Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/49e8d6-bbf6-4ca7-ba5d-f1d3cff5527a/1/AFT5zXjW6kwKyIdqw45pqJp0AGI.roa
File:                     AFT5zXjW6kwKyIdqw45pqJp0AGI.roa (raw, json)
Hash identifier:          GsQFUuzGO7k7Smw2FstOF3a++rAbfmVlgiu5G/KG79s=
Subject key identifier:   00:54:F9:CD:78:D6:EA:4C:0A:C8:87:6A:C3:8E:69:A8:9A:74:00:62
Certificate issuer:       /CN=6a1a7b80c68462859232b86f2b452658d8f7f849
Certificate serial:       0C80B3C1
Authority key identifier: 6A:1A:7B:80:C6:84:62:85:92:32:B8:6F:2B:45:26:58:D8:F7:F8:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ahp7gMaEYoWSMrhvK0UmWNj3-Ek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/49e8d6-bbf6-4ca7-ba5d-f1d3cff5527a/1/AFT5zXjW6kwKyIdqw45pqJp0AGI.roa
Signing time:             Sat 01 Jan 2022 09:56:48 +0000
ROA not before:           Sat 01 Jan 2022 09:56:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8368
IP address blocks:        185.29.61.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209761217 (0xc80b3c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a1a7b80c68462859232b86f2b452658d8f7f849
        Validity
            Not Before: Jan  1 09:56:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0054f9cd78d6ea4c0ac8876ac38e69a89a740062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:15:ce:6f:1d:f2:b0:f8:a2:65:eb:19:40:9c:
                    5e:9e:0c:4b:5d:9d:80:c8:80:30:8b:30:2e:5b:9c:
                    91:d9:14:cc:87:4a:2d:ad:c6:46:17:f2:22:de:82:
                    db:65:37:87:f8:4e:15:36:ec:00:d8:85:dd:5f:63:
                    1f:7e:ab:74:f5:f9:6d:77:92:78:5f:d4:cd:3f:8a:
                    49:b4:b2:fe:32:16:c2:4f:ee:96:2d:70:e8:b2:13:
                    40:58:c0:1d:5e:e2:44:1c:a3:72:25:93:40:c3:9f:
                    e7:7f:91:93:4f:54:fb:eb:e1:bb:2a:1e:26:60:a0:
                    27:55:68:22:6a:ca:4e:ba:08:13:ff:69:d5:c7:d4:
                    fe:b6:02:3c:2c:86:b0:58:c6:ce:e7:e8:b0:6d:79:
                    ee:04:53:a8:de:69:42:92:b4:06:ab:a9:99:d6:27:
                    3f:66:35:50:04:7f:e1:ef:d3:15:b8:d5:5d:e3:3f:
                    0b:2d:50:0c:45:f1:e6:77:e2:d5:fa:76:b4:34:96:
                    9e:fd:e3:ed:89:5f:19:5d:3f:b5:85:44:1d:65:3b:
                    ab:f8:b4:65:f3:f9:ee:ea:1a:43:0d:33:bb:b4:fd:
                    b2:33:60:44:c9:9a:70:44:13:c4:5f:43:72:2d:8d:
                    7d:65:f8:31:bf:75:e6:dc:03:09:e0:39:41:44:da:
                    c0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:54:F9:CD:78:D6:EA:4C:0A:C8:87:6A:C3:8E:69:A8:9A:74:00:62
            X509v3 Authority Key Identifier:
                keyid:6A:1A:7B:80:C6:84:62:85:92:32:B8:6F:2B:45:26:58:D8:F7:F8:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahp7gMaEYoWSMrhvK0UmWNj3-Ek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/49e8d6-bbf6-4ca7-ba5d-f1d3cff5527a/1/AFT5zXjW6kwKyIdqw45pqJp0AGI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/49e8d6-bbf6-4ca7-ba5d-f1d3cff5527a/1/ahp7gMaEYoWSMrhvK0UmWNj3-Ek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.29.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:64:83:d2:2c:17:c2:32:7b:8d:b7:19:29:d7:6c:69:5e:62:
         71:b7:f6:3a:77:3e:0b:52:fe:3b:27:5b:50:53:cb:1b:ca:ec:
         09:c9:a7:ea:3c:a6:e6:1c:6d:86:5e:65:57:aa:42:f1:d0:29:
         63:bc:15:b9:cb:cc:15:30:d9:58:c9:3f:d9:08:a4:fd:a2:0d:
         ee:d9:8f:a1:0b:a9:70:79:46:0e:98:8f:84:ef:dd:67:56:63:
         eb:90:9d:3c:29:4e:62:0c:52:1e:77:1b:55:98:66:f6:b6:f6:
         05:6f:f1:ba:23:6d:09:b9:7d:6a:45:0b:73:aa:3f:44:ad:ce:
         90:d1:88:e5:2a:29:79:53:58:51:3f:15:8b:26:8d:f3:27:99:
         d8:0f:04:1d:54:33:e3:e5:4a:27:66:b9:96:8f:6c:c5:f4:8c:
         ad:3e:0f:e5:71:46:54:b9:68:59:4c:e6:e1:81:86:74:fd:b2:
         67:1a:e5:0b:75:7c:c5:95:5c:9a:ef:0e:2c:12:f3:eb:c9:bc:
         26:0e:9a:88:0b:d5:d2:38:3a:4b:c7:1a:8f:68:1d:e0:ca:ef:
         b3:cc:17:ea:11:c4:a0:5a:44:2b:04:a9:64:28:4a:f2:67:37:
         ca:e2:59:4f:b0:71:cd:44:35:b5:75:88:fe:af:cd:b5:7c:82:
         e0:68:29:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDICzwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YTFhN2I4MGM2ODQ2Mjg1OTIzMmI4NmYyYjQ1MjY1OGQ4ZjdmODQ5MB4XDTIyMDEw
MTA5NTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA1NGY5Y2Q3OGQ2
ZWE0YzBhYzg4NzZhYzM4ZTY5YTg5YTc0MDA2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkVzm8d8rD4omXrGUCcXp4MS12dgMiAMIswLluckdkUzIdK
La3GRhfyIt6C22U3h/hOFTbsANiF3V9jH36rdPX5bXeSeF/UzT+KSbSy/jIWwk/u
li1w6LITQFjAHV7iRByjciWTQMOf53+Rk09U++vhuyoeJmCgJ1VoImrKTroIE/9p
1cfU/rYCPCyGsFjGzufosG157gRTqN5pQpK0BqupmdYnP2Y1UAR/4e/TFbjVXeM/
Cy1QDEXx5nfi1fp2tDSWnv3j7YlfGV0/tYVEHWU7q/i0ZfP57uoaQw0zu7T9sjNg
RMmacEQTxF9Dci2NfWX4Mb915twDCeA5QUTawFUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQAVPnNeNbqTArIh2rDjmmomnQAYjAfBgNVHSMEGDAWgBRqGnuAxoRihZIy
uG8rRSZY2Pf4STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FocDdnTWFFWW9XU01yaHZLMFVtV05qMy1Fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNDllOGQ2LWJiZjYtNGNhNy1iYTVkLWYxZDNjZmY1NTI3YS8x
L0FGVDV6WGpXNmt3S3lJZHF3NDVwcUpwMEFHSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NDllOGQ2LWJiZjYtNGNhNy1iYTVkLWYxZDNjZmY1NTI3YS8xL2FocDdnTWFFWW9X
U01yaHZLMFVtV05qMy1Fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkdPTANBgkqhkiG9w0BAQsFAAOC
AQEABmSD0iwXwjJ7jbcZKddsaV5icbf2Onc+C1L+OydbUFPLG8rsCcmn6jym5hxt
hl5lV6pC8dApY7wVucvMFTDZWMk/2Qik/aIN7tmPoQupcHlGDpiPhO/dZ1Zj65Cd
PClOYgxSHncbVZhm9rb2BW/xuiNtCbl9akULc6o/RK3OkNGI5SopeVNYUT8ViyaN
8yeZ2A8EHVQz4+VKJ2a5lo9sxfSMrT4P5XFGVLloWUzm4YGGdP2yZxrlC3V8xZVc
mu8OLBLz68m8Jg6aiAvV0jg6S8caj2gd4Mrvs8wX6hHEoFpEKwSpZChK8mc3yuJZ
T7BxzUQ1tXWI/q/NtXyC4GgpXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:35 2024 by rpki-client on console-fra.rpki-client.org