Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/a6cRFi3XfBlsXX71QzSA14_8dho.roa
File:                     a6cRFi3XfBlsXX71QzSA14_8dho.roa (raw, json)
Hash identifier:          kllDpuY6Dk8ldjQ6tN6RF1CXuMolDU260oJFBlPsRi0=
Subject key identifier:   6B:A7:11:16:2D:D7:7C:19:6C:5D:7E:F5:43:34:80:D7:8F:FC:76:1A
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       018C66CE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/a6cRFi3XfBlsXX71QzSA14_8dho.roa
Signing time:             Tue 18 Jan 2022 18:42:05 +0000
ROA not before:           Tue 18 Jan 2022 18:42:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210546
IP address blocks:        2a0c:b641:540::/44 maxlen: 48
                          2a0c:b641:750::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25978574 (0x18c66ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan 18 18:42:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ba711162dd77c196c5d7ef5433480d78ffc761a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:eb:cf:d2:c6:93:d9:18:a6:74:50:11:1c:1d:
                    33:87:18:eb:e6:3d:f0:48:3e:7f:f4:37:a4:f7:a6:
                    3b:0b:e7:69:6c:05:97:16:79:31:ca:c4:46:e4:68:
                    17:3e:fe:5e:f5:af:a4:23:45:0a:d7:a0:5f:e8:ac:
                    98:49:29:e8:87:da:fd:42:f8:d2:f7:b3:7b:14:d0:
                    9b:c3:62:87:b7:a0:17:04:21:ef:03:f3:4c:61:c4:
                    45:8d:c9:f0:80:cc:ea:65:f6:74:49:8b:c4:40:bb:
                    d0:68:37:65:e2:f7:0c:9b:84:13:ee:a5:9c:11:d5:
                    85:5e:1c:b9:79:87:41:6d:d3:c5:d7:74:57:e6:88:
                    a1:1c:0a:eb:e1:8e:87:3e:52:fc:c2:49:c0:f5:9a:
                    8b:f8:4d:f6:81:ee:25:ee:9d:45:bc:8b:4d:9a:06:
                    8e:79:63:79:7c:1d:df:23:b1:72:72:a3:ef:d6:4a:
                    52:90:1e:a0:ef:a4:02:24:95:32:59:e4:dd:3e:cf:
                    da:05:b2:16:d5:19:d4:9c:59:a8:67:e5:c9:b6:39:
                    9e:43:6b:ca:d1:57:6f:24:ec:85:c5:c2:1a:83:3f:
                    1c:35:2f:26:1c:5e:35:5f:32:79:71:16:db:ab:b0:
                    ea:75:15:f4:09:88:ef:8c:52:cf:e7:12:3e:f7:d4:
                    56:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:A7:11:16:2D:D7:7C:19:6C:5D:7E:F5:43:34:80:D7:8F:FC:76:1A
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/a6cRFi3XfBlsXX71QzSA14_8dho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:540::/44
                  2a0c:b641:750::/44

    Signature Algorithm: sha256WithRSAEncryption
         93:d8:75:0f:4b:02:e5:f5:c0:f1:e8:5a:3f:ad:27:ac:76:ef:
         e6:8a:01:14:76:80:f0:17:c4:33:6b:98:7e:23:a1:53:58:6a:
         8b:0d:8a:64:77:33:d7:6b:3c:fb:7d:5b:c5:d2:d9:d9:b6:fe:
         d5:a2:bc:80:17:27:81:25:28:e6:0b:3e:d5:25:cc:73:c3:d2:
         da:53:dc:74:4c:9f:13:0a:06:43:e9:95:21:ae:e5:01:5d:f7:
         b4:ff:33:fe:d0:7c:44:bb:75:27:eb:85:41:44:56:ec:42:25:
         f2:ec:ab:15:36:0d:c0:b2:d9:0c:e1:c6:37:d8:39:9f:aa:71:
         99:9b:df:ed:b4:f8:41:2f:cb:40:21:ce:2d:22:cb:d9:7c:e2:
         84:91:3c:71:63:3d:e5:25:74:e3:6d:db:53:e9:1f:5e:ef:94:
         b6:c5:06:e0:32:16:df:17:72:62:e9:ba:40:a8:4c:14:74:e9:
         59:26:4a:cb:35:a7:a5:f1:2f:99:70:bc:75:6b:38:e3:fe:79:
         3b:90:53:f2:e4:cc:6a:ca:bd:31:0d:46:f2:f3:c7:60:f3:cb:
         e6:77:10:96:2f:35:4b:00:bc:c7:45:40:62:38:f7:59:62:d1:
         b5:e0:83:57:07:8a:51:05:98:c0:90:46:eb:80:28:f0:24:2f:
         55:b1:98:c8
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAYxmzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEx
ODE4NDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJhNzExMTYyZGQ3
N2MxOTZjNWQ3ZWY1NDMzNDgwZDc4ZmZjNzYxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLrz9LGk9kYpnRQERwdM4cY6+Y98Eg+f/Q3pPemOwvnaWwF
lxZ5McrERuRoFz7+XvWvpCNFCtegX+ismEkp6Ifa/UL40vezexTQm8Nih7egFwQh
7wPzTGHERY3J8IDM6mX2dEmLxEC70Gg3ZeL3DJuEE+6lnBHVhV4cuXmHQW3Txdd0
V+aIoRwK6+GOhz5S/MJJwPWai/hN9oHuJe6dRbyLTZoGjnljeXwd3yOxcnKj79ZK
UpAeoO+kAiSVMlnk3T7P2gWyFtUZ1JxZqGflybY5nkNrytFXbyTshcXCGoM/HDUv
JhxeNV8yeXEW26uw6nUV9AmI74xSz+cSPvfUVo0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRrpxEWLdd8GWxdfvVDNIDXj/x2GjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L2E2Y1JGaTNYZkJsc1hYNzFRelNBMTRfOGRoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoMtkEFQAMHBCoMtkEHUDANBgkq
hkiG9w0BAQsFAAOCAQEAk9h1D0sC5fXA8ehaP60nrHbv5ooBFHaA8BfEM2uYfiOh
U1hqiw2KZHcz12s8+31bxdLZ2bb+1aK8gBcngSUo5gs+1SXMc8PS2lPcdEyfEwoG
Q+mVIa7lAV33tP8z/tB8RLt1J+uFQURW7EIl8uyrFTYNwLLZDOHGN9g5n6pxmZvf
7bT4QS/LQCHOLSLL2XzihJE8cWM95SV0423bU+kfXu+UtsUG4DIW3xdyYum6QKhM
FHTpWSZKyzWnpfEvmXC8dWs44/55O5BT8uTMasq9MQ1G8vPHYPPL5ncQli81SwC8
x0VAYjj3WWLRteCDVweKUQWYwJBG64Ao8CQvVbGYyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org