Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ChtjQ2OUKaMtqtsNsbsv4-e8ptU.roa
File:                     ChtjQ2OUKaMtqtsNsbsv4-e8ptU.roa (raw, json)
Hash identifier:          7MmHbNEvIoKBbrDe+mpWyjfwUPNmLf1F3jPtxJI2aCc=
Subject key identifier:   0A:1B:63:43:63:94:29:A3:2D:AA:DB:0D:B1:BB:2F:E3:E7:BC:A6:D5
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       0184F0A4287D5EF926955FE915887CC786F3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ChtjQ2OUKaMtqtsNsbsv4-e8ptU.roa
Signing time:             Thu 08 Dec 2022 07:30:00 +0000
ROA not before:           Thu 08 Dec 2022 07:30:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209883
IP address blocks:        2a0e:f8c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f0:a4:28:7d:5e:f9:26:95:5f:e9:15:88:7c:c7:86:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Dec  8 07:30:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a1b6343639429a32daadb0db1bb2fe3e7bca6d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:af:17:41:31:07:a2:71:07:f9:91:ca:98:10:
                    5f:15:2b:7f:c2:e8:c9:b1:c1:3f:e0:36:c8:d2:86:
                    42:a6:1f:e9:a8:51:3d:fe:9e:1a:9a:69:58:40:f0:
                    7b:8a:35:bf:69:7f:db:76:25:1c:97:0a:54:c0:b4:
                    15:32:60:27:1c:aa:24:48:a2:39:a0:89:59:51:b3:
                    a8:d2:3d:b1:b6:ff:2b:94:20:13:ce:c3:e4:ff:6f:
                    33:34:45:bf:60:79:65:eb:e5:54:76:61:e5:53:26:
                    3a:b7:89:47:7a:6a:5c:93:19:18:cd:83:81:e4:83:
                    6b:47:54:ac:e6:9a:25:3b:b2:7a:5a:88:6e:4e:90:
                    f7:58:7d:40:58:bd:f9:d5:f2:5c:b7:cc:d1:d2:5c:
                    9c:33:87:a2:fe:fb:a8:e2:a1:61:fd:73:ca:b7:51:
                    90:b3:76:21:5b:cf:32:38:39:40:2f:bf:c3:07:bf:
                    9d:d4:92:31:16:74:d8:02:b9:07:93:25:bb:7d:fa:
                    87:e6:be:f6:f0:b9:28:30:d9:6b:60:c8:68:5b:a3:
                    6e:c6:d8:95:ae:28:a5:2a:95:dd:09:88:47:94:51:
                    47:48:99:82:04:ed:aa:41:e0:f4:0c:45:12:9f:4e:
                    24:30:8a:b3:c9:6f:91:02:56:db:b3:3f:c5:05:64:
                    7d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:1B:63:43:63:94:29:A3:2D:AA:DB:0D:B1:BB:2F:E3:E7:BC:A6:D5
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ChtjQ2OUKaMtqtsNsbsv4-e8ptU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:f8c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         87:89:21:45:04:01:1b:bb:f2:f4:58:f3:3f:aa:fe:b4:2b:ad:
         e6:81:af:5a:e1:e4:46:93:69:18:7a:ec:46:c1:28:50:a1:d4:
         95:b1:81:7d:38:19:c9:2e:38:a9:a0:e6:97:22:47:c8:e3:95:
         7d:61:12:6e:f1:dd:21:0f:51:2e:56:14:37:6f:bc:68:66:60:
         2e:d5:4f:77:2d:e1:83:c0:b0:2e:17:52:cf:a9:a7:64:1d:d4:
         b1:e5:19:ac:f2:08:26:2c:dc:67:fb:cc:35:31:36:46:1d:b5:
         1d:3e:fe:8c:6b:b2:e5:27:e7:b5:67:0c:47:13:1c:b4:32:3b:
         7b:f5:37:05:a2:01:bd:a6:a5:b8:3f:8e:ca:5d:1e:fe:a9:3f:
         13:dc:1c:bb:55:75:ed:0f:74:e9:01:5e:04:a8:ed:fc:0c:77:
         e6:0a:3b:37:eb:28:56:89:f2:e9:72:bf:78:73:35:98:e6:63:
         db:87:b6:f8:92:e1:3d:76:35:1f:b9:25:da:58:91:ef:24:7b:
         a5:f5:d7:bb:b7:48:42:f4:34:b5:ed:5a:d8:e7:a2:75:5e:de:
         91:98:9d:fa:8d:4f:6a:5a:ad:f4:dd:8b:80:f9:77:8a:ce:ed:
         cf:38:e1:12:eb:5d:1f:61:c9:be:5d:4f:f9:44:3a:c8:6d:17:
         b4:5d:6c:14
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTwpCh9XvkmlV/pFYh8x4bzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjA4MDczMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFiNjM0MzYzOTQyOWEzMmRhYWRiMGRiMWJiMmZlM2U3YmNhNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq8XQTEHonEH+ZHKmBBfFSt/wujJ
scE/4DbI0oZCph/pqFE9/p4ammlYQPB7ijW/aX/bdiUclwpUwLQVMmAnHKokSKI5
oIlZUbOo0j2xtv8rlCATzsPk/28zNEW/YHll6+VUdmHlUyY6t4lHempckxkYzYOB
5INrR1Ss5polO7J6WohuTpD3WH1AWL351fJct8zR0lycM4ei/vuo4qFh/XPKt1GQ
s3YhW88yODlAL7/DB7+d1JIxFnTYArkHkyW7ffqH5r728LkoMNlrYMhoW6NuxtiV
riilKpXdCYhHlFFHSJmCBO2qQeD0DEUSn04kMIqzyW+RAlbbsz/FBWR9jQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAobY0NjlCmjLarbDbG7L+PnvKbVMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQ2h0alEyT1VLYU10cXRzTnNic3Y0LWU4cHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg74wDAN
BgkqhkiG9w0BAQsFAAOCAQEAh4khRQQBG7vy9FjzP6r+tCut5oGvWuHkRpNpGHrs
RsEoUKHUlbGBfTgZyS44qaDmlyJHyOOVfWESbvHdIQ9RLlYUN2+8aGZgLtVPdy3h
g8CwLhdSz6mnZB3UseUZrPIIJizcZ/vMNTE2Rh21HT7+jGuy5SfntWcMRxMctDI7
e/U3BaIBvaaluD+Oyl0e/qk/E9wcu1V17Q906QFeBKjt/Ax35go7N+soVony6XK/
eHM1mOZj24e2+JLhPXY1H7kl2liR7yR7pfXXu7dIQvQ0te1a2OeidV7ekZid+o1P
alqt9N2LgPl3is7tzzjhEutdH2HJvl1P+UQ6yG0XtF1sFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org