Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/6s_V8kNX7kD_XnZMmIRHKezsUoA.roa
File:                     6s_V8kNX7kD_XnZMmIRHKezsUoA.roa (raw, json)
Hash identifier:          8F0wLCgoFkve06zwHQrLdxmbrMzUmpCkgaUm8SShDY4=
Subject key identifier:   EA:CF:D5:F2:43:57:EE:40:FF:5E:76:4C:98:84:47:29:EC:EC:52:80
Certificate issuer:       /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial:       0C1E8EB5
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/6s_V8kNX7kD_XnZMmIRHKezsUoA.roa
Signing time:             Mon 13 Jun 2022 05:02:20 +0000
ROA not before:           Mon 13 Jun 2022 05:02:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206995
IP address blocks:        176.42.9.0/24 maxlen: 24
                          176.42.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 203329205 (0xc1e8eb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
        Validity
            Not Before: Jun 13 05:02:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eacfd5f24357ee40ff5e764c98844729ecec5280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:39:51:69:af:a8:b3:9f:79:10:06:08:be:23:
                    c0:0e:50:e6:57:26:93:ed:32:96:38:9d:48:99:7a:
                    27:7c:ad:9a:ee:cb:93:00:2c:e4:69:09:6d:d4:2a:
                    67:81:a2:a3:51:6c:c8:5f:10:4c:39:88:56:54:bc:
                    60:5c:b3:55:6b:fb:25:66:b5:32:3d:b4:e2:6f:98:
                    6e:f5:e0:e7:78:fa:39:06:4e:b8:4d:54:08:d9:e7:
                    3c:ae:05:99:04:54:1c:67:0e:b1:c4:0c:ae:df:72:
                    84:ba:83:58:2c:37:4f:ce:ae:ea:8e:7f:b6:70:83:
                    b5:89:0e:2a:08:aa:f6:2c:bf:ba:94:3a:bd:bf:63:
                    28:97:0d:53:78:a5:03:c8:fc:cf:b9:cd:61:8a:0c:
                    15:2f:38:9f:cd:63:11:ad:49:01:f0:78:b1:39:16:
                    d3:f7:77:02:c0:12:5a:fc:c9:15:42:2f:0e:45:05:
                    9f:01:04:6b:5d:bc:3a:81:80:ff:2f:8f:21:54:60:
                    b1:4a:16:7f:bf:64:d3:ea:38:c2:ac:01:08:97:61:
                    4c:a4:34:5b:7f:93:90:07:73:1a:b6:2f:eb:83:63:
                    61:4f:6a:39:6c:26:4f:dc:ef:3d:ca:26:45:eb:d4:
                    b0:4a:58:71:13:f3:11:01:74:f4:a6:62:2e:a2:c8:
                    9b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:CF:D5:F2:43:57:EE:40:FF:5E:76:4C:98:84:47:29:EC:EC:52:80
            X509v3 Authority Key Identifier:
                keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/6s_V8kNX7kD_XnZMmIRHKezsUoA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.42.9.0/24
                  176.42.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:8a:78:1c:73:d2:b3:80:00:a2:3a:49:02:b2:4a:5e:cc:89:
         ab:f8:35:8f:6a:a5:2f:d0:5e:76:b9:f8:b7:2f:17:12:3b:63:
         62:18:7e:5f:64:ec:d4:be:d4:37:9c:6d:8f:17:f7:b2:72:b5:
         a3:12:94:27:bf:49:d4:33:43:6b:f3:8b:e2:02:8d:6e:8c:62:
         a8:7a:37:70:3e:5c:8c:ec:cc:5c:32:43:43:14:fc:22:46:d5:
         85:3a:6e:30:ad:73:c1:8c:20:6e:a6:e3:2e:5c:ec:77:8a:49:
         04:7e:ec:b8:72:b3:2e:d8:f7:29:a8:84:2a:7c:91:30:1c:80:
         cd:5c:c2:23:f3:93:8c:2a:3f:0b:b8:cd:3e:6c:08:b1:6a:f7:
         48:1d:ce:73:3b:49:f8:77:ac:e2:9a:31:3d:46:b2:6c:d9:76:
         e3:de:32:d1:ea:fd:df:30:28:2e:30:06:b8:16:28:c3:88:53:
         41:cc:a8:95:dc:cf:a5:08:87:51:63:74:74:f0:9c:b7:5d:62:
         6f:b0:12:ee:63:df:91:15:32:b0:e2:60:e1:f6:c9:ea:4f:39:
         6b:31:b6:fb:6f:17:0c:a2:92:f0:29:5b:4f:d9:14:3e:1f:b2:
         f7:83:08:49:2c:6f:1b:76:ae:0e:5f:fa:f1:3f:3d:b1:93:53:
         1f:5f:21:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDB6OtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDYx
MzA1MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjZmQ1ZjI0MzU3
ZWU0MGZmNWU3NjRjOTg4NDQ3MjllY2VjNTI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK85UWmvqLOfeRAGCL4jwA5Q5lcmk+0yljidSJl6J3ytmu7L
kwAs5GkJbdQqZ4Gio1FsyF8QTDmIVlS8YFyzVWv7JWa1Mj204m+YbvXg53j6OQZO
uE1UCNnnPK4FmQRUHGcOscQMrt9yhLqDWCw3T86u6o5/tnCDtYkOKgiq9iy/upQ6
vb9jKJcNU3ilA8j8z7nNYYoMFS84n81jEa1JAfB4sTkW0/d3AsASWvzJFUIvDkUF
nwEEa128OoGA/y+PIVRgsUoWf79k0+o4wqwBCJdhTKQ0W3+TkAdzGrYv64NjYU9q
OWwmT9zvPcomRevUsEpYcRPzEQF09KZiLqLIm7cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTqz9XyQ1fuQP9edkyYhEcp7OxSgDAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
LzZzX1Y4a05YN2tEX1huWk1tSVJIS2V6c1VvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALAqCQMEALAq7zANBgkqhkiG9w0B
AQsFAAOCAQEAMop4HHPSs4AAojpJArJKXsyJq/g1j2qlL9Bedrn4ty8XEjtjYhh+
X2Ts1L7UN5xtjxf3snK1oxKUJ79J1DNDa/OL4gKNboxiqHo3cD5cjOzMXDJDQxT8
IkbVhTpuMK1zwYwgbqbjLlzsd4pJBH7suHKzLtj3KaiEKnyRMByAzVzCI/OTjCo/
C7jNPmwIsWr3SB3OcztJ+Hes4poxPUaybNl2494y0er93zAoLjAGuBYow4hTQcyo
ldzPpQiHUWN0dPCct11ib7AS7mPfkRUysOJg4fbJ6k85azG2+28XDKKS8ClbT9kU
Ph+y94MISSxvG3auDl/68T89sZNTH18hfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org