Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kVPMPGUixhp57hti8ikG3Ap0H1Y.roa
File:                     kVPMPGUixhp57hti8ikG3Ap0H1Y.roa (raw, json)
Hash identifier:          6YcUtEIcWTEmDDO1HylFjmN4bdRs8eymvkf/bBJwLRI=
Subject key identifier:   91:53:CC:3C:65:22:C6:1A:79:EE:1B:62:F2:29:06:DC:0A:74:1F:56
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       10A6CDC6
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kVPMPGUixhp57hti8ikG3Ap0H1Y.roa
Signing time:             Sat 01 Jan 2022 13:59:28 +0000
ROA not before:           Sat 01 Jan 2022 13:59:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206699
IP address blocks:        2a0b:6b86:b00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 279367110 (0x10a6cdc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  1 13:59:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9153cc3c6522c61a79ee1b62f22906dc0a741f56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:8e:08:c9:bb:1b:81:d1:d5:5e:c6:36:b5:be:
                    71:1e:35:9d:4e:d3:f1:97:be:20:31:a0:3c:2b:86:
                    5e:d0:15:c9:07:79:af:16:01:a3:61:43:65:03:08:
                    d4:cd:40:55:b8:7f:7c:7b:5f:f2:d8:1b:e1:a1:06:
                    96:17:01:3e:c5:11:a8:ad:61:de:51:55:9d:98:47:
                    40:99:43:cb:3f:9f:a5:09:e3:ed:fd:ba:86:15:3b:
                    93:35:08:27:c2:36:4b:be:aa:82:68:17:52:45:ea:
                    50:ab:fa:f6:3e:bf:42:4d:fa:19:5e:8c:1c:e0:97:
                    4d:d2:65:e9:2e:c3:71:46:89:da:09:b2:74:6d:2e:
                    da:ab:5c:48:b6:30:97:34:e4:23:38:1a:86:0b:66:
                    7a:81:31:55:eb:b1:84:f6:2d:62:28:05:67:19:f5:
                    61:60:b4:09:42:f4:e8:dd:87:e5:cd:c3:2c:6f:2f:
                    05:ba:0c:54:9c:f8:e7:d6:1a:33:a2:5d:7b:25:7f:
                    57:cf:a9:c5:49:6f:20:b2:ff:27:85:8d:64:cc:e5:
                    33:79:08:6c:d0:b9:87:cd:0e:df:ad:8b:7e:e7:9c:
                    00:b8:9f:0c:7f:17:60:d9:03:0d:0e:ca:90:40:35:
                    11:d1:dc:ed:8b:ec:0c:af:66:12:74:cf:3e:f4:84:
                    6f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:53:CC:3C:65:22:C6:1A:79:EE:1B:62:F2:29:06:DC:0A:74:1F:56
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kVPMPGUixhp57hti8ikG3Ap0H1Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b86:b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         ae:f6:ff:45:a2:49:79:31:cb:be:65:93:0a:3d:12:0f:e4:f4:
         53:1a:36:bb:ac:0e:42:01:f3:a8:d6:af:73:69:a3:0f:f0:1b:
         45:9b:e9:99:12:a8:62:49:4a:4f:02:5f:44:ee:bd:6a:bf:72:
         ca:39:77:87:92:ee:b4:ba:58:e8:21:b5:59:9a:d0:a3:94:25:
         33:48:85:a4:ed:77:8e:c3:fa:e9:6f:03:db:cc:ca:a9:48:af:
         60:16:6b:c5:c1:2d:39:3f:f4:35:72:98:89:b7:dd:d8:46:da:
         19:ae:20:78:24:3e:9b:0e:80:bb:9c:1a:1f:a5:d3:9d:54:0d:
         a4:1c:6d:24:ea:16:ae:69:fb:a6:a1:7e:92:5a:02:8c:0e:c4:
         a1:f6:e2:e9:ca:6d:fa:6e:19:f5:f4:11:99:f3:c1:5a:b6:f6:
         e7:17:7d:89:4b:ca:d2:ce:ed:d8:7b:1b:6a:ce:be:c3:0e:a9:
         23:38:a2:23:82:53:70:6f:fa:9a:b7:b4:68:5d:ac:24:32:2d:
         3f:7a:f8:52:d8:05:b1:02:c0:3b:56:a8:8a:9f:23:7b:a6:9e:
         95:80:f6:a9:28:2e:33:76:3d:47:4a:2e:1e:2d:c8:66:5b:f2:
         5c:66:b6:ad:cd:e3:30:2a:e7:8f:ff:3a:9b:fc:b3:22:fe:a0:
         96:d9:e0:28
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEKbNxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE1M2NjM2M2NTIy
YzYxYTc5ZWUxYjYyZjIyOTA2ZGMwYTc0MWY1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqOCMm7G4HR1V7GNrW+cR41nU7T8Ze+IDGgPCuGXtAVyQd5
rxYBo2FDZQMI1M1AVbh/fHtf8tgb4aEGlhcBPsURqK1h3lFVnZhHQJlDyz+fpQnj
7f26hhU7kzUIJ8I2S76qgmgXUkXqUKv69j6/Qk36GV6MHOCXTdJl6S7DcUaJ2gmy
dG0u2qtcSLYwlzTkIzgahgtmeoExVeuxhPYtYigFZxn1YWC0CUL06N2H5c3DLG8v
BboMVJz459YaM6JdeyV/V8+pxUlvILL/J4WNZMzlM3kIbNC5h80O362LfuecALif
DH8XYNkDDQ7KkEA1EdHc7YvsDK9mEnTPPvSEb+8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSRU8w8ZSLGGnnuG2LyKQbcCnQfVjAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
L2tWUE1QR1VpeGhwNTdodGk4aWtHM0FwMEgxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLa4YLMA0GCSqGSIb3DQEBCwUA
A4IBAQCu9v9Fokl5Mcu+ZZMKPRIP5PRTGja7rA5CAfOo1q9zaaMP8BtFm+mZEqhi
SUpPAl9E7r1qv3LKOXeHku60uljoIbVZmtCjlCUzSIWk7XeOw/rpbwPbzMqpSK9g
FmvFwS05P/Q1cpiJt93YRtoZriB4JD6bDoC7nBofpdOdVA2kHG0k6hauafumoX6S
WgKMDsSh9uLpym36bhn19BGZ88FatvbnF32JS8rSzu3Yextqzr7DDqkjOKIjglNw
b/qat7RoXawkMi0/evhS2AWxAsA7VqiKnyN7pp6VgPapKC4zdj1HSi4eLchmW/Jc
ZratzeMwKueP/zqb/LMi/qCW2eAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:14 2024 by rpki-client on console-ams.rpki-client.org