Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/6XHcm4i0ml5rZRAfLQMc1RznR1E.roa
File:                     6XHcm4i0ml5rZRAfLQMc1RznR1E.roa (raw, json)
Hash identifier:          1t01dKG7iRI8njlNHTB36F1drCegvhQRQqToXx35c1U=
Subject key identifier:   E9:71:DC:9B:88:B4:9A:5E:6B:65:10:1F:2D:03:1C:D5:1C:E7:47:51
Certificate issuer:       /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial:       063A24F0
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/6XHcm4i0ml5rZRAfLQMc1RznR1E.roa
Signing time:             Sat 01 Jan 2022 07:58:07 +0000
ROA not before:           Sat 01 Jan 2022 07:58:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6507
IP address blocks:        2a04:82c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 104473840 (0x63a24f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
        Validity
            Not Before: Jan  1 07:58:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e971dc9b88b49a5e6b65101f2d031cd51ce74751
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:af:34:59:4f:cf:af:35:f5:ae:26:e8:70:4e:
                    c8:b1:61:3c:27:bd:80:a6:cb:24:ae:60:f4:4b:6b:
                    08:39:d4:4b:bd:7e:56:37:17:b9:b1:37:14:12:71:
                    c1:66:55:7d:c4:62:5a:c9:5d:3e:88:93:e7:76:de:
                    9f:96:45:5f:83:3e:25:b2:f5:7a:35:55:82:cb:8d:
                    60:79:0e:8a:f4:09:36:51:30:76:82:b8:40:d1:1a:
                    63:7a:a3:81:4f:fa:32:41:b1:bd:c1:e0:11:8b:b6:
                    d5:f3:bb:25:ce:79:27:9d:81:2b:ba:7d:2b:c0:48:
                    80:57:f4:ba:46:b5:38:a7:6e:48:59:8a:38:e4:e5:
                    b1:6b:ae:2f:50:3a:71:13:f7:59:ce:89:2c:6b:a2:
                    b2:59:d6:6e:e0:a6:3c:9b:cd:2f:7e:09:6d:c7:1c:
                    8a:8c:f2:60:d4:ea:94:36:51:05:fe:aa:3f:15:75:
                    4c:1d:03:92:40:06:f6:f5:16:b7:31:cd:55:c1:8e:
                    ad:51:64:1c:e9:b7:df:48:a5:b7:25:25:56:15:d0:
                    5c:61:66:89:bf:21:40:4d:8f:48:c3:3f:63:37:6f:
                    55:9b:79:66:1f:db:cb:ea:b1:2b:5f:8d:26:a6:6a:
                    6d:8c:6a:fb:e3:ec:0f:80:66:81:c0:64:ef:03:67:
                    2d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:71:DC:9B:88:B4:9A:5E:6B:65:10:1F:2D:03:1C:D5:1C:E7:47:51
            X509v3 Authority Key Identifier:
                keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/6XHcm4i0ml5rZRAfLQMc1RznR1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:82c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5c:7c:0c:f5:7e:bb:a2:db:6b:d2:20:bc:ea:fb:1b:f6:90:77:
         4c:1e:d9:9a:1d:a2:36:55:8a:8d:db:83:c4:57:5d:3c:e8:10:
         37:67:24:b3:ba:82:67:18:49:be:e0:7c:b3:88:58:af:23:bd:
         41:cb:4e:a2:c4:c8:a7:38:58:73:67:bb:6c:ee:ee:19:38:e2:
         a4:16:ff:20:86:88:8a:68:3b:47:b2:ab:02:76:b6:23:05:99:
         29:13:16:c8:30:ca:bf:36:91:63:1d:5b:80:ac:b5:58:a3:35:
         d0:f0:ae:83:10:05:e2:e7:7d:1d:b1:aa:aa:08:4c:a0:61:72:
         af:ac:b6:0a:5c:77:28:52:c5:68:61:8e:d7:36:be:9e:7b:f1:
         75:1a:88:39:c3:d7:f2:52:7f:08:34:4d:3a:45:79:49:74:9c:
         58:25:94:b6:1d:8b:ca:48:c8:a5:d3:ee:53:18:08:d1:a8:fb:
         29:22:6b:d7:b1:57:48:a3:f6:4b:54:85:58:08:74:ed:39:03:
         ee:82:37:55:0b:9a:72:0a:bd:c9:ff:b6:ea:29:01:6a:d6:56:
         7f:93:b1:30:91:7b:bd:14:b3:f6:cb:72:2c:f9:5d:63:f3:59:
         d8:b9:71:83:a5:de:b2:3f:48:37:2a:c9:b6:e0:07:fa:9b:a1:
         97:bf:76:d2
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBjok8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzA1ZGY2ZTQwNGVmOTIwZTZhNTkyOGQ4OTYzZTZhNWY4ZDYxMTIwMB4XDTIyMDEw
MTA3NTgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTk3MWRjOWI4OGI0
OWE1ZTZiNjUxMDFmMmQwMzFjZDUxY2U3NDc1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+vNFlPz6819a4m6HBOyLFhPCe9gKbLJK5g9EtrCDnUS71+
VjcXubE3FBJxwWZVfcRiWsldPoiT53ben5ZFX4M+JbL1ejVVgsuNYHkOivQJNlEw
doK4QNEaY3qjgU/6MkGxvcHgEYu21fO7Jc55J52BK7p9K8BIgFf0uka1OKduSFmK
OOTlsWuuL1A6cRP3Wc6JLGuislnWbuCmPJvNL34JbccciozyYNTqlDZRBf6qPxV1
TB0DkkAG9vUWtzHNVcGOrVFkHOm330iltyUlVhXQXGFmib8hQE2PSMM/YzdvVZt5
Zh/by+qxK1+NJqZqbYxq++PsD4BmgcBk7wNnLaECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTpcdybiLSaXmtlEB8tAxzVHOdHUTAfBgNVHSMEGDAWgBTcBd9uQE75IOal
ko2JY+al+NYRIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNBWGZia0JPLVNEbXBaS05pV1BtcGZqV0VTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvMGMzODg2LWEzMmQtNDQzNS1hYjc0LWJjZTkzNDIwNWFlOC8x
LzZYSGNtNGkwbWw1clpSQWZMUU1jMVJ6blIxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
MGMzODg2LWEzMmQtNDQzNS1hYjc0LWJjZTkzNDIwNWFlOC8xLzNBWGZia0JPLVNE
bXBaS05pV1BtcGZqV0VTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoEgsAwDQYJKoZIhvcNAQELBQAD
ggEBAFx8DPV+u6Lba9IgvOr7G/aQd0we2ZodojZVio3bg8RXXTzoEDdnJLO6gmcY
Sb7gfLOIWK8jvUHLTqLEyKc4WHNnu2zu7hk44qQW/yCGiIpoO0eyqwJ2tiMFmSkT
Fsgwyr82kWMdW4CstVijNdDwroMQBeLnfR2xqqoITKBhcq+stgpcdyhSxWhhjtc2
vp578XUaiDnD1/JSfwg0TTpFeUl0nFgllLYdi8pIyKXT7lMYCNGo+ykia9exV0ij
9ktUhVgIdO05A+6CN1ULmnIKvcn/tuopAWrWVn+TsTCRe70Us/bLciz5XWPzWdi5
cYOl3rI/SDcqybbgB/qboZe/dtI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:29 2024 by rpki-client on console-fra.rpki-client.org