Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DDFqm1d7t3VjTf_bQpo0bc7G3QA.roa
File:                     DDFqm1d7t3VjTf_bQpo0bc7G3QA.roa (raw, json)
Hash identifier:          3nul75JZMcBE8oH9+A5eeAos8Qwxkgh2YiTwml2DIfw=
Subject key identifier:   0C:31:6A:9B:57:7B:B7:75:63:4D:FF:DB:42:9A:34:6D:CE:C6:DD:00
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0182F04E0BD6F83076AF3E0E29F0E5CC064A
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DDFqm1d7t3VjTf_bQpo0bc7G3QA.roa
Signing time:             Tue 30 Aug 2022 19:50:22 +0000
ROA not before:           Tue 30 Aug 2022 19:50:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204084
IP address blocks:        2a06:d900::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f0:4e:0b:d6:f8:30:76:af:3e:0e:29:f0:e5:cc:06:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug 30 19:50:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c316a9b577bb775634dffdb429a346dcec6dd00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:0c:14:29:99:2e:b0:9b:b6:33:1c:b1:34:96:
                    b4:10:dc:72:b8:02:7e:6f:a3:33:fc:9c:fd:0a:f1:
                    0f:74:a8:69:8e:9e:b0:7a:c6:8f:ba:d5:7b:e6:a3:
                    2b:8a:84:af:68:a3:f2:74:0e:14:a2:dd:5e:1d:cb:
                    7d:30:28:de:42:e1:af:04:7f:0f:a4:37:ca:4b:e4:
                    46:8b:11:39:4d:57:49:b8:bb:6a:63:f4:48:94:16:
                    ef:d6:42:93:26:b1:4d:05:a6:34:22:c7:21:0b:e8:
                    71:e2:ca:14:07:cc:dc:7a:94:9c:53:0f:38:ba:91:
                    3b:44:b0:8f:9d:29:2e:fb:b8:06:b3:ab:53:e4:97:
                    90:24:30:74:1c:a5:08:fb:2d:1e:67:58:fb:f2:b4:
                    a9:29:53:ff:b6:04:f6:3b:f6:f0:a6:e3:d5:3a:66:
                    e1:b8:e0:f6:8e:3d:fe:6b:a5:30:88:43:53:35:85:
                    ee:e2:a1:d6:52:04:4f:48:dc:0d:60:8d:f6:9d:16:
                    a9:8c:b2:86:52:61:b6:ab:7a:6f:2d:fd:5f:f7:cd:
                    e0:cb:b4:07:92:a9:12:9b:3b:0c:bd:bb:56:eb:b4:
                    02:a2:00:dd:33:78:c5:7a:d4:90:af:31:c5:18:bf:
                    39:26:24:6c:82:8c:69:b0:79:fe:4c:c7:df:bc:14:
                    02:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:31:6A:9B:57:7B:B7:75:63:4D:FF:DB:42:9A:34:6D:CE:C6:DD:00
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DDFqm1d7t3VjTf_bQpo0bc7G3QA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:d900::/30

    Signature Algorithm: sha256WithRSAEncryption
         11:b4:5e:59:c2:e5:cb:23:72:77:6f:22:c8:d9:7a:3c:bc:b5:
         30:93:f3:41:08:2b:3f:e3:90:48:e7:2a:03:a0:a8:9b:c4:96:
         76:44:1c:3d:91:70:a8:59:81:3d:51:0b:1a:20:ad:81:41:2a:
         f9:0f:6b:b9:e8:a3:a1:d4:93:75:8d:b4:fe:35:be:54:4f:5a:
         f7:78:31:86:eb:17:35:35:62:a5:b2:e7:41:42:92:48:13:1a:
         2f:1c:0e:87:65:4b:ba:79:be:c2:e4:a1:77:b9:f6:9c:93:0a:
         38:13:4d:a7:08:aa:c5:4b:1f:cd:d5:63:1d:99:01:5c:a7:e2:
         02:dd:a0:0f:b4:f1:4d:82:42:bf:2c:7e:f7:16:ba:81:ea:ed:
         ae:b1:38:e9:8d:da:95:3e:fb:28:2f:a6:0a:5c:09:99:2a:12:
         8c:38:99:bc:c5:f4:c5:f9:b6:f4:c4:32:b1:dd:bc:f9:33:24:
         20:de:35:85:3c:a5:aa:15:6f:84:01:59:b3:fc:68:b1:d8:5f:
         b7:e7:a2:1a:de:06:39:57:40:cf:8d:a4:8b:b9:23:46:34:10:
         c7:73:f7:13:9a:1d:b8:50:f4:4f:c1:13:1b:02:3b:3d:19:42:
         70:2e:c9:c2:57:5d:1c:ab:9d:d2:47:76:10:e5:59:3a:6b:ba:
         1f:93:6b:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLwTgvW+DB2rz4OKfDlzAZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIwODMwMTk1MDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzMxNmE5YjU3N2JiNzc1NjM0ZGZmZGI0MjlhMzQ2ZGNlYzZkZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAwUKZkusJu2MxyxNJa0ENxyuAJ+
b6Mz/Jz9CvEPdKhpjp6wesaPutV75qMrioSvaKPydA4Uot1eHct9MCjeQuGvBH8P
pDfKS+RGixE5TVdJuLtqY/RIlBbv1kKTJrFNBaY0IschC+hx4soUB8zcepScUw84
upE7RLCPnSku+7gGs6tT5JeQJDB0HKUI+y0eZ1j78rSpKVP/tgT2O/bwpuPVOmbh
uOD2jj3+a6UwiENTNYXu4qHWUgRPSNwNYI32nRapjLKGUmG2q3pvLf1f983gy7QH
kqkSmzsMvbtW67QCogDdM3jFetSQrzHFGL85JiRsgoxpsHn+TMffvBQCIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAwxaptXe7d1Y03/20KaNG3Oxt0AMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRERGcW0xZDd0M1ZqVGZfYlFwbzBiYzdHM1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgbZADAN
BgkqhkiG9w0BAQsFAAOCAQEAEbReWcLlyyNyd28iyNl6PLy1MJPzQQgrP+OQSOcq
A6Com8SWdkQcPZFwqFmBPVELGiCtgUEq+Q9rueijodSTdY20/jW+VE9a93gxhusX
NTVipbLnQUKSSBMaLxwOh2VLunm+wuShd7n2nJMKOBNNpwiqxUsfzdVjHZkBXKfi
At2gD7TxTYJCvyx+9xa6gertrrE46Y3alT77KC+mClwJmSoSjDiZvMX0xfm29MQy
sd28+TMkIN41hTylqhVvhAFZs/xosdhft+eiGt4GOVdAz42ki7kjRjQQx3P3E5od
uFD0T8ETGwI7PRlCcC7JwlddHKud0kd2EOVZOmu6H5NrLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org