Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ilJDD3XEYjRSXVXvtjdjMN_ScEA.roa
File:                     ilJDD3XEYjRSXVXvtjdjMN_ScEA.roa (raw, json)
Hash identifier:          EtttUI+ez30xoiRzaUdg+2nWUreYahfJz7vtnUPoyNY=
Subject key identifier:   8A:52:43:0F:75:C4:62:34:52:5D:55:EF:B6:37:63:30:DF:D2:70:40
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       07A6080C
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ilJDD3XEYjRSXVXvtjdjMN_ScEA.roa
Signing time:             Sat 01 Jan 2022 08:01:46 +0000
ROA not before:           Sat 01 Jan 2022 08:01:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41767
IP address blocks:        2a09:7:2005::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128321548 (0x7a6080c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 08:01:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8a52430f75c46234525d55efb6376330dfd27040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d4:ec:2b:74:40:20:d7:5a:37:aa:f8:fe:63:
                    59:1d:d4:6a:a7:71:20:09:e9:f7:03:73:f1:75:2a:
                    b8:a5:bd:11:50:97:03:85:81:31:74:2a:e4:cb:fb:
                    0d:50:24:66:e2:b8:b6:c0:e3:3b:39:a0:1b:0a:4d:
                    5b:16:1a:9d:66:90:49:08:ee:23:87:b5:80:a2:15:
                    ca:59:fc:9d:20:27:ea:fc:3f:22:91:3a:bc:18:a0:
                    4f:f3:ca:e9:fe:48:59:a0:1e:b9:e6:98:3e:3e:eb:
                    5b:4e:46:26:24:89:ee:0e:2a:5f:af:7a:d5:d3:ac:
                    26:0a:6f:a4:eb:e3:52:3f:72:3e:09:a2:86:38:67:
                    d4:77:a8:0c:56:2c:12:6b:1d:ed:32:b2:98:11:a4:
                    c5:58:f5:b1:74:f4:ba:44:b1:52:b3:94:16:bd:7e:
                    84:85:bd:f3:e9:3c:94:38:e7:3a:ef:55:11:8c:19:
                    c9:bf:19:35:6d:5d:95:62:1d:8d:fd:ad:43:a0:96:
                    d3:9f:50:93:59:64:5a:c0:28:cd:e2:b8:3e:0f:cb:
                    a7:f3:ea:b6:4e:bd:85:c3:10:2b:82:6b:6c:75:9f:
                    23:e6:f0:2a:19:7a:73:7b:39:b4:ea:0b:5b:dc:7e:
                    dc:1a:66:bd:f5:da:00:d8:7c:01:6f:e9:d3:08:da:
                    34:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:52:43:0F:75:C4:62:34:52:5D:55:EF:B6:37:63:30:DF:D2:70:40
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ilJDD3XEYjRSXVXvtjdjMN_ScEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7:2005::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:6c:f4:f0:86:72:0b:20:9d:fb:4e:f0:0a:04:32:82:12:5d:
         65:fb:4a:78:4a:9b:e9:0b:df:30:14:af:21:e7:23:12:2f:f2:
         d5:b0:cd:18:de:ea:e2:95:ae:c7:d5:1c:9a:bf:b1:58:83:06:
         cb:ed:96:3d:64:07:4a:d6:92:90:45:03:35:ae:57:f4:6d:d6:
         30:b2:0e:05:98:68:5f:db:6c:ef:64:38:86:b2:14:88:6a:a9:
         6c:3f:ac:b5:4a:50:1b:4c:ac:c7:92:e0:26:f9:e9:6b:75:d8:
         0f:ef:54:cc:8f:4d:c4:7b:ca:05:4f:85:9c:18:28:2c:3a:2f:
         5c:73:00:04:61:02:08:33:7b:63:45:5c:e1:e3:38:a7:05:ab:
         4c:c4:0b:21:ba:1c:b2:a4:dd:7a:b0:54:7a:b2:a8:50:03:2f:
         91:58:8e:09:58:d8:15:25:cb:a5:c1:24:28:a4:be:fe:57:6b:
         11:f4:a9:78:f5:ba:33:4a:6f:7b:0b:62:6e:0a:95:82:3f:f8:
         0c:f4:00:d4:f3:1f:96:97:7f:f2:f8:03:13:80:76:92:8f:b0:
         95:a5:59:b4:f2:2e:9b:65:e1:66:58:39:4a:b1:11:48:56:26:
         25:9d:97:12:b3:b2:f8:e3:d2:0b:a4:d0:c0:5d:d3:ad:ca:56:
         34:1f:8a:e3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB6YIDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE1MjQzMGY3NWM0
NjIzNDUyNWQ1NWVmYjYzNzYzMzBkZmQyNzA0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/U7Ct0QCDXWjeq+P5jWR3UaqdxIAnp9wNz8XUquKW9EVCX
A4WBMXQq5Mv7DVAkZuK4tsDjOzmgGwpNWxYanWaQSQjuI4e1gKIVyln8nSAn6vw/
IpE6vBigT/PK6f5IWaAeueaYPj7rW05GJiSJ7g4qX6961dOsJgpvpOvjUj9yPgmi
hjhn1HeoDFYsEmsd7TKymBGkxVj1sXT0ukSxUrOUFr1+hIW98+k8lDjnOu9VEYwZ
yb8ZNW1dlWIdjf2tQ6CW059Qk1lkWsAozeK4Pg/Lp/Pqtk69hcMQK4JrbHWfI+bw
Khl6c3s5tOoLW9x+3BpmvfXaANh8AW/p0wjaNHcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSKUkMPdcRiNFJdVe+2N2Mw39JwQDAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L2lsSkREM1hFWWpSU1hWWHZ0amRqTU5fU2NFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJAAcgBTANBgkqhkiG9w0BAQsF
AAOCAQEAf2z08IZyCyCd+07wCgQyghJdZftKeEqb6QvfMBSvIecjEi/y1bDNGN7q
4pWux9Ucmr+xWIMGy+2WPWQHStaSkEUDNa5X9G3WMLIOBZhoX9ts72Q4hrIUiGqp
bD+stUpQG0ysx5LgJvnpa3XYD+9UzI9NxHvKBU+FnBgoLDovXHMABGECCDN7Y0Vc
4eM4pwWrTMQLIbocsqTderBUerKoUAMvkViOCVjYFSXLpcEkKKS+/ldrEfSpePW6
M0pvewtibgqVgj/4DPQA1PMflpd/8vgDE4B2ko+wlaVZtPIum2XhZlg5SrERSFYm
JZ2XErOy+OPSC6TQwF3TrcpWNB+K4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org