Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/C4mSuQBL5Ai6YLTYiaJziQOxvQc.roa
File:                     C4mSuQBL5Ai6YLTYiaJziQOxvQc.roa (raw, json)
Hash identifier:          dLvMx5kZcp6RsfQh+InbOwUMIg73AcYGkGAdjFx91Vs=
Subject key identifier:   0B:89:92:B9:00:4B:E4:08:BA:60:B4:D8:89:A2:73:89:03:B1:BD:07
Certificate issuer:       /CN=2d2d7d9743de2efa2f633378a268f58f2aa16050
Certificate serial:       05128B35
Authority key identifier: 2D:2D:7D:97:43:DE:2E:FA:2F:63:33:78:A2:68:F5:8F:2A:A1:60:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LS19l0PeLvovYzN4omj1jyqhYFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/C4mSuQBL5Ai6YLTYiaJziQOxvQc.roa
Signing time:             Sat 01 Jan 2022 14:58:09 +0000
ROA not before:           Sat 01 Jan 2022 14:58:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197424
IP address blocks:        2a0f:e580::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85101365 (0x5128b35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d2d7d9743de2efa2f633378a268f58f2aa16050
        Validity
            Not Before: Jan  1 14:58:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b8992b9004be408ba60b4d889a2738903b1bd07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:41:7f:34:f1:ec:5f:ca:33:d8:9f:3a:32:ca:
                    2d:b0:79:c7:a3:d4:bc:18:96:a6:d7:3e:34:02:44:
                    89:eb:c5:e4:51:66:37:07:c1:59:58:5d:68:f5:40:
                    64:84:dc:53:e7:b7:b5:75:a3:2c:26:6c:ad:cc:ec:
                    2d:47:69:b3:07:e0:ae:35:72:ee:c6:aa:40:9f:a6:
                    9a:ae:b3:7e:ac:d9:8a:63:40:1e:b6:e7:3f:48:48:
                    0d:d1:26:cc:3a:fc:86:34:e2:97:6c:dd:7e:6f:44:
                    c9:6b:54:49:88:a4:59:6b:8c:10:c0:45:b0:f6:bd:
                    d1:88:c7:8a:a1:04:50:ba:d2:25:52:ab:8e:9c:b3:
                    97:a7:68:7a:60:a7:10:da:03:5e:0c:16:16:17:55:
                    4a:0e:f2:54:56:5e:d6:81:8c:ba:79:2a:63:5b:d0:
                    3c:14:bd:e5:52:90:c7:c7:85:bc:75:47:24:cf:c7:
                    6d:9d:1a:17:66:33:36:46:4c:49:0c:9b:9d:b1:58:
                    16:99:04:9f:a6:f7:9d:4e:fc:83:fb:85:4e:f0:36:
                    1b:9d:92:f1:98:98:11:62:96:1b:ee:31:bf:a7:17:
                    1c:d4:b2:df:30:c4:cc:b1:1e:3f:40:9c:1e:70:8b:
                    5b:56:e3:95:a9:2b:03:6a:e7:60:5e:4b:31:b4:d7:
                    19:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:89:92:B9:00:4B:E4:08:BA:60:B4:D8:89:A2:73:89:03:B1:BD:07
            X509v3 Authority Key Identifier:
                keyid:2D:2D:7D:97:43:DE:2E:FA:2F:63:33:78:A2:68:F5:8F:2A:A1:60:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS19l0PeLvovYzN4omj1jyqhYFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/C4mSuQBL5Ai6YLTYiaJziQOxvQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/LS19l0PeLvovYzN4omj1jyqhYFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:e580::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:7a:57:e9:79:88:ef:d5:2f:4e:eb:59:c6:e1:4b:50:cc:0d:
         2a:c9:36:36:89:ca:5e:6e:cd:6e:44:20:3a:b6:99:1b:54:6f:
         dc:3d:b5:a9:d3:9e:b7:5f:86:5b:5a:8b:90:ff:20:30:1f:e2:
         23:a2:f2:35:ec:40:74:13:65:cb:d7:0d:fb:3f:4e:5a:de:e7:
         8c:9b:97:ad:d7:f5:8b:a8:c0:4c:c6:f8:2a:14:00:c2:49:cf:
         4b:07:7e:c8:e9:77:9b:62:07:e0:63:16:ab:9f:c5:38:5f:bc:
         f7:3a:4c:e8:62:bc:94:3c:b9:b8:81:14:40:5d:7f:46:90:c9:
         cf:d5:8d:bc:2b:4f:fe:92:30:a0:18:23:82:5b:a7:78:60:82:
         b7:89:71:86:97:3a:7e:a5:ad:0d:11:a4:d6:ec:93:3c:c2:89:
         4d:b7:81:59:4f:82:e7:bf:b0:e9:91:00:ba:85:19:85:21:a9:
         34:f6:67:fb:ec:3a:62:58:0e:5b:10:a6:9e:35:f6:64:ce:69:
         b8:96:2c:7a:47:71:3b:4c:40:0d:91:42:52:81:b2:fc:56:f6:
         64:05:4a:bf:d3:2f:65:61:de:27:76:8b:38:d5:9c:9e:bd:d0:
         ef:17:ef:0f:ac:28:40:c3:9b:11:74:92:6f:83:4c:69:09:3f:
         c7:73:4c:9a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBRKLNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDJkN2Q5NzQzZGUyZWZhMmY2MzMzNzhhMjY4ZjU4ZjJhYTE2MDUwMB4XDTIyMDEw
MTE0NTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI4OTkyYjkwMDRi
ZTQwOGJhNjBiNGQ4ODlhMjczODkwM2IxYmQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpBfzTx7F/KM9ifOjLKLbB5x6PUvBiWptc+NAJEievF5FFm
NwfBWVhdaPVAZITcU+e3tXWjLCZsrczsLUdpswfgrjVy7saqQJ+mmq6zfqzZimNA
HrbnP0hIDdEmzDr8hjTil2zdfm9EyWtUSYikWWuMEMBFsPa90YjHiqEEULrSJVKr
jpyzl6doemCnENoDXgwWFhdVSg7yVFZe1oGMunkqY1vQPBS95VKQx8eFvHVHJM/H
bZ0aF2YzNkZMSQybnbFYFpkEn6b3nU78g/uFTvA2G52S8ZiYEWKWG+4xv6cXHNSy
3zDEzLEeP0CcHnCLW1bjlakrA2rnYF5LMbTXGSECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQLiZK5AEvkCLpgtNiJonOJA7G9BzAfBgNVHSMEGDAWgBQtLX2XQ94u+i9j
M3iiaPWPKqFgUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xTMTlsMFBlTHZvdll6TjRvbWoxanlxaFlGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvY2Y3YzE5LTFjN2QtNGViZS1iNGRkLWNiY2NmOTA0NTVmZS8x
L0M0bVN1UUJMNUFpNllMVFlpYUp6aVFPeHZRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
Y2Y3YzE5LTFjN2QtNGViZS1iNGRkLWNiY2NmOTA0NTVmZS8xL0xTMTlsMFBlTHZv
dll6TjRvbWoxanlxaFlGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoP5YAAADANBgkqhkiG9w0BAQsF
AAOCAQEAAHpX6XmI79UvTutZxuFLUMwNKsk2NonKXm7NbkQgOraZG1Rv3D21qdOe
t1+GW1qLkP8gMB/iI6LyNexAdBNly9cN+z9OWt7njJuXrdf1i6jATMb4KhQAwknP
Swd+yOl3m2IH4GMWq5/FOF+89zpM6GK8lDy5uIEUQF1/RpDJz9WNvCtP/pIwoBgj
gluneGCCt4lxhpc6fqWtDRGk1uyTPMKJTbeBWU+C57+w6ZEAuoUZhSGpNPZn++w6
YlgOWxCmnjX2ZM5puJYsekdxO0xADZFCUoGy/Fb2ZAVKv9MvZWHeJ3aLONWcnr3Q
7xfvD6woQMObEXSSb4NMaQk/x3NMmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:19 2024 by rpki-client on console-fra.rpki-client.org