Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OsGJwJ18Iu1dgIxMzltm5495YhM.roa
File:                     OsGJwJ18Iu1dgIxMzltm5495YhM.roa (raw, json)
Hash identifier:          V709ak6FCPkHdrbFftWXr162TmsrnOUn6y/BpXk/eiU=
Subject key identifier:   3A:C1:89:C0:9D:7C:22:ED:5D:80:8C:4C:CE:5B:66:E7:8F:79:62:13
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       0966351E
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OsGJwJ18Iu1dgIxMzltm5495YhM.roa
Signing time:             Sat 01 Jan 2022 09:03:55 +0000
ROA not before:           Sat 01 Jan 2022 09:03:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205298
IP address blocks:        2a0e:aa01:ab04::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 157693214 (0x966351e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 09:03:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ac189c09d7c22ed5d808c4cce5b66e78f796213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b8:62:1d:d7:53:12:e6:ac:dd:de:26:5d:20:
                    30:a5:cf:35:7c:a8:70:1c:d0:e5:00:36:c5:c4:6f:
                    f7:83:e9:b0:51:0d:73:2f:04:dd:d9:5a:4e:c7:59:
                    e9:a9:67:42:6f:1d:eb:18:3a:51:8a:78:8a:14:2f:
                    40:5d:39:35:3d:a1:b6:44:a6:93:14:ee:93:1d:cf:
                    f6:bc:2f:c2:8d:c2:32:cb:70:ba:e1:a8:a5:7f:40:
                    91:1a:41:83:04:e0:71:04:63:2f:1e:dd:8b:05:6c:
                    db:ad:30:66:9e:ff:ae:c0:b6:44:0f:23:18:c4:ca:
                    2f:04:b1:e8:86:22:2b:7c:2d:fe:d5:f1:f9:49:23:
                    5f:e8:be:5b:f9:e0:6d:3a:f1:ae:b0:ad:aa:a8:2d:
                    73:24:f0:c3:bf:7d:e3:35:51:2f:b2:93:bb:c9:84:
                    4f:e0:b8:1c:43:be:a4:c7:cb:77:50:cf:e4:1f:aa:
                    12:da:fe:e3:85:2f:35:7c:8a:42:40:2e:3f:e9:09:
                    9b:2d:de:e9:35:12:ee:50:c0:3e:79:21:0f:a1:98:
                    2e:0e:86:58:7d:cb:29:95:eb:b5:e7:9d:6a:29:d5:
                    e1:d5:b2:ec:0e:10:5c:21:32:b4:f6:3a:3c:d6:b1:
                    2e:a4:be:c1:70:3f:64:de:ce:8a:af:c0:2d:5f:9f:
                    46:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C1:89:C0:9D:7C:22:ED:5D:80:8C:4C:CE:5B:66:E7:8F:79:62:13
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OsGJwJ18Iu1dgIxMzltm5495YhM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa01:ab04::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:3d:01:a7:60:5a:2f:f0:39:18:80:e8:07:c5:0b:05:69:9d:
         f4:bb:91:1f:67:cb:f4:85:cc:7c:a4:77:2b:a0:9c:47:02:58:
         96:74:11:8f:a9:a3:96:fa:0f:8e:6b:9d:73:71:50:2c:9e:e6:
         61:be:1a:19:7b:1f:a8:a5:21:33:ae:1a:32:8d:42:0b:08:e5:
         db:ca:c2:28:1d:a4:db:9a:bb:1e:60:c2:fe:cd:38:f9:b3:b0:
         e9:08:22:7f:94:eb:06:9e:84:68:a8:51:41:4a:39:09:8d:e5:
         8e:cb:b6:0f:dc:e8:8f:b6:f7:e6:85:e9:6f:7d:e6:f4:50:6b:
         55:7e:05:45:6d:79:f5:d9:c7:c1:9b:f9:33:b8:8e:89:d9:f6:
         dd:f5:29:a7:25:38:78:21:d0:ca:e8:ba:d8:88:e3:6b:60:51:
         1b:e1:50:61:76:a7:a5:38:df:be:67:b8:c6:b6:38:f0:21:41:
         11:50:d9:39:6b:a1:da:cf:0b:26:ab:81:c3:07:12:b0:12:ce:
         d3:ea:0c:0c:31:8f:95:36:32:ff:ef:a7:23:84:a9:66:de:98:
         22:4b:95:37:14:75:b2:e9:d8:4d:64:c7:41:27:54:2d:5c:d5:
         89:5b:08:84:25:00:ee:fd:70:fe:42:76:05:9b:ff:8e:3c:f5:
         7a:c9:75:84
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWY1HjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FjMTg5YzA5ZDdj
MjJlZDVkODA4YzRjY2U1YjY2ZTc4Zjc5NjIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANq4Yh3XUxLmrN3eJl0gMKXPNXyocBzQ5QA2xcRv94PpsFEN
cy8E3dlaTsdZ6alnQm8d6xg6UYp4ihQvQF05NT2htkSmkxTukx3P9rwvwo3CMstw
uuGopX9AkRpBgwTgcQRjLx7diwVs260wZp7/rsC2RA8jGMTKLwSx6IYiK3wt/tXx
+UkjX+i+W/ngbTrxrrCtqqgtcyTww7994zVRL7KTu8mET+C4HEO+pMfLd1DP5B+q
Etr+44UvNXyKQkAuP+kJmy3e6TUS7lDAPnkhD6GYLg6GWH3LKZXrteedainV4dWy
7A4QXCEytPY6PNaxLqS+wXA/ZN7Oiq/ALV+fRvMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ6wYnAnXwi7V2AjEzOW2bnj3liEzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L09zR0p3SjE4SXUxZGdJeE16bHRtNTQ5NVloTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOqgGrBDANBgkqhkiG9w0BAQsF
AAOCAQEALz0Bp2BaL/A5GIDoB8ULBWmd9LuRH2fL9IXMfKR3K6CcRwJYlnQRj6mj
lvoPjmudc3FQLJ7mYb4aGXsfqKUhM64aMo1CCwjl28rCKB2k25q7HmDC/s04+bOw
6Qgif5TrBp6EaKhRQUo5CY3ljsu2D9zoj7b35oXpb33m9FBrVX4FRW159dnHwZv5
M7iOidn23fUppyU4eCHQyui62Ijja2BRG+FQYXanpTjfvme4xrY48CFBEVDZOWuh
2s8LJquBwwcSsBLO0+oMDDGPlTYy/++nI4SpZt6YIkuVNxR1sunYTWTHQSdULVzV
iVsIhCUA7v1w/kJ2BZv/jjz1esl1hA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org