Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/6ehHuaSDFKaIOp6yOdKMk0JpN4E.roa
File:                     6ehHuaSDFKaIOp6yOdKMk0JpN4E.roa (raw, json)
Hash identifier:          3s+NG8rXCc2Ico5W/HdmdyNx7T6BR0k1c8gVtY0NxfQ=
Subject key identifier:   E9:E8:47:B9:A4:83:14:A6:88:3A:9E:B2:39:D2:8C:93:42:69:37:81
Certificate issuer:       /CN=43e0a364131841056d48b2d788ea00ca4b91db56
Certificate serial:       062B5E55
Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/6ehHuaSDFKaIOp6yOdKMk0JpN4E.roa
Signing time:             Sat 01 Jan 2022 13:06:02 +0000
ROA not before:           Sat 01 Jan 2022 13:06:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31727
IP address blocks:        185.151.28.0/24 maxlen: 24
                          2a07:7800::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 103505493 (0x62b5e55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56
        Validity
            Not Before: Jan  1 13:06:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9e847b9a48314a6883a9eb239d28c9342693781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:60:d0:3c:33:23:84:5f:ec:40:c4:cc:51:f6:
                    86:5a:f7:e9:2f:a9:3d:1c:73:a7:b3:2d:db:e4:57:
                    ee:e2:c5:60:aa:77:f3:2c:e8:15:86:11:12:f9:87:
                    29:64:31:51:ee:1f:90:31:b9:0e:7f:c9:9a:ba:32:
                    6b:85:90:05:30:a8:32:54:4a:50:50:2b:02:a8:f1:
                    70:1a:31:49:bc:03:47:59:c5:1c:96:91:06:12:54:
                    5c:4f:82:1f:6d:59:44:17:d7:f0:3c:f1:fe:ee:b4:
                    33:39:d1:78:88:fc:4a:61:91:40:9c:46:1b:91:64:
                    f2:34:3b:a6:2e:2e:65:8a:6d:b9:cd:12:e7:f1:52:
                    ee:74:ff:bb:d4:e6:75:8a:a1:7b:f5:b5:d4:13:5e:
                    1b:ac:99:09:bb:49:82:f8:7b:c1:b1:48:95:b1:32:
                    18:4e:d5:f1:f4:72:09:26:81:a6:de:a9:ba:f9:ff:
                    1b:f1:4a:94:d6:b2:cf:74:2d:d8:bb:b0:99:4e:93:
                    e2:40:ab:c2:57:ae:b7:22:ff:d0:0d:40:6b:fc:b1:
                    79:9f:d2:45:c9:26:e5:c0:e5:c1:d5:71:05:74:22:
                    1f:5e:73:a4:b8:e3:db:16:64:7d:52:1c:45:99:f7:
                    0f:ab:d5:45:51:35:86:13:7d:5a:b7:ee:23:a0:cd:
                    c2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:E8:47:B9:A4:83:14:A6:88:3A:9E:B2:39:D2:8C:93:42:69:37:81
            X509v3 Authority Key Identifier:
                keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/6ehHuaSDFKaIOp6yOdKMk0JpN4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.28.0/24
                IPv6:
                  2a07:7800::/29

    Signature Algorithm: sha256WithRSAEncryption
         b6:76:5e:4f:f5:a4:c9:87:1a:9a:12:bb:08:ae:50:ba:01:f2:
         75:46:c3:49:bd:4f:a2:c0:13:86:c7:91:95:85:20:48:09:a9:
         ef:7d:91:ea:ff:01:9e:73:2c:fa:80:4a:69:bb:1a:9a:71:31:
         c1:54:c0:86:ca:2f:e6:33:2d:6a:d2:2f:af:9a:fd:7d:15:48:
         c0:50:e9:da:27:6e:1a:c0:7e:e8:17:52:b1:70:ab:95:31:29:
         89:9f:98:93:7f:1f:4b:d4:7a:ce:74:e0:a7:84:4e:f5:45:a4:
         07:d2:be:ca:af:7d:e0:47:9e:31:c1:b0:c8:f9:8c:31:1b:e4:
         75:33:95:94:06:f3:32:6e:a8:1b:64:d6:0a:07:c6:49:9b:33:
         b5:40:6e:6b:9a:db:da:67:c8:c5:71:6e:5b:47:eb:5d:4a:7e:
         80:2e:27:71:4d:08:82:b2:fe:a5:81:9c:3c:d3:1e:e0:16:5f:
         54:84:5a:32:72:6c:58:2c:36:55:87:3a:63:52:aa:95:5b:f0:
         82:05:22:32:98:85:48:92:b0:26:ad:1d:6d:f4:de:e2:67:4f:
         ec:4b:8b:94:b2:0e:cd:58:66:28:6e:db:7a:a8:71:1d:89:60:
         17:86:f7:29:7c:6a:ce:d1:ae:d8:e4:ce:ea:9d:44:a5:b8:91:
         12:f1:6d:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBiteVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2UwYTM2NDEzMTg0MTA1NmQ0OGIyZDc4OGVhMDBjYTRiOTFkYjU2MB4XDTIyMDEw
MTEzMDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTllODQ3YjlhNDgz
MTRhNjg4M2E5ZWIyMzlkMjhjOTM0MjY5Mzc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1g0DwzI4Rf7EDEzFH2hlr36S+pPRxzp7Mt2+RX7uLFYKp3
8yzoFYYREvmHKWQxUe4fkDG5Dn/Jmroya4WQBTCoMlRKUFArAqjxcBoxSbwDR1nF
HJaRBhJUXE+CH21ZRBfX8Dzx/u60MznReIj8SmGRQJxGG5Fk8jQ7pi4uZYptuc0S
5/FS7nT/u9TmdYqhe/W11BNeG6yZCbtJgvh7wbFIlbEyGE7V8fRyCSaBpt6puvn/
G/FKlNayz3Qt2LuwmU6T4kCrwleutyL/0A1Aa/yxeZ/SRckm5cDlwdVxBXQiH15z
pLjj2xZkfVIcRZn3D6vVRVE1hhN9WrfuI6DNwvcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTp6Ee5pIMUpog6nrI50oyTQmk3gTAfBgNVHSMEGDAWgBRD4KNkExhBBW1I
steI6gDKS5HbVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1EtQ2paQk1ZUVFWdFNMTFhpT29BeWt1UjIxWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvOWNiYjA2LWI0ZGEtNGM5NC1iNDE4LTRiMDgxY2MyYjM5YS8x
LzZlaEh1YVNERkthSU9wNnlPZEtNazBKcE40RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
OWNiYjA2LWI0ZGEtNGM5NC1iNDE4LTRiMDgxY2MyYjM5YS8xL1EtQ2paQk1ZUVFW
dFNMTFhpT29BeWt1UjIxWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALmXHDANBAIAAjAHAwUDKgd4ADAN
BgkqhkiG9w0BAQsFAAOCAQEAtnZeT/WkyYcamhK7CK5QugHydUbDSb1PosAThseR
lYUgSAmp732R6v8BnnMs+oBKabsamnExwVTAhsov5jMtatIvr5r9fRVIwFDp2idu
GsB+6BdSsXCrlTEpiZ+Yk38fS9R6znTgp4RO9UWkB9K+yq994EeeMcGwyPmMMRvk
dTOVlAbzMm6oG2TWCgfGSZsztUBua5rb2mfIxXFuW0frXUp+gC4ncU0IgrL+pYGc
PNMe4BZfVIRaMnJsWCw2VYc6Y1KqlVvwggUiMpiFSJKwJq0dbfTe4mdP7EuLlLIO
zVhmKG7beqhxHYlgF4b3KXxqztGu2OTO6p1EpbiREvFt0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:38 2024 by rpki-client on console-fra.rpki-client.org