Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/ec_qZMbLPmTtSrA7nFMCrc_Hm0U.roa
File:                     ec_qZMbLPmTtSrA7nFMCrc_Hm0U.roa (raw, json)
Hash identifier:          S9UuekMmiXUq03zbzKUD/WXkVw45xnxAXfxvnEOjpG4=
Subject key identifier:   79:CF:EA:64:C6:CB:3E:64:ED:4A:B0:3B:9C:53:02:AD:CF:C7:9B:45
Certificate issuer:       /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Certificate serial:       0A382846
Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/ec_qZMbLPmTtSrA7nFMCrc_Hm0U.roa
Signing time:             Thu 28 Apr 2022 08:36:53 +0000
ROA not before:           Thu 28 Apr 2022 08:36:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31898
IP address blocks:        2a09:a447:ac1e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 171452486 (0xa382846)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
        Validity
            Not Before: Apr 28 08:36:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79cfea64c6cb3e64ed4ab03b9c5302adcfc79b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9f:30:6e:7a:3e:f8:81:e7:0b:91:6a:94:90:
                    2e:02:a4:96:e2:af:fc:bf:17:6c:d2:36:7b:02:f5:
                    4d:1e:c1:f1:36:41:46:43:71:80:a5:9e:ff:33:bd:
                    1b:7b:af:58:9d:6e:d8:55:29:95:e4:75:07:24:34:
                    14:47:85:45:0c:14:70:92:09:63:91:4a:97:e0:7d:
                    4c:70:ae:47:52:e6:0d:ef:44:6c:58:5b:4f:c9:b8:
                    17:80:e1:39:0f:bd:37:44:c1:37:00:22:cb:30:eb:
                    d5:64:60:0a:14:4d:fc:05:33:36:51:db:2c:51:20:
                    ce:0e:77:46:36:29:5c:51:1a:5d:81:b9:63:94:a9:
                    c2:36:f6:97:5d:b2:84:8c:df:53:4f:be:e7:d1:c9:
                    c0:9d:ef:22:b6:da:32:c2:b5:ab:9c:f6:b6:b1:6a:
                    52:35:45:11:73:90:5a:7d:4a:81:76:68:3a:71:d2:
                    ea:96:49:c4:cb:ca:2c:8d:95:a8:25:3e:52:bf:a6:
                    76:0b:5e:09:60:cd:f9:23:5d:9d:47:d9:a9:fa:6e:
                    b9:19:98:fb:26:4b:92:c0:19:cb:71:fc:49:0c:fe:
                    a3:69:df:38:c1:d6:85:28:6c:15:fd:38:2a:ef:2c:
                    14:f0:9c:53:6c:da:dc:ce:67:99:1c:84:c5:bb:8d:
                    ce:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:CF:EA:64:C6:CB:3E:64:ED:4A:B0:3B:9C:53:02:AD:CF:C7:9B:45
            X509v3 Authority Key Identifier:
                keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/ec_qZMbLPmTtSrA7nFMCrc_Hm0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:a447:ac1e::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:4a:74:1b:8b:f7:c7:40:5d:95:65:78:24:81:55:ff:02:1e:
         4e:1a:af:46:11:c4:68:81:7f:15:22:ea:35:ac:84:2b:14:73:
         da:3a:62:a6:cd:90:0e:43:d6:20:2c:c4:00:f9:e0:63:78:0b:
         42:da:11:c6:91:da:7c:1b:c6:79:90:9e:b0:c0:92:1f:97:8c:
         3e:a3:e5:bc:77:a8:92:3b:db:d4:73:8d:fa:ad:53:f0:07:2c:
         ea:be:aa:b1:be:62:12:1b:78:df:e3:ad:75:30:b9:f4:71:cb:
         56:54:86:55:02:3c:c3:dd:8c:9c:96:53:6f:55:df:e3:cd:0f:
         e7:c0:0c:e7:93:7f:b5:e2:e2:83:42:61:19:57:32:ad:78:c9:
         99:dd:f3:e7:74:0c:15:93:fe:7b:d3:69:91:8d:c4:5c:e5:77:
         4b:1e:86:44:7e:77:cb:04:ce:0e:f9:8e:0b:14:4d:1f:e9:e5:
         94:60:62:cd:51:02:3d:4b:ff:4e:e1:ed:fd:55:38:13:bb:e1:
         a9:6e:5b:10:a9:08:50:6c:c1:9e:c6:18:e7:62:86:01:9d:03:
         62:ff:9c:71:1c:7f:03:48:7a:19:c7:92:9f:c3:f6:46:c6:70:
         49:69:17:76:80:f2:fa:b7:05:bb:f4:c2:83:5e:e6:be:22:8b:
         92:58:e6:ba
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECjgoRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzEwODljOTQyYjY4MDMzNjgzYjRkZDUwNmMwYzM2Zjc0YmUwZWEzMB4XDTIyMDQy
ODA4MzY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzljZmVhNjRjNmNi
M2U2NGVkNGFiMDNiOWM1MzAyYWRjZmM3OWI0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKafMG56PviB5wuRapSQLgKkluKv/L8XbNI2ewL1TR7B8TZB
RkNxgKWe/zO9G3uvWJ1u2FUpleR1ByQ0FEeFRQwUcJIJY5FKl+B9THCuR1LmDe9E
bFhbT8m4F4DhOQ+9N0TBNwAiyzDr1WRgChRN/AUzNlHbLFEgzg53RjYpXFEaXYG5
Y5Spwjb2l12yhIzfU0++59HJwJ3vIrbaMsK1q5z2trFqUjVFEXOQWn1KgXZoOnHS
6pZJxMvKLI2VqCU+Ur+mdgteCWDN+SNdnUfZqfpuuRmY+yZLksAZy3H8SQz+o2nf
OMHWhShsFf04Ku8sFPCcU2za3M5nmRyExbuNzt0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR5z+pkxss+ZO1KsDucUwKtz8ebRTAfBgNVHSMEGDAWgBTcEInJQraAM2g7
TdUGwMNvdL4OozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNCQ0p5VUsyZ0ROb08wM1ZCc0REYjNTLURxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvMjQxNDlkLWQxMTUtNDMzMC1iZDQ5LWNiNTZlZDNlYTdmYS8x
L2VjX3FaTWJMUG1UdFNyQTduRk1DcmNfSG0wVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
MjQxNDlkLWQxMTUtNDMzMC1iZDQ5LWNiNTZlZDNlYTdmYS8xLzNCQ0p5VUsyZ0RO
b08wM1ZCc0REYjNTLURxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJpEesHjANBgkqhkiG9w0BAQsF
AAOCAQEAEEp0G4v3x0BdlWV4JIFV/wIeThqvRhHEaIF/FSLqNayEKxRz2jpips2Q
DkPWICzEAPngY3gLQtoRxpHafBvGeZCesMCSH5eMPqPlvHeokjvb1HON+q1T8Acs
6r6qsb5iEht43+OtdTC59HHLVlSGVQI8w92MnJZTb1Xf480P58AM55N/teLig0Jh
GVcyrXjJmd3z53QMFZP+e9NpkY3EXOV3Sx6GRH53ywTODvmOCxRNH+nllGBizVEC
PUv/TuHt/VU4E7vhqW5bEKkIUGzBnsYY52KGAZ0DYv+ccRx/A0h6GceSn8P2RsZw
SWkXdoDy+rcFu/TCg17mviKLkljmug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:46 2024 by rpki-client on console-fra.rpki-client.org