Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z3ZwqzRt2CLMB5RdvtLhpAdaZiw.roa
File:                     z3ZwqzRt2CLMB5RdvtLhpAdaZiw.roa (raw, json)
Hash identifier:          rvY2aYoM5jpUHv0+iu5/TuWHBBuUFtK5fyghT1cOOso=
Subject key identifier:   CF:76:70:AB:34:6D:D8:22:CC:07:94:5D:BE:D2:E1:A4:07:5A:66:2C
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       0981E994
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z3ZwqzRt2CLMB5RdvtLhpAdaZiw.roa
Signing time:             Sat 01 Jan 2022 09:04:10 +0000
ROA not before:           Sat 01 Jan 2022 09:04:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211323
IP address blocks:        2a0e:aa07:e01e::/48 maxlen: 48
                          2a0e:aa07:f080::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159508884 (0x981e994)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 09:04:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf7670ab346dd822cc07945dbed2e1a4075a662c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:62:bb:f0:ef:ef:ef:f1:7b:9d:b5:44:68:d3:
                    07:a4:fe:47:b4:d6:e2:69:ea:dd:bd:e3:7d:92:7b:
                    08:f5:1a:88:39:d4:52:4d:84:a9:19:f3:f8:a7:68:
                    b8:64:d3:e4:6b:1b:92:11:fa:47:a1:aa:9a:a2:c7:
                    c9:96:74:15:7e:ae:2d:b9:13:b7:97:b3:8c:30:50:
                    0e:2d:53:91:df:7b:89:a3:e4:c5:56:da:eb:03:e4:
                    e0:f0:55:f1:ef:cd:79:c6:cb:f7:20:60:19:56:6a:
                    38:22:77:fd:a1:35:55:95:e2:de:d1:d0:b7:82:48:
                    52:e1:ff:0c:df:f5:e6:7b:6c:e0:1a:da:29:53:22:
                    5a:a3:0c:1f:fc:5a:92:2e:a3:2d:bd:48:d3:f9:b5:
                    2e:5d:fb:03:2f:dd:af:48:7e:53:68:e0:23:5e:2e:
                    24:dd:ca:05:de:b9:a0:16:d3:47:8d:4e:a3:f1:36:
                    6b:13:b5:6e:76:46:d6:40:19:66:71:24:ce:cb:02:
                    f7:7d:be:c2:68:d3:59:62:32:06:d6:c1:33:05:e3:
                    09:7c:56:dd:3c:9d:11:24:2a:d5:6d:ca:97:39:e6:
                    0c:7b:20:2c:10:2d:0b:15:d4:7f:56:1c:b7:4c:e6:
                    e2:d7:d5:4b:e8:d6:e7:2c:17:b2:64:2e:c3:cf:03:
                    1d:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:76:70:AB:34:6D:D8:22:CC:07:94:5D:BE:D2:E1:A4:07:5A:66:2C
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/z3ZwqzRt2CLMB5RdvtLhpAdaZiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:aa07:e01e::/48
                  2a0e:aa07:f080::/44

    Signature Algorithm: sha256WithRSAEncryption
         43:64:0b:ec:d3:3a:1b:bf:80:fb:1d:d2:fc:e1:57:bc:11:85:
         8a:ae:31:7e:19:30:d1:02:25:9d:2e:53:9c:4f:95:a8:7a:67:
         d7:dc:13:6c:71:ca:7e:84:f4:1e:51:55:51:12:4b:08:52:0c:
         8d:e1:87:05:0b:aa:23:21:c6:11:a4:b4:1c:b3:4a:58:b1:f3:
         70:d5:9a:26:82:c7:aa:06:5e:3d:8b:b4:cf:e3:a9:cf:59:cd:
         b4:42:2d:60:50:94:a1:5e:7a:a9:78:1a:4e:92:50:5a:ee:c4:
         6a:e8:f6:34:e8:b3:af:df:44:d3:23:e2:f3:60:b0:ce:62:b1:
         aa:8a:e3:ce:2c:74:92:3f:2f:c7:27:04:82:f7:13:a5:66:15:
         e4:42:a2:58:63:50:b7:12:bd:40:97:9e:85:4b:56:d5:39:76:
         67:c4:de:e9:d0:ad:7d:e2:f9:29:be:5d:8a:a4:97:a7:43:02:
         17:c3:d9:5c:0a:ad:91:8f:e3:30:5b:51:b8:94:bf:e5:80:99:
         07:36:6f:25:49:1d:86:49:cd:cb:0a:96:c6:0c:62:7c:77:c2:
         46:19:cb:36:d3:b8:25:b3:a7:13:19:b8:9c:c7:9b:35:d5:83:
         c7:8a:04:93:7e:8c:f0:92:3e:f3:5a:64:e5:a4:0b:c3:b2:04:
         2d:68:62:e1
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECYHplDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y3NjcwYWIzNDZk
ZDgyMmNjMDc5NDVkYmVkMmUxYTQwNzVhNjYyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJiu/Dv7+/xe521RGjTB6T+R7TW4mnq3b3jfZJ7CPUaiDnU
Uk2EqRnz+KdouGTT5GsbkhH6R6GqmqLHyZZ0FX6uLbkTt5ezjDBQDi1Tkd97iaPk
xVba6wPk4PBV8e/NecbL9yBgGVZqOCJ3/aE1VZXi3tHQt4JIUuH/DN/15nts4Bra
KVMiWqMMH/xaki6jLb1I0/m1Ll37Ay/dr0h+U2jgI14uJN3KBd65oBbTR41Oo/E2
axO1bnZG1kAZZnEkzssC932+wmjTWWIyBtbBMwXjCXxW3TydESQq1W3KlznmDHsg
LBAtCxXUf1Yct0zm4tfVS+jW5ywXsmQuw88DHSECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTPdnCrNG3YIswHlF2+0uGkB1pmLDAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L3ozWndxelJ0MkNMTUI1UmR2dExocEFkYVppdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOqgfgHgMHBCoOqgfwgDANBgkq
hkiG9w0BAQsFAAOCAQEAQ2QL7NM6G7+A+x3S/OFXvBGFiq4xfhkw0QIlnS5TnE+V
qHpn19wTbHHKfoT0HlFVURJLCFIMjeGHBQuqIyHGEaS0HLNKWLHzcNWaJoLHqgZe
PYu0z+Opz1nNtEItYFCUoV56qXgaTpJQWu7Eauj2NOizr99E0yPi82CwzmKxqorj
zix0kj8vxycEgvcTpWYV5EKiWGNQtxK9QJeehUtW1Tl2Z8Te6dCtfeL5Kb5diqSX
p0MCF8PZXAqtkY/jMFtRuJS/5YCZBzZvJUkdhknNywqWxgxifHfCRhnLNtO4JbOn
Exm4nMebNdWDx4oEk36M8JI+81pk5aQLw7IELWhi4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org