Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tGFbY1zUplTG-JF0nYUnKli0xd8.roa
File:                     tGFbY1zUplTG-JF0nYUnKli0xd8.roa (raw, json)
Hash identifier:          1M0EpyUU7sXB5SortUnNW/89/seOuTRvu5hsnmzOGCQ=
Subject key identifier:   B4:61:5B:63:5C:D4:A6:54:C6:F8:91:74:9D:85:27:2A:58:B4:C5:DF
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       01847CB2CE522F3C7FC3E2B7B647F603D9BA
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tGFbY1zUplTG-JF0nYUnKli0xd8.roa
Signing time:             Tue 15 Nov 2022 19:10:03 +0000
ROA not before:           Tue 15 Nov 2022 19:10:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        212.69.1.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7c:b2:ce:52:2f:3c:7f:c3:e2:b7:b6:47:f6:03:d9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Nov 15 19:10:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4615b635cd4a654c6f891749d85272a58b4c5df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e2:a7:1b:b2:eb:e8:9d:1c:ab:8b:5d:9f:6a:
                    b6:d9:f8:6e:1d:5f:50:c3:c5:ba:de:fd:ad:d8:0e:
                    30:a7:d9:c0:f2:8e:13:0b:30:19:e7:ba:4b:a5:11:
                    7a:7f:f6:24:ce:2a:d1:4d:62:cf:a5:f7:bb:23:63:
                    73:ab:b1:3a:cd:8b:4d:55:22:5d:36:57:3f:8b:f2:
                    31:90:8e:8a:86:44:c4:94:07:a1:00:6a:e1:80:42:
                    38:1c:bd:83:b4:22:04:e2:d4:e7:2a:87:75:8e:85:
                    8e:dc:b2:68:52:cc:aa:b3:87:90:20:08:70:e6:5d:
                    18:67:5c:06:79:e4:fd:90:3a:a2:ca:4a:bc:3d:e8:
                    97:93:aa:6e:28:b6:1b:ed:22:a3:31:a9:63:c5:f4:
                    2a:af:63:9b:8e:cc:84:7c:1e:cc:6b:4f:14:95:90:
                    44:34:ca:bf:6c:0f:02:96:4d:1c:70:ec:59:fb:bb:
                    66:0c:b6:56:da:28:02:c2:04:aa:55:a8:7f:54:85:
                    da:8e:eb:74:1a:a6:b3:81:d6:c6:5e:c6:74:1a:fe:
                    7d:b4:44:13:d8:b5:e2:85:83:be:f6:63:8a:66:0f:
                    27:f4:b6:68:c6:a8:e0:9a:b7:e9:41:0f:c3:c8:da:
                    71:ab:58:e3:20:ef:9b:f2:98:70:ce:25:82:c4:3f:
                    43:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:61:5B:63:5C:D4:A6:54:C6:F8:91:74:9D:85:27:2A:58:B4:C5:DF
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tGFbY1zUplTG-JF0nYUnKli0xd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.69.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:79:2e:27:d2:93:58:c5:01:fb:b2:8d:01:a4:c1:af:9e:29:
         d9:03:f6:23:3b:f1:ab:eb:27:6f:b7:65:d4:f5:90:a7:e5:79:
         43:43:55:87:f7:4d:f6:67:30:c1:74:64:cc:69:be:10:f3:46:
         67:62:a0:70:66:e4:b6:ce:df:6d:d9:ac:27:8f:77:49:f5:a6:
         1c:6b:d2:6d:91:1f:02:b5:7c:72:97:a0:6b:6b:19:82:02:07:
         ee:e3:c8:41:c5:b5:ac:f5:bd:05:0e:e0:ae:03:cf:99:28:5b:
         a4:d8:bf:97:54:11:d7:b5:fd:14:56:a6:84:53:17:92:09:1e:
         4e:2a:5f:a6:18:30:2a:47:12:73:67:4b:60:48:50:b2:63:f8:
         5c:1b:17:8a:a3:7d:6c:02:8a:b3:a5:bc:8e:8e:e2:74:87:e6:
         0e:c4:10:cf:ff:e6:05:62:2f:33:68:49:24:90:f8:d6:81:80:
         af:fa:9f:90:08:05:fb:cb:25:56:3c:32:48:81:f4:b0:76:53:
         28:7d:30:d1:ef:fc:d0:4f:e7:6e:b0:9a:3a:21:61:43:38:7c:
         d3:0a:04:b4:8d:5a:3c:1c:a3:17:02:25:4b:63:0f:2a:68:55:
         46:cd:17:9d:5a:bf:95:b0:da:42:7c:a9:7c:8e:e4:fe:13:e5:
         d5:6d:00:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR8ss5SLzx/w+K3tkf2A9m6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE1MTkxMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDYxNWI2MzVjZDRhNjU0YzZmODkxNzQ5ZDg1MjcyYTU4YjRjNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleKnG7Lr6J0cq4tdn2q22fhuHV9Q
w8W63v2t2A4wp9nA8o4TCzAZ57pLpRF6f/YkzirRTWLPpfe7I2Nzq7E6zYtNVSJd
Nlc/i/IxkI6KhkTElAehAGrhgEI4HL2DtCIE4tTnKod1joWO3LJoUsyqs4eQIAhw
5l0YZ1wGeeT9kDqiykq8PeiXk6puKLYb7SKjMaljxfQqr2ObjsyEfB7Ma08UlZBE
NMq/bA8Clk0ccOxZ+7tmDLZW2igCwgSqVah/VIXajut0GqazgdbGXsZ0Gv59tEQT
2LXihYO+9mOKZg8n9LZoxqjgmrfpQQ/DyNpxq1jjIO+b8phwziWCxD9DDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRhW2Nc1KZUxviRdJ2FJypYtMXfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdEdGYlkxelVwbFRHLUpGMG5ZVW5LbGkweGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EUBMA0G
CSqGSIb3DQEBCwUAA4IBAQABeS4n0pNYxQH7so0BpMGvninZA/YjO/Gr6ydvt2XU
9ZCn5XlDQ1WH9032ZzDBdGTMab4Q80ZnYqBwZuS2zt9t2awnj3dJ9aYca9JtkR8C
tXxyl6BraxmCAgfu48hBxbWs9b0FDuCuA8+ZKFuk2L+XVBHXtf0UVqaEUxeSCR5O
Kl+mGDAqRxJzZ0tgSFCyY/hcGxeKo31sAoqzpbyOjuJ0h+YOxBDP/+YFYi8zaEkk
kPjWgYCv+p+QCAX7yyVWPDJIgfSwdlMofTDR7/zQT+dusJo6IWFDOHzTCgS0jVo8
HKMXAiVLYw8qaFVGzRedWr+VsNpCfKl8juT+E+XVbQBe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org