Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kxOdAnDvyojcqbvol4AdidSFxH4.roa
File:                     kxOdAnDvyojcqbvol4AdidSFxH4.roa (raw, json)
Hash identifier:          TZHRGcYlD5OhAvHatH9nRrK1jv39u2qhxrO1yAjSZC0=
Subject key identifier:   93:13:9D:02:70:EF:CA:88:DC:A9:BB:E8:97:80:1D:89:D4:85:C4:7E
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       10AA9258
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kxOdAnDvyojcqbvol4AdidSFxH4.roa
Signing time:             Sat 01 Jan 2022 13:59:29 +0000
ROA not before:           Sat 01 Jan 2022 13:59:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212232
IP address blocks:        2a0b:6b86:d00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 279614040 (0x10aa9258)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  1 13:59:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93139d0270efca88dca9bbe897801d89d485c47e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c2:42:1a:7c:3f:dd:d2:93:24:80:65:8c:9d:
                    5c:d3:6c:da:b8:b7:49:3f:76:10:35:d8:d2:3d:51:
                    bf:d4:c3:e7:0f:fd:64:1d:ca:e2:e9:d6:e2:e5:e9:
                    39:08:34:53:ff:a9:da:d4:30:60:32:8d:11:ff:ee:
                    84:51:1c:9b:39:93:86:d3:c4:a9:1c:66:a6:8d:d4:
                    2c:eb:ac:b9:66:54:39:66:0c:ea:df:83:69:1a:73:
                    99:29:3e:b7:78:a1:4f:6a:ba:e2:11:4e:1a:ff:1e:
                    2c:1f:ab:69:9e:7a:cf:10:db:6d:49:9a:cf:b3:c4:
                    f2:c2:26:50:00:79:20:15:4b:33:ac:92:03:16:d6:
                    7e:7a:ab:1e:3c:d8:c5:46:40:0b:20:9b:05:1d:e3:
                    0a:0b:67:e6:3b:27:52:b7:63:07:6a:0b:93:a4:76:
                    c2:35:ac:d0:ef:8e:b0:c6:2e:5a:02:7a:d4:94:48:
                    51:21:70:e8:43:fb:60:07:04:6a:6f:dd:a3:13:77:
                    2d:3b:a3:6d:4d:3a:85:8a:cd:20:17:9d:15:fa:57:
                    94:23:d2:81:0a:54:67:e9:44:4e:9e:5c:16:7a:28:
                    75:e0:e4:e0:7e:63:55:8f:83:3f:6a:4c:ff:2a:62:
                    f9:b3:d5:f4:a4:0e:46:f2:a2:51:03:31:e6:32:e2:
                    dd:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:13:9D:02:70:EF:CA:88:DC:A9:BB:E8:97:80:1D:89:D4:85:C4:7E
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/kxOdAnDvyojcqbvol4AdidSFxH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:6b86:d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         d4:3b:d7:1d:7e:a3:44:5f:f6:88:15:08:95:8e:b0:f2:73:6e:
         8e:91:fa:fe:06:a9:8a:0c:f7:7a:bc:9d:34:06:49:3c:9c:cb:
         93:ad:c4:bd:c2:a1:9c:c1:6a:46:c0:08:6c:35:e9:13:28:00:
         74:62:8e:0f:77:23:44:a8:82:84:a9:ec:c7:34:ed:e4:7f:2a:
         2a:63:ee:69:94:c1:0a:0b:79:db:79:a0:72:1c:1d:cc:69:d5:
         0a:7a:06:ce:18:1d:78:86:ca:2a:6b:2a:e0:80:db:c2:3e:95:
         ca:cd:84:2c:08:35:15:9b:68:8a:50:cc:79:64:7f:30:51:3e:
         0c:03:6d:dd:f7:bb:ce:4b:e7:d0:43:99:33:3c:e0:29:bf:4d:
         a0:8f:cb:85:f8:ab:f3:96:f4:c8:7b:e6:12:3c:36:e7:f8:91:
         6b:44:8f:d3:e8:00:1d:c6:eb:14:1f:ed:fa:b7:5a:80:13:fd:
         b2:85:1b:59:77:3d:e1:99:28:bb:79:55:eb:af:6b:8d:8a:73:
         f4:01:00:42:87:f3:1f:a8:ab:0d:87:6e:49:01:36:e5:f3:9b:
         f9:2e:be:3e:5a:36:4c:3a:de:f5:ec:e8:f9:5b:a8:45:1c:6d:
         58:08:9a:3c:83:7b:eb:39:8b:58:dc:7f:e2:1d:eb:f5:63:5c:
         05:dd:a8:a7
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEKqSWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMxMzlkMDI3MGVm
Y2E4OGRjYTliYmU4OTc4MDFkODlkNDg1YzQ3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHCQhp8P93SkySAZYydXNNs2ri3ST92EDXY0j1Rv9TD5w/9
ZB3K4unW4uXpOQg0U/+p2tQwYDKNEf/uhFEcmzmThtPEqRxmpo3ULOusuWZUOWYM
6t+DaRpzmSk+t3ihT2q64hFOGv8eLB+raZ56zxDbbUmaz7PE8sImUAB5IBVLM6yS
AxbWfnqrHjzYxUZACyCbBR3jCgtn5jsnUrdjB2oLk6R2wjWs0O+OsMYuWgJ61JRI
USFw6EP7YAcEam/doxN3LTujbU06hYrNIBedFfpXlCPSgQpUZ+lETp5cFnoodeDk
4H5jVY+DP2pM/ypi+bPV9KQORvKiUQMx5jLi3U8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSTE50CcO/KiNypu+iXgB2J1IXEfjAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
L2t4T2RBbkR2eW9qY3Fidm9sNEFkaWRTRnhINC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLa4YNMA0GCSqGSIb3DQEBCwUA
A4IBAQDUO9cdfqNEX/aIFQiVjrDyc26Okfr+BqmKDPd6vJ00Bkk8nMuTrcS9wqGc
wWpGwAhsNekTKAB0Yo4PdyNEqIKEqezHNO3kfyoqY+5plMEKC3nbeaByHB3MadUK
egbOGB14hsoqayrggNvCPpXKzYQsCDUVm2iKUMx5ZH8wUT4MA23d97vOS+fQQ5kz
POApv02gj8uF+KvzlvTIe+YSPDbn+JFrRI/T6AAdxusUH+36t1qAE/2yhRtZdz3h
mSi7eVXrr2uNinP0AQBCh/MfqKsNh25JATbl85v5Lr4+WjZMOt717Oj5W6hFHG1Y
CJo8g3vrOYtY3H/iHev1Y1wF3ain
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:14 2024 by rpki-client on console-ams.rpki-client.org