jan 2022 00:59:30 +0000
ROA not before:           Sat 01 Jan 2022 00:59:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49781
IP address blocks:        2a0c:b641:710::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17224354 (0x106d2a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  1 00:59:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=670b018524fd38127b9aec61867989d050522430
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b4:18:85:ae:c5:8a:a3:94:c7:81:ce:e8:43:
                    04:3c:8d:a0:6d:ee:3e:dd:af:9c:a3:d1:2e:56:69:
                    02:90:39:e5:c9:61:36:76:54:e2:69:72:bb:0b:a4:
                    15:f8:0f:bb:6a:36:e7:3d:98:47:0c:52:32:fc:9b:
                    af:73:e2:54:85:a5:92:8d:54:d8:9a:8d:fd:e9:42:
                    75:d8:a2:45:36:72:af:ad:a2:b2:45:b2:57:21:5d:
                    bb:09:0c:06:9c:42:1a:05:ef:ae:f6:a5:80:18:1b:
                    b5:48:4c:16:71:6f:69:c8:a8:49:ca:0b:29:42:66:
                    10:37:19:60:dd:10:56:2c:39:06:10:2e:3d:cb:d3:
                    14:5f:f6:02:90:a6:ab:8a:c9:27:e5:53:8b:24:1e:
                    22:ea:22:a0:0f:6b:2a:23:25:95:2d:ee:2e:a7:fc:
                    27:35:fb:42:ee:a2:f8:86:a8:b2:89:49:20:78:63:
                    ec:ed:a8:49:81:c0:ad:42:df:de:53:74:5e:16:79:
                    e6:1d:d8:38:10:fb:6d:ed:58:e9:93:4c:d3:36:14:
                    40:c2:42:5c:cf:0e:b9:a9:e6:6c:a8:46:00:0f:26:
                    e4:f0:a6:a5:6e:b0:2a:cd:9f:85:7d:c9:9e:58:e2:
                    21:73:2c:fa:b8:e6:9a:cd:0d:44:5e:15:c9:6a:a9:
                    fd:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:0B:01:85:24:FD:38:12:7B:9A:EC:61:86:79:89:D0:50:52:24:30
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZwsBhST9OBJ7muxhhnmJ0FBSJDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:710::/44

    Signature Algorithm: sha256WithRSAEncryption
         1a:9b:f7:1c:88:9a:7b:44:5b:d9:69:d2:ce:98:70:a6:b4:ab:
         b4:f0:97:c0:e2:21:6b:52:46:43:a3:2f:31:63:31:83:81:be:
         af:45:01:27:a5:d9:15:41:3b:81:f0:74:d6:84:40:a2:bf:e7:
         27:a7:d9:63:61:c0:9d:e1:85:4a:39:5f:b0:1c:9b:59:76:e3:
         27:4a:ba:3f:09:a4:d8:f7:3b:9a:4a:6a:03:41:fc:6d:ef:a5:
         e3:33:20:53:1a:ce:4d:0a:22:56:19:7c:6d:23:23:44:9e:25:
         e4:50:7b:40:55:61:28:00:02:60:b5:54:40:11:45:ed:29:53:
         ab:10:3a:86:5d:56:81:a8:b4:23:58:bd:53:b2:cd:b5:e3:9f:
         da:bb:a2:d4:e0:b0:9c:8f:6b:db:fe:c7:08:f9:af:83:f5:dc:
         74:a0:ef:de:50:6a:9f:94:cc:89:39:4b:ab:aa:ea:57:10:21:
         04:f2:28:9d:c8:e9:4a:31:2c:71:2a:c8:c3:9f:f9:da:08:c8:
         dc:14:c2:c9:c6:37:64:03:2f:88:e7:ad:f4:4d:10:41:b3:1a:
         7b:f6:16:e3:6b:b4:39:ed:7e:04:ab:c4:87:9d:65:ef:8c:41:
         7e:af:1b:47:13:f4:b1:37:a4:c5:06:1e:02:d7:9b:8c:83:a0:
         90:76:4c:73
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAQbSojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjcwYjAxODUyNGZk
MzgxMjdiOWFlYzYxODY3OTg5ZDA1MDUyMjQzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJC0GIWuxYqjlMeBzuhDBDyNoG3uPt2vnKPRLlZpApA55clh
NnZU4mlyuwukFfgPu2o25z2YRwxSMvybr3PiVIWlko1U2JqN/elCddiiRTZyr62i
skWyVyFduwkMBpxCGgXvrvalgBgbtUhMFnFvacioScoLKUJmEDcZYN0QViw5BhAu
PcvTFF/2ApCmq4rJJ+VTiyQeIuoioA9rKiMllS3uLqf8JzX7Qu6i+IaosolJIHhj
7O2oSYHArULf3lN0XhZ55h3YOBD7be1Y6ZNM0zYUQMJCXM8OuanmbKhGAA8m5PCm
pW6wKs2fhX3JnljiIXMs+rjmms0NRF4VyWqp/bcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRnCwGFJP04Enua7GGGeYnQUFIkMDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1p3c0JoU1Q5T0JKN211eGhobm1KMEZCU0pEQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEHEDANBgkqhkiG9w0BAQsF
AAOCAQEAGpv3HIiae0Rb2WnSzphwprSrtPCXwOIha1JGQ6MvMWMxg4G+r0UBJ6XZ
FUE7gfB01oRAor/nJ6fZY2HAneGFSjlfsBybWXbjJ0q6Pwmk2Pc7mkpqA0H8be+l
4zMgUxrOTQoiVhl8bSMjRJ4l5FB7QFVhKAACYLVUQBFF7SlTqxA6hl1Wgai0I1i9
U7LNteOf2rui1OCwnI9r2/7HCPmvg/XcdKDv3lBqn5TMiTlLq6rqVxAhBPIoncjp
SjEscSrIw5/52gjI3BTCycY3ZAMviOet9E0QQbMae/YW42u0Oe1+BKvEh51l74xB
fq8bRxP0sTekxQYeAtebjIOgkHZMcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org