Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/d0Vfs30-Td6AkU8z4asQg4z-FvU.roa
File:                     d0Vfs30-Td6AkU8z4asQg4z-FvU.roa (raw, json)
Hash identifier:          j7F1WxSGfbmF+jInCQp4nugNGSqNsOvZSYUFEh7Ta9g=
Subject key identifier:   77:45:5F:B3:7D:3E:4D:DE:80:91:4F:33:E1:AB:10:83:8C:FE:16:F5
Certificate issuer:       /CN=67ce179cbe13ddb14012985a067100ef98a55601
Certificate serial:       0184994E4D4F007DB5E9C34B2EE54D8457B6
Authority key identifier: 67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/d0Vfs30-Td6AkU8z4asQg4z-FvU.roa
Signing time:             Mon 21 Nov 2022 08:29:16 +0000
ROA not before:           Mon 21 Nov 2022 08:29:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51345
IP address blocks:        2a13:1c40::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:4e:4d:4f:00:7d:b5:e9:c3:4b:2e:e5:4d:84:57:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67ce179cbe13ddb14012985a067100ef98a55601
        Validity
            Not Before: Nov 21 08:29:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77455fb37d3e4dde80914f33e1ab10838cfe16f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:01:22:e6:7a:ac:5c:63:e9:71:55:79:66:99:
                    8d:be:0d:2d:8f:7c:f0:36:42:39:22:07:49:59:e6:
                    04:df:d2:89:a7:f1:80:2f:ed:20:b9:bd:81:19:24:
                    51:d0:15:27:8c:03:7f:30:da:79:59:fb:ee:b8:33:
                    14:a4:21:6e:7a:28:03:42:68:21:6a:6a:3c:db:f9:
                    22:7e:b0:98:e7:2f:6c:9c:e7:40:48:5b:52:77:65:
                    e0:99:99:a7:8b:44:a8:ae:99:f3:28:3c:ec:06:7f:
                    c0:70:d2:85:b3:90:c9:cf:b1:52:8d:1f:62:45:bb:
                    d9:82:7c:1e:b3:ad:d7:5d:c2:2f:a1:56:25:c7:95:
                    2e:12:22:ab:1a:01:6b:57:63:7a:8c:03:f8:07:9e:
                    b2:80:d9:98:7f:8f:6d:f0:b4:2d:5f:7e:22:8b:81:
                    34:60:96:29:25:38:38:12:ee:27:1f:68:70:ef:1f:
                    42:d4:f4:b4:49:eb:19:cc:b1:e8:02:2e:6f:53:17:
                    7f:07:60:54:92:1d:49:8c:a4:0b:12:32:9f:5d:c4:
                    e1:04:ec:6f:33:ee:f0:78:2f:31:f6:16:99:2d:2b:
                    9a:c0:5d:b7:6c:d2:34:ff:f2:2d:a2:62:ab:e2:3b:
                    00:c5:50:81:48:cf:d9:c6:53:c2:00:9d:50:c4:dc:
                    d9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:45:5F:B3:7D:3E:4D:DE:80:91:4F:33:E1:AB:10:83:8C:FE:16:F5
            X509v3 Authority Key Identifier:
                keyid:67:CE:17:9C:BE:13:DD:B1:40:12:98:5A:06:71:00:EF:98:A5:56:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z84XnL4T3bFAEphaBnEA75ilVgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/d0Vfs30-Td6AkU8z4asQg4z-FvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5d7192-a719-4cd7-994a-62c01dc69cca/1/Z84XnL4T3bFAEphaBnEA75ilVgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:1c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         bc:e0:8a:7c:90:21:4e:24:6b:f9:a7:19:6a:ce:d9:07:ae:2f:
         dd:ce:73:06:ee:ad:f6:b3:ef:d2:3f:18:fb:6e:39:d6:92:20:
         d8:9e:5a:0b:f1:3a:71:3c:3c:90:49:f4:08:a8:8a:65:07:cb:
         f1:47:27:d3:70:d5:f7:54:ba:e8:86:34:a7:12:ac:a0:29:4a:
         d3:ea:d4:69:aa:e9:47:c1:a1:f9:57:0b:fd:e8:36:1b:a6:98:
         58:67:9c:b1:75:ad:b7:5a:98:92:45:86:ec:1d:69:d9:ad:93:
         31:3e:b5:79:fc:af:ab:bd:97:7a:fc:12:d9:b0:8b:0d:1e:3d:
         a6:8b:dc:c6:01:24:b1:27:d1:01:6c:8b:9f:be:cf:bd:9c:cd:
         a3:24:a4:8f:5a:9e:28:f7:b8:a9:f4:41:b4:e9:2a:59:8b:a0:
         f7:63:6d:50:7d:a9:4b:91:10:a2:c4:b8:6a:50:26:6e:bb:d9:
         fd:8d:69:4a:0c:f7:24:6a:f6:cb:98:ce:9c:a2:d0:93:a3:3e:
         75:ac:90:80:f2:08:31:c1:de:de:61:82:97:97:56:2d:f9:94:
         c1:ef:4b:87:a9:35:09:8d:e1:09:0e:d6:fe:ca:69:fb:c9:6c:
         c1:bd:9b:ec:24:51:90:07:73:48:08:8b:cd:1c:b4:4e:f5:c7:
         00:2e:2d:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSZTk1PAH216cNLLuVNhFe2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2UxNzljYmUxM2RkYjE0MDEyOTg1YTA2NzEwMGVmOThh
NTU2MDEwHhcNMjIxMTIxMDgyOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ1NWZiMzdkM2U0ZGRlODA5MTRmMzNlMWFiMTA4MzhjZmUxNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwEi5nqsXGPpcVV5ZpmNvg0tj3zw
NkI5IgdJWeYE39KJp/GAL+0gub2BGSRR0BUnjAN/MNp5WfvuuDMUpCFueigDQmgh
amo82/kifrCY5y9snOdASFtSd2XgmZmni0SorpnzKDzsBn/AcNKFs5DJz7FSjR9i
RbvZgnwes63XXcIvoVYlx5UuEiKrGgFrV2N6jAP4B56ygNmYf49t8LQtX34ii4E0
YJYpJTg4Eu4nH2hw7x9C1PS0SesZzLHoAi5vUxd/B2BUkh1JjKQLEjKfXcThBOxv
M+7weC8x9haZLSuawF23bNI0//ItomKr4jsAxVCBSM/ZxlPCAJ1QxNzZGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHdFX7N9Pk3egJFPM+GrEIOM/hb1MB8GA1UdIwQY
MBaAFGfOF5y+E92xQBKYWgZxAO+YpVYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEt
NjJjMDFkYzY5Y2NhLzEvZDBWZnMzMC1UZDZBa1U4ejRhc1FnNHotRnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81ZDcxOTItYTcxOS00Y2Q3LTk5NGEtNjJjMDFkYzY5Y2Nh
LzEvWjg0WG5MNFQzYkZBRXBoYUJuRUE3NWlsVmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMcQDAN
BgkqhkiG9w0BAQsFAAOCAQEAvOCKfJAhTiRr+acZas7ZB64v3c5zBu6t9rPv0j8Y
+2451pIg2J5aC/E6cTw8kEn0CKiKZQfL8Ucn03DV91S66IY0pxKsoClK0+rUaarp
R8Gh+VcL/eg2G6aYWGecsXWtt1qYkkWG7B1p2a2TMT61efyvq72XevwS2bCLDR49
povcxgEksSfRAWyLn77PvZzNoySkj1qeKPe4qfRBtOkqWYug92NtUH2pS5EQosS4
alAmbrvZ/Y1pSgz3JGr2y5jOnKLQk6M+dayQgPIIMcHe3mGCl5dWLfmUwe9Lh6k1
CY3hCQ7W/spp+8lswb2b7CRRkAdzSAiLzRy0TvXHAC4tcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:09 2024 by rpki-client on console-ams.rpki-client.org