Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/6N9qfS7DEshkOiYdEE8osxirtf0.roa
File:                     6N9qfS7DEshkOiYdEE8osxirtf0.roa (raw, json)
Hash identifier:          aEWJDvFVHCJectEQJU3YwfjGGxrcf/z9Zw5vAV+870I=
Subject key identifier:   E8:DF:6A:7D:2E:C3:12:C8:64:3A:26:1D:10:4F:28:B3:18:AB:B5:FD
Certificate issuer:       /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial:       1B60222A
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/6N9qfS7DEshkOiYdEE8osxirtf0.roa
Signing time:             Sat 01 Jan 2022 08:54:22 +0000
ROA not before:           Sat 01 Jan 2022 08:54:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212222
IP address blocks:        2a04:2b00:14cc::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 459285034 (0x1b60222a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
        Validity
            Not Before: Jan  1 08:54:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8df6a7d2ec312c8643a261d104f28b318abb5fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d7:66:a7:bc:04:c7:29:62:60:6d:fd:eb:60:
                    89:11:d9:b1:d4:39:75:45:18:1d:5c:b6:6a:01:e3:
                    70:1e:8f:8b:48:55:2c:99:de:ea:57:d6:a1:1b:23:
                    0e:b4:67:81:0d:83:91:80:2b:e8:d2:23:a0:cc:6b:
                    f1:72:b2:0d:5b:61:e4:ed:97:93:b8:c8:3c:7f:e5:
                    aa:1e:4c:1f:db:d1:83:95:5f:14:f5:f2:45:24:ed:
                    f3:59:d4:ea:36:97:92:61:5e:fe:2f:ea:48:88:47:
                    9b:64:b9:f7:2b:bb:66:8c:24:28:fa:9b:f8:95:34:
                    bf:2e:fc:ac:3a:02:9b:66:02:70:ae:ed:19:3f:28:
                    8e:e7:40:42:cb:fc:cf:4e:fb:ee:34:b6:37:23:01:
                    2e:3a:f2:73:15:5e:f2:03:31:bd:d1:7b:6a:b2:c6:
                    43:06:35:cf:df:e7:dc:05:16:a4:eb:22:b7:6d:05:
                    1c:12:ad:c8:43:f4:8d:f0:8c:10:94:a9:dd:3e:0f:
                    c2:bc:08:61:d7:9b:61:be:a7:b7:6e:34:10:d4:99:
                    1f:79:4d:e2:3d:04:97:d5:34:46:5c:18:58:d5:d3:
                    00:26:36:40:3e:9e:a2:b3:d5:61:8e:70:7a:d6:03:
                    cf:f3:f2:9f:ec:d7:ef:09:38:af:e1:9b:b0:09:2b:
                    48:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:DF:6A:7D:2E:C3:12:C8:64:3A:26:1D:10:4F:28:B3:18:AB:B5:FD
            X509v3 Authority Key Identifier:
                keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/6N9qfS7DEshkOiYdEE8osxirtf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:2b00:14cc::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:66:2c:d1:18:02:81:13:7a:9b:b9:10:1b:58:d3:38:dc:fb:
         e5:e5:75:0c:18:a1:d5:d7:61:90:00:3c:7a:d5:01:bb:ea:19:
         f7:3d:4d:2c:88:59:ce:e2:d3:ac:e2:f4:86:d3:11:ad:3f:87:
         43:0c:f6:f5:7f:9c:7a:03:6b:5a:c8:3f:f5:d6:af:d9:f5:3f:
         27:2f:cd:db:2d:5f:c1:7d:3d:f0:33:e1:78:0d:ed:93:81:86:
         3c:08:52:e2:41:5e:57:cd:28:2f:7b:54:1c:ba:7c:4d:cf:64:
         ed:fd:b7:c3:0f:47:5e:df:b7:3b:2f:b6:d2:ca:b4:e4:b2:af:
         43:b2:7a:b1:4c:36:8c:8a:04:05:f5:30:2f:7b:01:9d:5c:20:
         d8:85:be:63:30:d8:a2:93:df:13:01:04:25:81:67:da:a3:5c:
         56:d9:1e:ad:91:55:39:31:62:d8:94:5d:39:67:11:3b:d3:77:
         1a:1a:e2:e5:c5:52:0c:eb:b7:5e:f2:06:a4:7b:d2:b2:a8:ee:
         26:88:ca:df:57:53:f8:54:00:7c:3c:46:0f:25:56:86:b9:c1:
         0e:d0:b5:71:d6:41:49:bb:61:2f:56:85:f1:0b:4d:4f:eb:47:
         78:44:a1:84:9b:25:ae:17:eb:19:e4:5a:5d:05:a7:5c:9f:d3:
         62:e0:e6:48
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEG2AiKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc2YWZiNzRmYWQ1YmFmMGE2MTgwYjQ5NTEwZDhiODQ5N2RmOGQzMB4XDTIyMDEw
MTA4NTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThkZjZhN2QyZWMz
MTJjODY0M2EyNjFkMTA0ZjI4YjMxOGFiYjVmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbXZqe8BMcpYmBt/etgiRHZsdQ5dUUYHVy2agHjcB6Pi0hV
LJne6lfWoRsjDrRngQ2DkYAr6NIjoMxr8XKyDVth5O2Xk7jIPH/lqh5MH9vRg5Vf
FPXyRSTt81nU6jaXkmFe/i/qSIhHm2S59yu7ZowkKPqb+JU0vy78rDoCm2YCcK7t
GT8ojudAQsv8z0777jS2NyMBLjrycxVe8gMxvdF7arLGQwY1z9/n3AUWpOsit20F
HBKtyEP0jfCMEJSp3T4PwrwIYdebYb6nt240ENSZH3lN4j0El9U0RlwYWNXTACY2
QD6eorPVYY5wetYDz/Pyn+zX7wk4r+GbsAkrSOECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTo32p9LsMSyGQ6Jh0QTyizGKu1/TAfBgNVHSMEGDAWgBRHdq+3T61brwph
gLSVENi4SX340zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzYXZ0MC10VzY4S1lZQzBsUkRZdUVsOS1OTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8x
LzZOOXFmUzdERXNoa09pWWRFRThvc3hpcnRmMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8xL1IzYXZ0MC10VzY4
S1lZQzBsUkRZdUVsOS1OTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEKwAUzDANBgkqhkiG9w0BAQsF
AAOCAQEAkGYs0RgCgRN6m7kQG1jTONz75eV1DBih1ddhkAA8etUBu+oZ9z1NLIhZ
zuLTrOL0htMRrT+HQwz29X+cegNrWsg/9dav2fU/Jy/N2y1fwX098DPheA3tk4GG
PAhS4kFeV80oL3tUHLp8Tc9k7f23ww9HXt+3Oy+20sq05LKvQ7J6sUw2jIoEBfUw
L3sBnVwg2IW+YzDYopPfEwEEJYFn2qNcVtkerZFVOTFi2JRdOWcRO9N3Ghri5cVS
DOu3XvIGpHvSsqjuJojK31dT+FQAfDxGDyVWhrnBDtC1cdZBSbthL1aF8QtNT+tH
eEShhJslrhfrGeRaXQWnXJ/TYuDmSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:32 2024 by rpki-client on console-ams.rpki-client.org