Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/SWN6b_-w36OoomCgm32Zfb4hLPg.roa
File:                     SWN6b_-w36OoomCgm32Zfb4hLPg.roa (raw, json)
Hash identifier:          2aumnJOesw/iMJxfnSB01wLCkOZLPvxY2iHZDul+UqY=
Subject key identifier:   49:63:7A:6F:FF:B0:DF:A3:A8:A2:60:A0:9B:7D:99:7D:BE:21:2C:F8
Certificate issuer:       /CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Certificate serial:       0BF3F874
Authority key identifier: EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/SWN6b_-w36OoomCgm32Zfb4hLPg.roa
Signing time:             Mon 20 Jun 2022 15:36:45 +0000
ROA not before:           Mon 20 Jun 2022 15:36:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204677
IP address blocks:        2a13:2200::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 200538228 (0xbf3f874)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
        Validity
            Not Before: Jun 20 15:36:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=49637a6fffb0dfa3a8a260a09b7d997dbe212cf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:5b:5b:26:5e:d6:a0:03:3d:96:96:03:5c:1d:
                    1a:6c:47:d8:18:78:3c:00:af:ad:cd:2f:79:39:dd:
                    79:4b:7a:71:87:b7:0c:32:35:c9:4d:3c:26:6f:09:
                    c8:32:b6:d8:47:1b:c1:cd:e4:78:bb:8a:fe:ed:41:
                    22:de:7f:a9:cb:c3:4f:af:46:e8:d3:cd:ef:c6:2b:
                    b5:cc:5f:60:ad:66:50:85:99:a8:cb:d0:d1:20:e7:
                    03:21:29:f9:49:be:c2:d3:f1:ac:48:13:dc:9a:38:
                    c0:53:e0:a1:cf:d0:25:d5:44:f4:ff:7b:89:c2:13:
                    f9:f6:7e:de:d3:a6:da:c9:9e:fd:89:b6:c2:23:ad:
                    36:5e:74:1b:a3:61:dd:d0:ff:f9:f9:2e:0b:bf:a2:
                    62:83:3b:bc:4c:1d:0a:a0:6b:b9:b3:d2:e9:ab:87:
                    1c:db:99:ea:65:e2:6c:91:d5:84:e1:09:5e:61:88:
                    c0:24:63:01:d1:9d:f4:f5:d8:43:69:89:1b:e6:e9:
                    8c:60:5c:86:47:60:97:8a:6e:44:68:d7:9b:51:fd:
                    da:ab:e9:cb:d9:41:96:8b:5a:70:b0:a1:a5:16:27:
                    a8:dd:c4:91:8d:c9:f9:46:3b:12:c8:db:3f:8e:ee:
                    05:96:68:33:3b:56:a8:88:02:09:42:19:a5:e6:06:
                    92:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:63:7A:6F:FF:B0:DF:A3:A8:A2:60:A0:9B:7D:99:7D:BE:21:2C:F8
            X509v3 Authority Key Identifier:
                keyid:EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/SWN6b_-w36OoomCgm32Zfb4hLPg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:2200::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:6a:06:e1:03:c8:c3:f6:4d:dd:b7:7b:39:f1:f2:39:e8:70:
         86:68:df:b9:9b:08:cc:43:20:45:3e:7d:c7:2e:76:a2:fd:25:
         e7:8f:25:bc:3c:e9:18:1b:86:9d:18:b2:46:27:48:99:0e:38:
         6c:eb:69:8a:07:7f:1b:34:67:f1:44:20:6e:46:b5:17:07:67:
         bb:ff:64:a1:e6:eb:68:71:35:3b:b8:b9:41:db:5a:66:72:9c:
         d1:b1:d1:65:38:6d:84:8f:77:8a:db:b8:49:3f:2c:a5:c5:49:
         5a:ca:57:a2:28:bc:bc:c1:a2:cd:31:5d:c4:33:fe:15:b6:52:
         04:ef:75:25:d0:60:85:f8:99:56:99:57:d1:cd:43:01:91:1d:
         1a:09:6b:6a:b7:98:e5:d0:06:b1:d9:cf:5c:d7:68:db:7d:d7:
         c5:1d:59:13:a2:bb:55:77:3a:df:3c:e0:be:dd:40:84:c7:94:
         b8:37:f8:b2:24:fd:df:9f:0f:a5:4d:23:1a:67:55:8a:bc:6d:
         30:d4:c5:81:ca:a7:92:29:1a:d5:49:43:88:61:7b:8e:5d:46:
         d3:df:b1:fc:23:8c:5f:4e:3a:4a:b3:96:f1:cf:3b:02:57:fd:
         a5:a7:f3:34:12:08:27:25:02:98:2f:46:c4:f6:29:2c:93:bb:
         53:75:70:99
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEC/P4dDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTJkMTAyYjYxMTJiMGQ5YThiOGVlYmFjNGI5N2M4MTlmOTdjNjA2MB4XDTIyMDYy
MDE1MzY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk2MzdhNmZmZmIw
ZGZhM2E4YTI2MGEwOWI3ZDk5N2RiZTIxMmNmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1bWyZe1qADPZaWA1wdGmxH2Bh4PACvrc0veTndeUt6cYe3
DDI1yU08Jm8JyDK22Ecbwc3keLuK/u1BIt5/qcvDT69G6NPN78YrtcxfYK1mUIWZ
qMvQ0SDnAyEp+Um+wtPxrEgT3Jo4wFPgoc/QJdVE9P97icIT+fZ+3tOm2sme/Ym2
wiOtNl50G6Nh3dD/+fkuC7+iYoM7vEwdCqBrubPS6auHHNuZ6mXibJHVhOEJXmGI
wCRjAdGd9PXYQ2mJG+bpjGBchkdgl4puRGjXm1H92qvpy9lBlotacLChpRYnqN3E
kY3J+UY7EsjbP47uBZZoMztWqIgCCUIZpeYGku0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRJY3pv/7Dfo6iiYKCbfZl9viEs+DAfBgNVHSMEGDAWgBTqLRArYRKw2ai4
7rrEuXyBn5fGBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZpMFFLMkVTc05tb3VPNjZ4TGw4Z1otWHhnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNGNkZWZhLTVlZTItNDcxOS1hN2UxLWI4MjljYzQwMTAzMS8x
L1NXTjZiXy13MzZPb29tQ2dtMzJaZmI0aExQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NGNkZWZhLTVlZTItNDcxOS1hN2UxLWI4MjljYzQwMTAzMS8xLzZpMFFLMkVTc05t
b3VPNjZ4TGw4Z1otWHhnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoTIgAwDQYJKoZIhvcNAQELBQAD
ggEBAFNqBuEDyMP2Td23eznx8jnocIZo37mbCMxDIEU+fccudqL9JeePJbw86Rgb
hp0YskYnSJkOOGzraYoHfxs0Z/FEIG5GtRcHZ7v/ZKHm62hxNTu4uUHbWmZynNGx
0WU4bYSPd4rbuEk/LKXFSVrKV6IovLzBos0xXcQz/hW2UgTvdSXQYIX4mVaZV9HN
QwGRHRoJa2q3mOXQBrHZz1zXaNt918UdWROiu1V3Ot884L7dQITHlLg3+LIk/d+f
D6VNIxpnVYq8bTDUxYHKp5IpGtVJQ4hhe45dRtPfsfwjjF9OOkqzlvHPOwJX/aWn
8zQSCCclApgvRsT2KSyTu1N1cJk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org