Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/GOc6aAB0puRTuSM1UiFa5LgdGEw.roa
File:                     GOc6aAB0puRTuSM1UiFa5LgdGEw.roa (raw, json)
Hash identifier:          vKNtNwsOLu16wVJT+LSSxgPVYj+48JC781oJhrwXEuc=
Subject key identifier:   18:E7:3A:68:00:74:A6:E4:53:B9:23:35:52:21:5A:E4:B8:1D:18:4C
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       1175FD2F
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/GOc6aAB0puRTuSM1UiFa5LgdGEw.roa
Signing time:             Tue 31 May 2022 11:06:13 +0000
ROA not before:           Tue 31 May 2022 11:06:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a06:e881:73ff::/48 maxlen: 48
                          2a06:e881:9200::/45 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 292945199 (0x1175fd2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: May 31 11:06:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18e73a680074a6e453b9233552215ae4b81d184c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:50:53:9a:69:ce:2f:ae:fa:14:dd:68:f1:2f:
                    4a:15:61:12:e0:13:63:47:5c:ec:9b:65:2d:90:6a:
                    f8:e3:47:cd:6a:7b:ac:ef:a9:2f:38:fd:d0:6f:d9:
                    d1:61:49:e7:b7:01:eb:d2:ae:3e:52:7a:9c:91:cb:
                    db:82:f5:3d:3d:e2:5f:05:d2:6f:17:c4:a3:9c:25:
                    d4:49:66:a4:41:37:c0:90:7e:e8:d0:d8:f0:98:9f:
                    a2:93:72:be:83:07:b7:42:05:b0:9b:58:61:9a:08:
                    5e:67:f8:9c:af:d9:cd:3d:c1:76:7f:ba:b1:2b:7d:
                    b4:71:b1:1a:ee:9a:75:28:46:9f:16:c1:74:77:5d:
                    ca:b1:d5:07:51:dd:b1:b0:53:45:b8:20:7f:7a:40:
                    c4:d9:62:8f:d1:35:2b:ba:da:6c:3a:90:8f:16:f7:
                    fc:38:38:fa:0b:e4:b3:c8:59:d1:ab:8b:d5:da:4a:
                    6b:17:36:0b:ab:d9:54:61:44:00:d7:91:21:55:9f:
                    1c:95:8e:7c:c2:69:65:b0:e4:aa:e7:42:11:e6:52:
                    8f:43:96:86:97:5d:26:c0:f7:37:7a:44:b3:4e:77:
                    10:32:d3:ea:2f:32:f5:fb:86:a0:6d:d9:db:35:99:
                    f8:07:29:31:5f:c3:3a:05:c6:30:fd:54:20:ca:7e:
                    94:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E7:3A:68:00:74:A6:E4:53:B9:23:35:52:21:5A:E4:B8:1D:18:4C
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/GOc6aAB0puRTuSM1UiFa5LgdGEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:73ff::/48
                  2a06:e881:9200::/45

    Signature Algorithm: sha256WithRSAEncryption
         69:05:90:f0:aa:a5:41:cb:44:11:97:f9:c9:1b:1a:37:e8:1e:
         79:cc:e9:4b:39:28:b0:12:af:86:0a:05:37:9c:ad:4d:15:2d:
         0b:21:bb:c3:ff:47:bd:22:55:d0:8c:e7:b5:60:43:fc:70:db:
         df:44:37:7c:5f:12:95:d9:14:9e:59:b0:07:a3:4b:58:87:53:
         cf:4f:15:c4:e0:c5:c1:84:66:54:d6:81:bb:0c:d3:98:66:9b:
         1d:bf:c8:96:95:5b:ac:3b:3f:2b:ba:01:a3:88:d6:cf:07:e7:
         13:b0:89:14:9f:24:cc:16:5c:d2:7c:e6:10:a4:26:5f:0d:24:
         f1:6f:63:e8:80:6c:f4:16:9b:ff:b9:b6:99:79:4d:ae:37:dc:
         df:8b:63:05:94:70:09:e4:fe:ff:5b:1e:9c:ff:a2:f8:c0:d0:
         b3:62:a9:c9:5a:82:35:4b:d3:2b:ec:e4:f8:af:27:dd:63:d3:
         fe:02:70:d8:42:e1:fa:11:f0:01:b0:c3:19:2c:1c:87:f0:ea:
         38:68:27:9d:4d:87:e2:84:fb:33:60:a0:dc:cb:75:31:1d:4d:
         80:da:5f:99:11:25:dc:d7:ac:c8:78:cc:66:4c:2f:a2:c7:c9:
         50:1f:1e:ca:c0:ed:66:0c:81:d9:0f:d1:82:94:3e:68:d1:99:
         a3:73:5a:d6
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEXX9LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDUz
MTExMDYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThlNzNhNjgwMDc0
YTZlNDUzYjkyMzM1NTIyMTVhZTRiODFkMTg0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhQU5ppzi+u+hTdaPEvShVhEuATY0dc7JtlLZBq+ONHzWp7
rO+pLzj90G/Z0WFJ57cB69KuPlJ6nJHL24L1PT3iXwXSbxfEo5wl1ElmpEE3wJB+
6NDY8JifopNyvoMHt0IFsJtYYZoIXmf4nK/ZzT3Bdn+6sSt9tHGxGu6adShGnxbB
dHddyrHVB1HdsbBTRbggf3pAxNlij9E1K7rabDqQjxb3/Dg4+gvks8hZ0auL1dpK
axc2C6vZVGFEANeRIVWfHJWOfMJpZbDkqudCEeZSj0OWhpddJsD3N3pEs053EDLT
6i8y9fuGoG3Z2zWZ+AcpMV/DOgXGMP1UIMp+lGMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQY5zpoAHSm5FO5IzVSIVrkuB0YTDAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L0dPYzZhQUIwcHVSVHVTTTFVaUZhNUxnZEdFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoG6IFz/wMHAyoG6IGSADANBgkq
hkiG9w0BAQsFAAOCAQEAaQWQ8KqlQctEEZf5yRsaN+geeczpSzkosBKvhgoFN5yt
TRUtCyG7w/9HvSJV0IzntWBD/HDb30Q3fF8SldkUnlmwB6NLWIdTz08VxODFwYRm
VNaBuwzTmGabHb/IlpVbrDs/K7oBo4jWzwfnE7CJFJ8kzBZc0nzmEKQmXw0k8W9j
6IBs9Bab/7m2mXlNrjfc34tjBZRwCeT+/1senP+i+MDQs2KpyVqCNUvTK+zk+K8n
3WPT/gJw2ELh+hHwAbDDGSwch/DqOGgnnU2H4oT7M2Cg3Mt1MR1NgNpfmREl3Nes
yHjMZkwvosfJUB8eysDtZgyB2Q/RgpQ+aNGZo3Na1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org