Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/bD9B4xxFqKOcRYQEXmHmLpO4Lrc.roa
File:                     bD9B4xxFqKOcRYQEXmHmLpO4Lrc.roa (raw, json)
Hash identifier:          REdQHVGnaRitI7WG+5datOkkLjV3F1AL4Q11+Y664eE=
Subject key identifier:   6C:3F:41:E3:1C:45:A8:A3:9C:45:84:04:5E:61:E6:2E:93:B8:2E:B7
Certificate issuer:       /CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
Certificate serial:       01113985
Authority key identifier: 2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/bD9B4xxFqKOcRYQEXmHmLpO4Lrc.roa
Signing time:             Thu 23 Jun 2022 12:43:57 +0000
ROA not before:           Thu 23 Jun 2022 12:43:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209626
IP address blocks:        89.106.200.0/24 maxlen: 24
                          2a12:5240::/48 maxlen: 48
                          2a12:5240::/47 maxlen: 47
                          2a12:5240:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17906053 (0x1113985)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01
        Validity
            Not Before: Jun 23 12:43:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c3f41e31c45a8a39c4584045e61e62e93b82eb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:31:ac:d7:e8:1c:e6:f5:7c:6e:3b:ea:76:d3:
                    ce:9a:0d:39:2f:bc:9d:c8:ff:bd:0c:31:b2:f5:56:
                    bb:b2:a2:32:84:1e:b9:5d:f0:47:26:48:da:31:89:
                    29:b4:ee:27:93:a5:73:10:51:06:2f:85:3d:c1:d2:
                    b5:19:2a:4c:ba:a1:50:c4:87:3e:0f:b1:67:7c:ab:
                    58:b8:fd:22:a0:ce:9e:f8:17:79:4c:9f:da:b2:13:
                    7b:ea:ee:47:0c:a4:b7:9b:c9:1a:46:ac:8e:f1:d7:
                    e6:91:ec:ed:bc:87:a0:72:0c:bb:7b:02:76:c4:30:
                    30:57:fa:65:a6:5d:b7:f8:74:f0:0f:5c:3e:5f:ef:
                    0a:a6:f8:92:73:f3:07:fb:77:14:ea:da:d5:32:29:
                    09:56:eb:18:5a:dc:b9:2e:e2:dd:1e:e4:09:eb:5d:
                    5e:7b:07:9e:7c:d0:e9:3e:d0:d1:04:bb:2e:e8:47:
                    bf:d7:23:0e:79:28:96:f2:c2:95:b5:47:4c:d1:78:
                    72:1b:2a:9f:a2:b4:bd:79:ba:b7:c9:11:b4:8e:3c:
                    16:67:96:b3:43:ef:d6:a5:68:6a:c6:fa:da:1d:28:
                    0c:7b:5b:64:f8:a3:2b:c6:0f:6b:ee:9b:75:c6:b3:
                    3c:29:1c:96:d5:e5:e9:6a:2b:06:7a:d9:31:1b:b8:
                    12:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:3F:41:E3:1C:45:A8:A3:9C:45:84:04:5E:61:E6:2E:93:B8:2E:B7
            X509v3 Authority Key Identifier:
                keyid:2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/bD9B4xxFqKOcRYQEXmHmLpO4Lrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.106.200.0/24
                IPv6:
                  2a12:5240::/47

    Signature Algorithm: sha256WithRSAEncryption
         55:d5:fc:cb:6d:72:57:06:f2:bc:2e:99:ed:6d:3f:cd:01:7e:
         10:e1:b4:76:43:69:b4:2d:a9:62:d9:2a:5a:c4:5b:99:97:bc:
         b1:99:8c:93:fe:99:d3:45:95:87:fc:3f:8f:3b:20:ff:dc:63:
         bc:32:92:e1:93:b1:2d:9a:ec:54:b2:02:fc:b9:6d:40:6e:d1:
         12:5b:80:80:fd:37:cf:92:d0:ff:70:81:da:1c:64:3b:af:9c:
         aa:3f:fb:ad:12:90:9c:9e:11:f1:65:34:fe:3a:45:ac:d9:ac:
         5c:a8:e9:15:ab:aa:e0:5b:9a:a3:84:11:01:89:e6:f1:9e:7e:
         6d:da:5f:e9:de:eb:4b:4b:58:db:bd:80:84:21:e7:86:74:4f:
         8c:ef:35:d3:78:20:73:79:b4:61:09:03:1a:57:37:a0:40:39:
         de:2c:93:83:5b:1a:04:eb:c5:f5:ac:5c:4e:a3:9e:11:90:49:
         a9:b5:86:4d:26:79:0d:db:9c:71:6a:90:3a:ff:b4:ac:bd:6b:
         3e:2c:eb:4c:8f:a1:8c:5d:69:92:ce:ba:50:bb:1a:83:99:73:
         e0:ee:37:57:d2:3e:82:05:22:f9:14:27:01:37:c1:93:61:8f:
         1d:ba:eb:30:ed:d3:01:14:de:a0:0c:bd:41:3b:9f:7e:60:25:
         53:ec:3b:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEARE5hTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2M1NzQ5OTU0NmM0ZWZkNzMwZmY4NzFkZjNiZDFhZmJmM2I5ZjAxMB4XDTIyMDYy
MzEyNDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMzZjQxZTMxYzQ1
YThhMzljNDU4NDA0NWU2MWU2MmU5M2I4MmViNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIxrNfoHOb1fG476nbTzpoNOS+8ncj/vQwxsvVWu7KiMoQe
uV3wRyZI2jGJKbTuJ5OlcxBRBi+FPcHStRkqTLqhUMSHPg+xZ3yrWLj9IqDOnvgX
eUyf2rITe+ruRwykt5vJGkasjvHX5pHs7byHoHIMu3sCdsQwMFf6ZaZdt/h08A9c
Pl/vCqb4knPzB/t3FOra1TIpCVbrGFrcuS7i3R7kCetdXnsHnnzQ6T7Q0QS7LuhH
v9cjDnkolvLClbVHTNF4chsqn6K0vXm6t8kRtI48FmeWs0Pv1qVoasb62h0oDHtb
ZPijK8YPa+6bdcazPCkcltXl6WorBnrZMRu4EsUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRsP0HjHEWoo5xFhAReYeYuk7gutzAfBgNVHSMEGDAWgBQsxXSZVGxO/XMP
+HHfO9GvvzufATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xNVjBtVlJzVHYxekRfaHgzenZScjc4N253RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvYjViYTI5LWIyOWYtNDA2NS05OGZiLWI1MjliMGNmNTQxMS8x
L2JEOUI0eHhGcUtPY1JZUUVYbUhtTHBPNExyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
YjViYTI5LWIyOWYtNDA2NS05OGZiLWI1MjliMGNmNTQxMS8xL0xNVjBtVlJzVHYx
ekRfaHgzenZScjc4N253RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFlqyDAPBAIAAjAJAwcBKhJSQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBV1fzLbXJXBvK8LpntbT/NAX4Q4bR2Q2m0Lali
2SpaxFuZl7yxmYyT/pnTRZWH/D+POyD/3GO8MpLhk7EtmuxUsgL8uW1AbtESW4CA
/TfPktD/cIHaHGQ7r5yqP/utEpCcnhHxZTT+OkWs2axcqOkVq6rgW5qjhBEBiebx
nn5t2l/p3utLS1jbvYCEIeeGdE+M7zXTeCBzebRhCQMaVzegQDneLJODWxoE68X1
rFxOo54RkEmptYZNJnkN25xxapA6/7SsvWs+LOtMj6GMXWmSzrpQuxqDmXPg7jdX
0j6CBSL5FCcBN8GTYY8duusw7dMBFN6gDL1BO59+YCVT7DvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:33 2024 by rpki-client on console-ams.rpki-client.org