Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/osanvYlAdddRSMaNusWNuLkKbUA.roa
File:                     osanvYlAdddRSMaNusWNuLkKbUA.roa (raw, json)
Hash identifier:          B+YUQWmKHRFkijaiF3qbCOyii+H0iCxLw0haZdsKC9o=
Subject key identifier:   A2:C6:A7:BD:89:40:75:D7:51:48:C6:8D:BA:C5:8D:B8:B9:0A:6D:40
Certificate issuer:       /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial:       03520E8C
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/osanvYlAdddRSMaNusWNuLkKbUA.roa
Signing time:             Sat 01 Jan 2022 02:02:05 +0000
ROA not before:           Sat 01 Jan 2022 02:02:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15510
IP address blocks:        2a10:9903:101::/48 maxlen: 48
                          2a10:9903:110::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55709324 (0x3520e8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
        Validity
            Not Before: Jan  1 02:02:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a2c6a7bd894075d75148c68dbac58db8b90a6d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:6a:02:c5:a4:78:c2:a0:39:97:08:ee:97:7d:
                    68:d4:27:94:f0:21:bf:69:69:f8:0b:2a:0a:2a:ae:
                    b8:b2:b8:e3:6c:41:6c:3d:58:e6:aa:8d:ef:e5:a3:
                    4c:96:5c:c6:43:21:ef:20:5d:c1:1c:5b:98:8d:08:
                    3e:b7:de:0b:da:cb:c8:15:fc:c4:b7:2d:f9:16:3f:
                    3b:4d:8a:72:c9:d6:59:1d:47:93:b0:6d:8c:b1:c3:
                    1c:e2:1f:0c:e4:66:b2:1d:cf:68:f7:d5:ce:9e:a6:
                    5f:a1:2b:b4:83:58:0a:1d:4e:ec:c3:ff:7d:4c:44:
                    f5:1a:2f:f5:37:09:28:e9:0b:79:23:fc:7b:13:00:
                    04:e7:23:44:16:6a:8f:e7:59:04:5f:0f:35:97:5b:
                    06:8f:c9:42:a7:9d:d8:c2:85:ac:bc:70:e9:5b:37:
                    01:3b:3b:b4:72:d1:ca:89:37:2e:45:a7:9b:90:11:
                    8b:ca:f8:af:49:fa:6b:13:2e:4a:4f:74:fc:49:bf:
                    8e:d3:1f:5c:39:38:4d:bc:82:67:95:e7:a3:e9:92:
                    8d:4c:84:4a:e5:72:c7:9d:1a:f6:c0:cf:d3:bf:ae:
                    dc:af:d0:23:20:a8:f9:28:db:14:86:62:bf:03:30:
                    55:3d:88:39:1e:15:fe:7c:c6:31:26:71:0a:77:30:
                    02:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C6:A7:BD:89:40:75:D7:51:48:C6:8D:BA:C5:8D:B8:B9:0A:6D:40
            X509v3 Authority Key Identifier:
                keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/osanvYlAdddRSMaNusWNuLkKbUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:9903:101::/48
                  2a10:9903:110::/44

    Signature Algorithm: sha256WithRSAEncryption
         19:53:64:d0:33:98:91:b2:ce:4f:42:21:0a:94:5e:e5:e0:da:
         e2:1b:a0:14:11:2c:c0:0e:9e:27:a6:b3:70:63:95:71:81:4c:
         58:d2:cd:52:26:8c:41:01:de:07:ba:32:e0:1d:18:9d:73:23:
         0e:0a:98:20:90:6c:74:0c:12:35:29:d0:14:70:14:01:c1:4f:
         36:fc:ec:25:ea:87:8e:5d:08:c0:6f:5e:fb:bd:76:28:70:a0:
         5b:15:d8:0f:34:0d:77:fc:8a:d5:72:ed:ab:b7:86:db:06:42:
         d8:5f:1b:8d:c5:1f:55:a7:d0:ff:21:5b:e2:aa:47:ea:c1:fa:
         43:32:b5:b1:6e:57:df:73:2c:87:e5:f3:ed:0e:0a:24:70:af:
         05:3d:bb:5e:bb:5f:2d:72:9e:a7:e1:62:0e:ba:9d:3c:8d:e6:
         5b:02:ec:56:d5:b0:8f:03:48:ac:c1:48:dc:74:3e:59:d0:bb:
         88:13:23:b7:84:0e:4c:82:38:4b:8c:8a:43:59:65:e6:64:34:
         0f:86:58:51:bf:a8:81:da:d5:07:7c:fa:9d:86:b9:69:a5:27:
         da:23:5c:4b:c1:14:3d:26:ff:09:a7:ad:25:e7:71:fa:40:8c:
         9b:f7:9e:1c:c4:85:f5:17:60:40:fa:52:70:73:b7:75:9f:41:
         dc:9a:29:ef
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA1IOjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2JlMDkzMDk3MDk3YzQ0NTdmZjVhYTNlNTg5M2M4YzE1NDMyNjEyMB4XDTIyMDEw
MTAyMDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJjNmE3YmQ4OTQw
NzVkNzUxNDhjNjhkYmFjNThkYjhiOTBhNmQ0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxqAsWkeMKgOZcI7pd9aNQnlPAhv2lp+AsqCiquuLK442xB
bD1Y5qqN7+WjTJZcxkMh7yBdwRxbmI0IPrfeC9rLyBX8xLct+RY/O02KcsnWWR1H
k7BtjLHDHOIfDORmsh3PaPfVzp6mX6ErtINYCh1O7MP/fUxE9Rov9TcJKOkLeSP8
exMABOcjRBZqj+dZBF8PNZdbBo/JQqed2MKFrLxw6Vs3ATs7tHLRyok3LkWnm5AR
i8r4r0n6axMuSk90/Em/jtMfXDk4TbyCZ5Xno+mSjUyESuVyx50a9sDP07+u3K/Q
IyCo+SjbFIZivwMwVT2IOR4V/nzGMSZxCncwAuUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSixqe9iUB111FIxo26xY24uQptQDAfBgNVHSMEGDAWgBSHvgkwlwl8RFf/
WqPliTyMFUMmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g3NEpNSmNKZkVSWF8xcWo1WWs4akJWREpoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvY2M4ZjRhLTRjMDItNDA0Yi04ZDkzLTJjZGU2NWYzMTEyYS8x
L29zYW52WWxBZGRkUlNNYU51c1dOdUxrS2JVQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
Y2M4ZjRhLTRjMDItNDA0Yi04ZDkzLTJjZGU2NWYzMTEyYS8xL2g3NEpNSmNKZkVS
WF8xcWo1WWs4akJWREpoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoQmQMBAQMHBCoQmQMBEDANBgkq
hkiG9w0BAQsFAAOCAQEAGVNk0DOYkbLOT0IhCpRe5eDa4hugFBEswA6eJ6azcGOV
cYFMWNLNUiaMQQHeB7oy4B0YnXMjDgqYIJBsdAwSNSnQFHAUAcFPNvzsJeqHjl0I
wG9e+712KHCgWxXYDzQNd/yK1XLtq7eG2wZC2F8bjcUfVafQ/yFb4qpH6sH6QzK1
sW5X33Msh+Xz7Q4KJHCvBT27XrtfLXKep+FiDrqdPI3mWwLsVtWwjwNIrMFI3HQ+
WdC7iBMjt4QOTII4S4yKQ1ll5mQ0D4ZYUb+ogdrVB3z6nYa5aaUn2iNcS8EUPSb/
CaetJedx+kCMm/eeHMSF9RdgQPpScHO3dZ9B3Jop7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:45 2024 by rpki-client on console-ams.rpki-client.org