Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/a0MzjGQj-GwU6yD4mWHpYjpygeU.roa
File:                     a0MzjGQj-GwU6yD4mWHpYjpygeU.roa (raw, json)
Hash identifier:          alKBy0n5YgXhVacabTk/2B7SQOqAADvu8xzj5t3hBjI=
Subject key identifier:   6B:43:33:8C:64:23:F8:6C:14:EB:20:F8:99:61:E9:62:3A:72:81:E5
Certificate issuer:       /CN=9a2ae8d4b01687021b77b874f110c1b6dbfec651
Certificate serial:       487B6A
Authority key identifier: 9A:2A:E8:D4:B0:16:87:02:1B:77:B8:74:F1:10:C1:B6:DB:FE:C6:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miro1LAWhwIbd7h08RDBttv-xlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/a0MzjGQj-GwU6yD4mWHpYjpygeU.roa
Signing time:             Tue 10 May 2022 13:59:43 +0000
ROA not before:           Tue 10 May 2022 13:59:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20879
IP address blocks:        217.28.143.0/24 maxlen: 24
                          2a12:26c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4750186 (0x487b6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a2ae8d4b01687021b77b874f110c1b6dbfec651
        Validity
            Not Before: May 10 13:59:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b43338c6423f86c14eb20f89961e9623a7281e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:dd:34:a0:bd:3f:32:e2:bb:25:11:20:79:14:
                    e7:73:4b:58:6e:16:86:c8:b1:de:f5:5b:32:cc:c6:
                    7b:c0:ef:0f:16:cf:79:1b:3e:52:59:94:35:f2:26:
                    35:7c:9f:cf:04:85:7e:23:e6:ff:70:f8:f8:bc:1f:
                    4b:52:95:0b:3f:b9:36:62:a2:b3:99:90:e5:13:69:
                    3f:db:b6:98:11:35:00:2a:2d:00:50:8a:10:f2:8d:
                    0e:10:83:2b:27:5e:8b:db:d7:e8:d0:65:de:29:cb:
                    10:9f:69:a8:85:8f:6f:fd:b8:24:e9:2f:78:1a:0e:
                    61:97:92:ab:9f:8e:e4:87:f3:28:12:c2:45:30:ee:
                    1a:06:3e:14:39:b5:d7:a6:7b:7c:eb:04:15:72:bb:
                    36:03:75:51:ec:68:54:92:fa:03:7b:ec:d5:6b:2d:
                    f4:b7:2f:00:0d:10:23:ae:8b:5e:91:4a:c0:bf:fb:
                    6e:c6:26:fa:d5:92:39:78:5f:57:52:1c:c2:d9:6c:
                    b3:cb:dc:df:6b:69:fa:df:98:94:35:a4:96:34:32:
                    03:55:3e:55:00:58:7a:0c:ed:27:2b:e3:eb:ca:88:
                    da:ea:06:8b:c7:f2:3d:25:e0:08:ea:12:0a:25:dd:
                    91:89:51:19:92:39:47:62:74:48:9d:d6:8b:13:28:
                    74:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:43:33:8C:64:23:F8:6C:14:EB:20:F8:99:61:E9:62:3A:72:81:E5
            X509v3 Authority Key Identifier:
                keyid:9A:2A:E8:D4:B0:16:87:02:1B:77:B8:74:F1:10:C1:B6:DB:FE:C6:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miro1LAWhwIbd7h08RDBttv-xlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/a0MzjGQj-GwU6yD4mWHpYjpygeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/miro1LAWhwIbd7h08RDBttv-xlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.28.143.0/24
                IPv6:
                  2a12:26c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5c:af:98:1a:52:3d:e3:49:66:1a:c5:e8:13:25:aa:e1:3c:be:
         14:24:96:59:92:d8:36:d0:7c:4a:01:66:d0:13:b2:3a:24:e3:
         ca:4f:4c:0d:4e:fd:f2:6f:91:80:47:74:80:b5:14:d0:dd:9b:
         28:ad:24:45:c6:e0:e3:97:0f:30:b6:05:8f:93:50:e2:98:df:
         d9:58:e5:30:45:2b:8b:e0:ce:e4:f4:fd:89:f6:ba:e3:a5:35:
         be:be:58:f1:b6:1a:61:e2:28:3b:e5:e7:92:54:f9:7b:ba:79:
         4a:cb:41:92:c3:38:63:88:88:38:05:95:e4:b8:37:74:38:87:
         48:04:da:ee:ef:51:82:e7:89:78:04:0a:8e:1c:50:f5:93:dd:
         8d:af:94:35:9d:9a:0d:5b:85:4c:a9:7c:a5:3a:4c:1e:8f:e1:
         34:61:7a:d6:a1:8a:d1:06:5d:3b:48:12:46:31:41:0f:a5:16:
         03:78:4b:ab:a7:cd:36:67:dc:03:ae:6f:67:a7:a8:75:5b:3f:
         06:47:c6:ad:56:af:a7:61:c6:07:17:a7:18:99:b1:0e:ce:a2:
         d7:5e:96:93:f2:6a:29:51:cd:ba:ff:4a:bf:9a:b1:d2:36:6e:
         0f:f6:6d:c9:fc:90:84:ad:4d:b5:60:b6:4f:2b:5f:af:47:b9:
         b6:60:d8:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDSHtqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlh
MmFlOGQ0YjAxNjg3MDIxYjc3Yjg3NGYxMTBjMWI2ZGJmZWM2NTEwHhcNMjIwNTEw
MTM1OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YjQzMzM4YzY0MjNm
ODZjMTRlYjIwZjg5OTYxZTk2MjNhNzI4MWU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjd00oL0/MuK7JREgeRTnc0tYbhaGyLHe9VsyzMZ7wO8PFs95
Gz5SWZQ18iY1fJ/PBIV+I+b/cPj4vB9LUpULP7k2YqKzmZDlE2k/27aYETUAKi0A
UIoQ8o0OEIMrJ16L29fo0GXeKcsQn2mohY9v/bgk6S94Gg5hl5Krn47kh/MoEsJF
MO4aBj4UObXXpnt86wQVcrs2A3VR7GhUkvoDe+zVay30ty8ADRAjrotekUrAv/tu
xib61ZI5eF9XUhzC2Wyzy9zfa2n635iUNaSWNDIDVT5VAFh6DO0nK+Pryoja6gaL
x/I9JeAI6hIKJd2RiVEZkjlHYnRIndaLEyh0zQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFGtDM4xkI/hsFOsg+Jlh6WI6coHlMB8GA1UdIwQYMBaAFJoq6NSwFocCG3e4
dPEQwbbb/sZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bWlybzFMQVdod0liZDdoMDhSREJ0dHYteGxFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81MC9jNDhhMmQtMDk3ZC00OThiLWJjNjItYjUxM2EwYzJmMzUzLzEv
YTBNempHUWotR3dVNnlENG1XSHBZanB5Z2VVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9j
NDhhMmQtMDk3ZC00OThiLWJjNjItYjUxM2EwYzJmMzUzLzEvbWlybzFMQVdod0li
ZDdoMDhSREJ0dHYteGxFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyPMA0EAgACMAcDBQMqEibAMA0G
CSqGSIb3DQEBCwUAA4IBAQBcr5gaUj3jSWYaxegTJarhPL4UJJZZktg20HxKAWbQ
E7I6JOPKT0wNTv3yb5GAR3SAtRTQ3ZsorSRFxuDjlw8wtgWPk1DimN/ZWOUwRSuL
4M7k9P2J9rrjpTW+vljxthph4ig75eeSVPl7unlKy0GSwzhjiIg4BZXkuDd0OIdI
BNru71GC54l4BAqOHFD1k92Nr5Q1nZoNW4VMqXylOkwej+E0YXrWoYrRBl07SBJG
MUEPpRYDeEurp802Z9wDrm9np6h1Wz8GR8atVq+nYcYHF6cYmbEOzqLXXpaT8mop
Uc26/0q/mrHSNm4P9m3J/JCErU21YLZPK1+vR7m2YNgy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:45 2024 by rpki-client on console-ams.rpki-client.org