Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/cphNAYHnL8MUZ11p0TmMbq8-Ob8.roa
File:                     cphNAYHnL8MUZ11p0TmMbq8-Ob8.roa (raw, json)
Hash identifier:          tEulPDLTQ4eBi/fvjwJM77xkavIDXe5vS6fGXDXxBSU=
Subject key identifier:   72:98:4D:01:81:E7:2F:C3:14:67:5D:69:D1:39:8C:6E:AF:3E:39:BF
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       07A7316D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/cphNAYHnL8MUZ11p0TmMbq8-Ob8.roa
Signing time:             Sat 01 Jan 2022 08:01:47 +0000
ROA not before:           Sat 01 Jan 2022 08:01:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43992
IP address blocks:        2a09:7:2001::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128397677 (0x7a7316d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72984d0181e72fc314675d69d1398c6eaf3e39bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:53:0e:c9:a6:23:af:12:23:a6:2f:d8:ce:ea:
                    8b:0a:c6:e3:bd:7a:e9:8b:f2:b0:d1:e0:5a:fa:92:
                    95:58:7b:4a:d3:6e:2a:f3:7c:fe:fb:52:f5:12:d6:
                    e0:d3:7c:64:61:5c:32:0c:26:9c:d2:5d:8e:2c:20:
                    74:90:c9:8d:31:92:b2:fe:31:73:02:50:97:83:89:
                    09:06:a9:04:fc:2c:d8:8e:b3:2d:25:9d:03:7e:f6:
                    23:7f:ca:7e:5c:3d:99:59:1c:1f:8d:13:73:24:cd:
                    56:84:d3:42:89:44:9d:53:62:69:bb:45:3f:42:31:
                    81:6b:ac:f4:47:f1:fc:f3:6b:e0:70:ed:d9:b1:88:
                    8e:f9:b4:d6:d0:d3:8f:f4:ba:8d:6c:77:62:c4:46:
                    64:84:97:39:19:41:d2:b6:1f:bb:2e:b4:05:c0:cd:
                    b4:12:62:d7:a4:64:57:08:b0:32:b3:ea:83:fe:b9:
                    5a:f2:ba:82:bc:4c:44:f3:a8:63:c4:d6:fb:04:53:
                    89:ae:97:9c:18:d4:be:cc:4a:a0:19:de:ab:9a:84:
                    d2:36:35:75:fb:a4:bd:29:ff:1a:72:ab:5c:22:b0:
                    28:2a:69:ba:af:98:7a:fe:5d:d1:42:1a:f5:27:cf:
                    79:99:2e:5f:7f:e2:b5:0d:24:26:9b:9d:7a:81:97:
                    cf:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:98:4D:01:81:E7:2F:C3:14:67:5D:69:D1:39:8C:6E:AF:3E:39:BF
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/cphNAYHnL8MUZ11p0TmMbq8-Ob8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7:2001::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:20:32:20:a3:4d:be:19:89:1b:89:40:c3:97:a6:e1:44:39:
         c2:d9:ed:ca:f3:41:5f:85:13:d9:14:de:0d:3c:21:e6:a3:76:
         ba:d9:f2:2e:a8:fa:fd:fe:22:87:c7:ac:9c:f7:a2:33:c8:d6:
         f1:1c:8b:d6:8d:0b:17:ec:70:0a:ec:c4:a9:50:e0:0e:83:43:
         37:b4:95:c2:4f:40:dc:5b:a0:2a:7d:22:da:7c:30:eb:8a:ac:
         d9:6d:7d:94:3c:69:13:20:55:4b:97:3f:ff:1c:21:67:34:15:
         ff:83:1b:13:47:d5:e4:ae:04:fb:ec:a6:d1:23:0e:58:d4:97:
         54:ce:fb:89:03:ce:50:7d:ec:d0:b3:b1:27:1b:d8:d9:2e:15:
         b8:16:30:0d:67:6f:ff:3f:aa:4b:50:b7:5f:d2:8e:03:18:9c:
         27:3a:a9:fa:94:3c:fc:9b:e6:2c:63:f0:b3:b1:55:1f:f9:6d:
         d6:7e:e4:cf:34:cf:d6:df:9d:36:09:fd:9f:e5:d4:95:a5:d4:
         9d:fd:f3:29:eb:ea:be:60:91:94:d0:c8:46:0f:27:30:7c:44:
         1d:97:73:ae:10:be:f8:6d:da:ce:64:69:d8:45:b5:62:15:48:
         62:72:17:1e:36:e9:6c:8a:8b:2a:38:37:b8:6a:d4:67:ec:72:
         18:7a:a7:7f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB6cxbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI5ODRkMDE4MWU3
MmZjMzE0Njc1ZDY5ZDEzOThjNmVhZjNlMzliZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5TDsmmI68SI6Yv2M7qiwrG47166YvysNHgWvqSlVh7StNu
KvN8/vtS9RLW4NN8ZGFcMgwmnNJdjiwgdJDJjTGSsv4xcwJQl4OJCQapBPws2I6z
LSWdA372I3/Kflw9mVkcH40TcyTNVoTTQolEnVNiabtFP0IxgWus9Efx/PNr4HDt
2bGIjvm01tDTj/S6jWx3YsRGZISXORlB0rYfuy60BcDNtBJi16RkVwiwMrPqg/65
WvK6grxMRPOoY8TW+wRTia6XnBjUvsxKoBneq5qE0jY1dfukvSn/GnKrXCKwKCpp
uq+Yev5d0UIa9SfPeZkuX3/itQ0kJpudeoGXz5cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRymE0BgecvwxRnXWnROYxurz45vzAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L2NwaE5BWUhuTDhNVVoxMXAwVG1NYnE4LU9iOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJAAcgATANBgkqhkiG9w0BAQsF
AAOCAQEAkSAyIKNNvhmJG4lAw5em4UQ5wtntyvNBX4UT2RTeDTwh5qN2utnyLqj6
/f4ih8esnPeiM8jW8RyL1o0LF+xwCuzEqVDgDoNDN7SVwk9A3FugKn0i2nww64qs
2W19lDxpEyBVS5c//xwhZzQV/4MbE0fV5K4E++ym0SMOWNSXVM77iQPOUH3s0LOx
JxvY2S4VuBYwDWdv/z+qS1C3X9KOAxicJzqp+pQ8/JvmLGPws7FVH/lt1n7kzzTP
1t+dNgn9n+XUlaXUnf3zKevqvmCRlNDIRg8nMHxEHZdzrhC++G3azmRp2EW1YhVI
YnIXHjbpbIqLKjg3uGrUZ+xyGHqnfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org