Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/R0s-8WglUNSPp7Nz-fi7zYZprvc.roa
File:                     R0s-8WglUNSPp7Nz-fi7zYZprvc.roa (raw, json)
Hash identifier:          3r2AXRUwoqvg4OKgnnoP7yzEu1ebbh5R4y+Ce8pQSvc=
Subject key identifier:   47:4B:3E:F1:68:25:50:D4:8F:A7:B3:73:F9:F8:BB:CD:86:69:AE:F7
Certificate issuer:       /CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
Certificate serial:       0AC65378
Authority key identifier: 76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/R0s-8WglUNSPp7Nz-fi7zYZprvc.roa
Signing time:             Sat 01 Jan 2022 09:02:28 +0000
ROA not before:           Sat 01 Jan 2022 09:02:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207388
IP address blocks:        2a02:f5c0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180769656 (0xac65378)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7632c90ef19d2bd6f668a4826e2d0d15635e947d
        Validity
            Not Before: Jan  1 09:02:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=474b3ef1682550d48fa7b373f9f8bbcd8669aef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:bb:af:36:62:97:96:65:02:73:ba:e9:ed:65:
                    b0:98:c1:8f:37:1a:23:9d:70:8a:3a:68:36:0f:a6:
                    4f:ac:02:db:1c:50:b8:af:2f:9c:71:fb:1b:b5:0c:
                    58:eb:32:40:18:76:ae:9c:6f:3d:be:8f:2f:a6:2b:
                    d2:e9:dd:7d:55:24:df:08:96:b5:20:c0:eb:35:91:
                    95:f8:a7:e5:8f:b8:fd:d6:39:d3:a0:77:ee:87:09:
                    db:84:c3:b9:6e:81:b8:0c:82:cb:63:32:7f:69:e9:
                    6e:5b:93:0a:8e:38:d2:21:ff:1d:d2:ff:13:2b:56:
                    14:50:36:c1:23:af:f5:97:06:cd:b3:1d:4c:f3:2d:
                    2c:7d:15:12:d0:aa:e0:30:a3:be:30:78:a5:d4:6c:
                    47:68:c4:3f:35:29:a0:9f:84:44:73:04:f9:dd:dd:
                    c5:7c:e7:c4:f6:09:7a:fc:9a:57:95:9c:dd:4d:2d:
                    21:e0:2b:67:19:b2:8d:08:26:e0:50:34:ee:92:86:
                    9c:07:3d:10:14:c3:92:6e:f8:60:2e:27:6f:3b:fe:
                    10:40:2c:38:6a:d9:4d:16:4c:6e:f3:82:a4:67:c8:
                    96:8c:8d:5a:80:79:41:f7:80:b6:f7:0a:f6:08:99:
                    59:c0:e3:9b:8d:fe:85:22:ec:bf:2d:93:fb:ec:5c:
                    4c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:4B:3E:F1:68:25:50:D4:8F:A7:B3:73:F9:F8:BB:CD:86:69:AE:F7
            X509v3 Authority Key Identifier:
                keyid:76:32:C9:0E:F1:9D:2B:D6:F6:68:A4:82:6E:2D:0D:15:63:5E:94:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/djLJDvGdK9b2aKSCbi0NFWNelH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/R0s-8WglUNSPp7Nz-fi7zYZprvc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/9844cd-24f8-4e52-b42b-c7bf021ee664/1/djLJDvGdK9b2aKSCbi0NFWNelH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:f5c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:4b:ff:b4:4c:9d:f4:90:49:5d:a0:40:e5:48:1c:db:f7:e3:
         38:0c:c8:48:a5:52:7d:d3:e0:0d:16:2c:d6:20:3d:e1:2d:4b:
         31:26:b8:3b:10:ac:73:f1:e0:6e:96:81:46:17:4e:be:b4:40:
         73:37:bc:a1:37:72:9d:7d:6b:88:91:38:63:2c:b4:7d:33:00:
         1b:fb:d4:67:c1:d7:8a:0d:1d:0f:d4:38:63:1f:ea:fc:c5:57:
         d3:e6:ee:6f:5a:ef:46:a2:49:64:f7:c1:00:6d:5f:62:a5:f8:
         42:5d:9e:a3:f4:91:07:81:a6:fc:cc:6b:bd:a9:38:6f:63:2f:
         41:5e:b8:27:af:9b:52:d7:93:1e:4f:31:22:c3:bb:24:49:5e:
         4c:26:27:77:ba:ff:9a:7b:0a:be:0c:80:e3:7d:6e:4e:7d:e2:
         e5:85:d5:32:b5:d0:b2:04:14:d1:7d:d0:b5:60:29:9b:24:d4:
         b7:b3:74:8d:f5:f3:43:70:97:c1:25:b7:81:f0:66:29:a8:9a:
         90:f4:5a:9e:39:70:a0:46:8f:86:1b:b1:b3:7a:31:65:17:f6:
         91:8a:63:fa:6b:a7:15:95:ab:62:63:78:d7:5b:32:19:7d:48:
         d1:18:89:2f:b8:d9:b9:d5:c3:19:99:cb:86:14:d8:d9:47:95:
         c5:94:05:a0
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECsZTeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjMyYzkwZWYxOWQyYmQ2ZjY2OGE0ODI2ZTJkMGQxNTYzNWU5NDdkMB4XDTIyMDEw
MTA5MDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc0YjNlZjE2ODI1
NTBkNDhmYTdiMzczZjlmOGJiY2Q4NjY5YWVmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANS7rzZil5ZlAnO66e1lsJjBjzcaI51wijpoNg+mT6wC2xxQ
uK8vnHH7G7UMWOsyQBh2rpxvPb6PL6Yr0undfVUk3wiWtSDA6zWRlfin5Y+4/dY5
06B37ocJ24TDuW6BuAyCy2Myf2npbluTCo440iH/HdL/EytWFFA2wSOv9ZcGzbMd
TPMtLH0VEtCq4DCjvjB4pdRsR2jEPzUpoJ+ERHME+d3dxXznxPYJevyaV5Wc3U0t
IeArZxmyjQgm4FA07pKGnAc9EBTDkm74YC4nbzv+EEAsOGrZTRZMbvOCpGfIloyN
WoB5QfeAtvcK9giZWcDjm43+hSLsvy2T++xcTN0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRHSz7xaCVQ1I+ns3P5+LvNhmmu9zAfBgNVHSMEGDAWgBR2MskO8Z0r1vZo
pIJuLQ0VY16UfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RqTEpEdkdkSzliMmFLU0NiaTBORldOZWxIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvOTg0NGNkLTI0ZjgtNGU1Mi1iNDJiLWM3YmYwMjFlZTY2NC8x
L1Iwcy04V2dsVU5TUHA3TnotZmk3ellacHJ2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
OTg0NGNkLTI0ZjgtNGU1Mi1iNDJiLWM3YmYwMjFlZTY2NC8xL2RqTEpEdkdkSzli
MmFLU0NiaTBORldOZWxIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoC9cAwDQYJKoZIhvcNAQELBQAD
ggEBAIZL/7RMnfSQSV2gQOVIHNv34zgMyEilUn3T4A0WLNYgPeEtSzEmuDsQrHPx
4G6WgUYXTr60QHM3vKE3cp19a4iROGMstH0zABv71GfB14oNHQ/UOGMf6vzFV9Pm
7m9a70aiSWT3wQBtX2Kl+EJdnqP0kQeBpvzMa72pOG9jL0FeuCevm1LXkx5PMSLD
uyRJXkwmJ3e6/5p7Cr4MgON9bk594uWF1TK10LIEFNF90LVgKZsk1LezdI3180Nw
l8Elt4HwZimompD0Wp45cKBGj4YbsbN6MWUX9pGKY/prpxWVq2JjeNdbMhl9SNEY
iS+42bnVwxmZy4YU2NlHlcWUBaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:38 2024 by rpki-client on console-fra.rpki-client.org