Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/AhNnUC0mKEV1C7xYwT10-zGomv8.roa
File:                     AhNnUC0mKEV1C7xYwT10-zGomv8.roa (raw, json)
Hash identifier:          phiu2CVjl57a5W9nECdnu5CwlrSkKATHAA6tP4sszcg=
Subject key identifier:   02:13:67:50:2D:26:28:45:75:0B:BC:58:C1:3D:74:FB:31:A8:9A:FF
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       01821EC7230CD28BF95419CD78E7962C11D7
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/AhNnUC0mKEV1C7xYwT10-zGomv8.roa
Signing time:             Thu 21 Jul 2022 03:22:23 +0000
ROA not before:           Thu 21 Jul 2022 03:22:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203804
IP address blocks:        2a0e:aa07:e043::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1e:c7:23:0c:d2:8b:f9:54:19:cd:78:e7:96:2c:11:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jul 21 03:22:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=021367502d262845750bbc58c13d74fb31a89aff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:81:91:f9:2c:81:f5:4c:cf:af:b0:66:08:b7:
                    12:1f:92:14:4d:bc:86:63:d0:06:ea:3e:c4:df:b4:
                    78:24:21:bf:2e:c0:d1:8a:a3:57:a6:c0:ee:af:8b:
                    91:bc:c2:a0:cf:79:40:82:0e:ac:d4:7e:ac:f6:32:
                    8f:d2:e1:4b:a2:02:8f:eb:2a:6e:61:71:f4:2b:c1:
                    62:23:ed:57:ae:db:96:1e:28:89:cc:6b:55:c9:8f:
                    1f:ed:53:73:96:60:9b:dc:a5:8d:68:2b:82:56:c6:
                    a0:d3:56:1c:0c:6a:6b:8a:28:cb:cf:58:6b:ed:59:
                    de:09:98:bf:69:f3:cb:22:14:c4:12:b4:12:63:4d:
                    c4:d0:ca:69:3b:00:d5:34:41:f7:81:d0:be:f3:10:
                    47:03:c5:ee:b8:70:10:d0:6a:64:f7:f2:d4:97:69:
                    36:00:56:bd:cd:c1:1a:cc:30:fd:14:62:23:f4:02:
                    06:19:8e:20:2d:09:5a:12:22:61:ce:95:a5:2e:e3:
                    f4:a4:84:ca:c1:d3:fd:7e:ec:2f:1a:69:99:80:64:
                    46:e0:51:0b:67:e2:da:c3:a5:3d:43:7c:a4:5d:bd:
                    30:07:76:ae:6c:2e:48:fe:89:70:8c:32:44:9e:0e:
                    b5:02:24:15:f4:f7:1a:bc:4f:9e:99:f0:f8:d2:c3:
                    79:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:13:67:50:2D:26:28:45:75:0B:BC:58:C1:3D:74:FB:31:A8:9A:FF
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/AhNnUC0mKEV1C7xYwT10-zGomv8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e043::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:de:82:16:51:59:53:f4:bd:bb:e0:7f:c5:c2:94:d6:9f:3a:
         64:66:8d:37:9f:b9:93:40:53:5e:63:29:68:2a:83:28:e5:49:
         3a:89:d8:fa:92:1e:d5:c6:63:f5:ed:c2:1e:66:55:9f:23:25:
         03:83:39:41:db:7b:f9:68:8c:ad:63:df:5f:c2:64:c2:ac:d9:
         e5:f0:7e:d4:53:f0:56:f1:a9:31:91:8d:06:1e:46:34:1c:37:
         4f:1b:b1:46:6b:25:bd:51:21:ff:fe:5b:8d:58:16:a5:6f:5b:
         77:5a:9f:b1:9b:a0:f6:79:61:0a:56:82:9e:0f:b5:49:db:d7:
         ad:ca:50:02:3f:b0:54:0f:74:93:b3:8a:76:8e:e8:3a:a5:af:
         13:ae:04:0f:3c:15:c0:8a:6d:09:f5:fb:98:4b:1f:f5:14:9d:
         0e:69:d7:c8:ca:ce:00:c5:13:9c:c9:1d:28:8b:d9:ed:42:0d:
         4c:76:40:a6:63:66:d2:f9:26:86:7e:b4:f6:d5:59:14:13:e9:
         72:9b:45:63:32:6c:b6:a4:d0:7a:31:93:a1:a0:88:d2:36:7d:
         72:a6:c0:9e:24:ab:21:cd:b8:66:b5:99:62:55:9f:61:2b:06:
         91:32:78:1a:46:2e:b0:bb:7e:7a:e8:69:d5:b9:3b:f7:67:ea:
         8f:50:97:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIexyMM0ov5VBnNeOeWLBHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjIwNzIxMDMyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjEzNjc1MDJkMjYyODQ1NzUwYmJjNThjMTNkNzRmYjMxYTg5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4GR+SyB9UzPr7BmCLcSH5IUTbyG
Y9AG6j7E37R4JCG/LsDRiqNXpsDur4uRvMKgz3lAgg6s1H6s9jKP0uFLogKP6ypu
YXH0K8FiI+1XrtuWHiiJzGtVyY8f7VNzlmCb3KWNaCuCVsag01YcDGpriijLz1hr
7VneCZi/afPLIhTEErQSY03E0MppOwDVNEH3gdC+8xBHA8XuuHAQ0Gpk9/LUl2k2
AFa9zcEazDD9FGIj9AIGGY4gLQlaEiJhzpWlLuP0pITKwdP9fuwvGmmZgGRG4FEL
Z+Law6U9Q3ykXb0wB3aubC5I/olwjDJEng61AiQV9PcavE+emfD40sN5VQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAITZ1AtJihFdQu8WME9dPsxqJr/MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvQWhOblVDMG1LRVYxQzd4WXdUMTAtekdvbXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BD
MA0GCSqGSIb3DQEBCwUAA4IBAQCo3oIWUVlT9L274H/FwpTWnzpkZo03n7mTQFNe
YyloKoMo5Uk6idj6kh7VxmP17cIeZlWfIyUDgzlB23v5aIytY99fwmTCrNnl8H7U
U/BW8akxkY0GHkY0HDdPG7FGayW9USH//luNWBalb1t3Wp+xm6D2eWEKVoKeD7VJ
29etylACP7BUD3STs4p2jug6pa8TrgQPPBXAim0J9fuYSx/1FJ0OadfIys4AxROc
yR0oi9ntQg1MdkCmY2bS+SaGfrT21VkUE+lym0VjMmy2pNB6MZOhoIjSNn1ypsCe
JKshzbhmtZliVZ9hKwaRMngaRi6wu3566GnVuTv3Z+qPUJfU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org