Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Yg-PJXHsLDFdSvSmM9sVT48OavY.roa
File:                     Yg-PJXHsLDFdSvSmM9sVT48OavY.roa (raw, json)
Hash identifier:          dKXwIJTEHloC2EDN7U91X92nMzJqh8LbCO/j1exYfhY=
Subject key identifier:   62:0F:8F:25:71:EC:2C:31:5D:4A:F4:A6:33:DB:15:4F:8F:0E:6A:F6
Certificate issuer:       /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial:       0184D2B5CEA772AE330D6320EE2F547A612E
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Yg-PJXHsLDFdSvSmM9sVT48OavY.roa
Signing time:             Fri 02 Dec 2022 12:00:40 +0000
ROA not before:           Fri 02 Dec 2022 12:00:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201566
IP address blocks:        2a0e:a6c7:1000::/38 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:d2:b5:ce:a7:72:ae:33:0d:63:20:ee:2f:54:7a:61:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
        Validity
            Not Before: Dec  2 12:00:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=620f8f2571ec2c315d4af4a633db154f8f0e6af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e4:08:01:b1:c9:75:72:c9:c1:74:6f:21:6b:
                    59:1e:b1:ef:13:94:ea:ee:ca:6a:e8:59:28:74:5f:
                    f1:95:7e:6f:a1:2c:24:d5:e6:ee:00:df:ca:e9:64:
                    b3:83:63:6b:84:36:9d:2f:c2:1f:c6:3d:61:c7:5c:
                    e9:67:ae:b7:ac:ba:2f:7d:8f:fa:50:89:e6:48:6c:
                    58:10:16:69:71:2d:26:3a:82:23:25:cb:72:c6:f7:
                    5b:ce:f1:c1:d4:58:72:b9:12:ca:c8:b1:74:2a:f4:
                    c8:9e:61:e5:75:b7:2a:15:fb:77:43:e0:83:62:1d:
                    60:65:13:37:db:90:a5:65:9d:d1:96:78:0a:dd:94:
                    31:24:43:76:4b:67:a3:e7:90:2b:5a:29:df:7b:9c:
                    2e:53:0c:19:fa:38:26:d5:3c:b3:1c:75:50:66:74:
                    be:71:1e:d7:ac:40:30:2e:2d:e9:6f:4b:8f:57:00:
                    c6:70:3b:ee:28:b9:9e:aa:d2:fe:74:a4:55:97:47:
                    3f:f0:de:92:7e:d9:3e:0d:81:a1:22:57:32:29:1c:
                    af:ba:49:f5:60:98:7f:65:2b:a1:01:94:60:8e:5a:
                    ef:4a:b2:47:6a:b1:89:35:bd:5b:fa:5a:6e:0b:95:
                    00:94:15:5f:05:33:a1:32:3c:f0:3f:5a:0e:82:c6:
                    cd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:0F:8F:25:71:EC:2C:31:5D:4A:F4:A6:33:DB:15:4F:8F:0E:6A:F6
            X509v3 Authority Key Identifier:
                keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Yg-PJXHsLDFdSvSmM9sVT48OavY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:a6c7:1000::/38

    Signature Algorithm: sha256WithRSAEncryption
         3f:f8:b8:29:a9:59:2f:b0:a7:d9:85:ab:74:7c:5c:fa:12:71:
         b1:66:8a:ea:03:16:e6:8e:39:bc:fe:eb:fd:cd:27:08:f7:99:
         02:78:80:a5:84:55:00:63:4a:6a:bb:4f:db:e7:8a:01:4c:25:
         39:6c:14:a4:6d:5c:b9:8e:5e:1a:8c:58:f7:e9:18:7f:37:73:
         e2:77:68:1b:69:75:ab:28:f2:fb:55:05:6d:c0:ef:9e:cb:93:
         d3:55:6c:9d:8f:d1:d0:e2:98:07:f8:a4:05:f1:25:ca:7a:16:
         f6:5d:20:40:9c:23:f0:5b:7b:1e:e8:92:ef:91:42:3b:0e:ef:
         b5:e4:64:a5:12:f8:4f:f6:95:c3:8f:85:9e:25:c8:26:ec:1a:
         1f:d7:ec:9e:df:a1:9e:bb:36:ec:1c:ad:56:d3:40:fe:5f:c0:
         37:a2:ca:03:fa:78:e2:f3:c2:22:2d:a3:3e:42:6d:9a:4d:e0:
         e0:41:0f:92:64:5f:27:8f:6b:62:05:67:d2:2c:78:ae:ca:30:
         0f:42:a2:f0:5a:e4:67:42:09:ec:23:90:11:7b:42:6f:72:5c:
         94:d0:2d:d9:99:81:df:ca:7a:86:42:c5:2b:0b:99:42:e0:d7:
         70:a9:89:90:c4:3d:ff:8f:5b:6e:76:3d:3e:c3:27:f1:4b:04:
         d8:a3:01:61
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYTStc6ncq4zDWMg7i9UemEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIxMjAyMTIwMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBmOGYyNTcxZWMyYzMxNWQ0YWY0YTYzM2RiMTU0ZjhmMGU2YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+QIAbHJdXLJwXRvIWtZHrHvE5Tq
7spq6FkodF/xlX5voSwk1ebuAN/K6WSzg2NrhDadL8Ifxj1hx1zpZ663rLovfY/6
UInmSGxYEBZpcS0mOoIjJctyxvdbzvHB1FhyuRLKyLF0KvTInmHldbcqFft3Q+CD
Yh1gZRM325ClZZ3RlngK3ZQxJEN2S2ej55ArWinfe5wuUwwZ+jgm1TyzHHVQZnS+
cR7XrEAwLi3pb0uPVwDGcDvuKLmeqtL+dKRVl0c/8N6Sftk+DYGhIlcyKRyvukn1
YJh/ZSuhAZRgjlrvSrJHarGJNb1b+lpuC5UAlBVfBTOhMjzwP1oOgsbNJwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGIPjyVx7CwxXUr0pjPbFU+PDmr2MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvWWctUEpYSHNMREZkU3ZTbU05c1ZUNDhPYXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKg6mxxAw
DQYJKoZIhvcNAQELBQADggEBAD/4uCmpWS+wp9mFq3R8XPoScbFmiuoDFuaOObz+
6/3NJwj3mQJ4gKWEVQBjSmq7T9vnigFMJTlsFKRtXLmOXhqMWPfpGH83c+J3aBtp
daso8vtVBW3A757Lk9NVbJ2P0dDimAf4pAXxJcp6FvZdIECcI/Bbex7oku+RQjsO
77XkZKUS+E/2lcOPhZ4lyCbsGh/X7J7foZ67NuwcrVbTQP5fwDeiygP6eOLzwiIt
oz5CbZpN4OBBD5JkXyePa2IFZ9IseK7KMA9CovBa5GdCCewjkBF7Qm9yXJTQLdmZ
gd/KeoZCxSsLmULg13CpiZDEPf+PW252PT7DJ/FLBNijAWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org