Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SktrcVp4k6rJ-6DYJ9NastgGJ2U.roa
File:                     SktrcVp4k6rJ-6DYJ9NastgGJ2U.roa (raw, json)
Hash identifier:          OEfbGZ0NXUway91TeAiOS0JleWz5i3grqKSNkir0b/E=
Subject key identifier:   4A:4B:6B:71:5A:78:93:AA:C9:FB:A0:D8:27:D3:5A:B2:D8:06:27:65
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       0183A4442CEA7596450A4B16590295C34A17
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SktrcVp4k6rJ-6DYJ9NastgGJ2U.roa
Signing time:             Tue 04 Oct 2022 18:31:14 +0000
ROA not before:           Tue 04 Oct 2022 18:31:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212618
IP address blocks:        2a05:1084:e00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a4:44:2c:ea:75:96:45:0a:4b:16:59:02:95:c3:4a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Oct  4 18:31:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a4b6b715a7893aac9fba0d827d35ab2d8062765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:79:12:ac:e9:2d:4b:83:be:10:20:b4:3a:3b:
                    66:6d:21:a2:12:2a:4d:33:eb:c2:6e:f8:59:e0:8f:
                    49:96:f1:a4:ee:73:5a:af:f2:cc:53:d4:9d:1c:ca:
                    fa:68:39:a6:3a:a4:3f:5f:71:62:65:e4:86:71:1e:
                    7b:11:dd:51:10:7e:4b:12:44:27:3f:92:57:3d:98:
                    6f:5b:ed:ee:9f:a3:a6:2b:e3:a8:65:2a:7c:68:5a:
                    09:e6:88:f5:3c:60:f1:91:69:12:a2:e0:77:cd:7c:
                    2f:ab:70:04:2f:6a:06:4f:fa:76:b6:38:e7:fb:20:
                    3b:bb:7f:61:7f:fb:17:09:b0:86:be:bf:4f:b9:24:
                    4f:47:bd:50:16:12:e3:d9:91:a2:bd:ea:d0:25:bc:
                    cf:ad:72:92:94:22:51:9c:4e:89:d1:a9:c0:35:aa:
                    52:51:21:58:02:fe:ca:f7:e8:72:0f:1e:2a:c2:d4:
                    ce:53:95:2d:a8:95:33:1e:18:ee:f4:79:f1:9c:52:
                    6c:aa:c0:fc:65:84:c2:f1:ae:58:fd:75:08:15:cc:
                    2a:48:b1:fa:1d:10:07:42:03:18:3e:a7:45:43:67:
                    56:95:dc:df:fb:f7:a8:93:54:b7:56:e6:19:db:27:
                    3e:d5:e1:8f:1d:23:9d:f8:0e:e8:5e:6e:33:79:15:
                    31:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:4B:6B:71:5A:78:93:AA:C9:FB:A0:D8:27:D3:5A:B2:D8:06:27:65
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SktrcVp4k6rJ-6DYJ9NastgGJ2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:1084:e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         8a:43:8b:8a:59:c2:5c:93:2e:60:63:db:85:0e:50:7f:1a:18:
         57:4d:ae:af:23:4d:04:79:cb:f8:00:9e:e4:8c:e2:77:1f:cc:
         bf:c1:28:d2:e6:93:0b:81:d3:c4:e6:2c:54:00:a3:d0:fc:b1:
         a4:bb:08:04:95:87:b1:c0:45:69:7a:63:ac:b2:bb:3e:f2:db:
         1d:bb:ce:72:0e:dd:65:ca:f5:60:48:04:72:81:0b:f7:20:1e:
         fd:52:49:ce:2d:13:6d:29:c2:39:73:f3:cf:b3:fd:c7:fd:a2:
         84:4b:ed:9c:d0:c2:31:3a:1e:78:e4:a1:d6:ae:1f:9e:d8:ce:
         c5:d0:03:6e:37:59:97:3c:d0:35:92:73:fa:73:b0:7e:8f:72:
         0d:d3:99:04:d8:c0:00:47:1f:2d:32:9e:8f:02:e8:20:9c:ba:
         47:9b:7b:11:d6:1a:41:a3:eb:75:3b:50:af:82:5e:e5:a3:fa:
         05:05:c8:97:20:df:08:a0:fc:74:a7:b2:76:79:fd:50:3b:f3:
         78:eb:bd:37:1e:a2:d5:2a:86:c7:76:2d:ac:fe:8d:7e:55:bc:
         d5:99:c5:77:65:90:19:cc:39:94:6d:47:f0:8b:f3:7f:30:3b:
         87:80:33:d7:a2:7a:b9:4d:b4:40:b1:f5:a5:c0:be:a4:35:66:
         0e:63:41:8e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYOkRCzqdZZFCksWWQKVw0oXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjIxMDA0MTgzMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRiNmI3MTVhNzg5M2FhYzlmYmEwZDgyN2QzNWFiMmQ4MDYyNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHkSrOktS4O+ECC0OjtmbSGiEipN
M+vCbvhZ4I9JlvGk7nNar/LMU9SdHMr6aDmmOqQ/X3FiZeSGcR57Ed1REH5LEkQn
P5JXPZhvW+3un6OmK+OoZSp8aFoJ5oj1PGDxkWkSouB3zXwvq3AEL2oGT/p2tjjn
+yA7u39hf/sXCbCGvr9PuSRPR71QFhLj2ZGiverQJbzPrXKSlCJRnE6J0anANapS
USFYAv7K9+hyDx4qwtTOU5UtqJUzHhju9HnxnFJsqsD8ZYTC8a5Y/XUIFcwqSLH6
HRAHQgMYPqdFQ2dWldzf+/eok1S3VuYZ2yc+1eGPHSOd+A7oXm4zeRUxhwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEpLa3FaeJOqyfug2CfTWrLYBidlMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvU2t0cmNWcDRrNnJKLTZEWUo5TmFzdGdHSjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgUQhA4w
DQYJKoZIhvcNAQELBQADggEBAIpDi4pZwlyTLmBj24UOUH8aGFdNrq8jTQR5y/gA
nuSM4ncfzL/BKNLmkwuB08TmLFQAo9D8saS7CASVh7HARWl6Y6yyuz7y2x27znIO
3WXK9WBIBHKBC/cgHv1SSc4tE20pwjlz88+z/cf9ooRL7ZzQwjE6HnjkodauH57Y
zsXQA243WZc80DWSc/pzsH6Pcg3TmQTYwABHHy0yno8C6CCcukebexHWGkGj63U7
UK+CXuWj+gUFyJcg3wig/HSnsnZ5/VA783jrvTceotUqhsd2Laz+jX5VvNWZxXdl
kBnMOZRtR/CL838wO4eAM9eierlNtECx9aXAvqQ1Zg5jQY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:48 2024 by rpki-client on console-ams.rpki-client.org