Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/TgCBvUS5WnyK5U09Lq-JfR0WrcA.roa
File:                     TgCBvUS5WnyK5U09Lq-JfR0WrcA.roa (raw, json)
Hash identifier:          SQ1oAMmf/X5kIErtSTCetTfc3jcQCJVe0IDP7VR0PIM=
Subject key identifier:   4E:00:81:BD:44:B9:5A:7C:8A:E5:4D:3D:2E:AF:89:7D:1D:16:AD:C0
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       01841631FF5A84CD85F05C405106D06F60E3
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/TgCBvUS5WnyK5U09Lq-JfR0WrcA.roa
Signing time:             Wed 26 Oct 2022 21:28:06 +0000
ROA not before:           Wed 26 Oct 2022 21:28:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35077
IP address blocks:        2a06:e881:9500::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:16:31:ff:5a:84:cd:85:f0:5c:40:51:06:d0:6f:60:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Oct 26 21:28:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e0081bd44b95a7c8ae54d3d2eaf897d1d16adc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:64:24:f4:23:8d:7f:5f:19:38:d5:43:1f:53:
                    1b:f5:50:c6:f7:11:d8:11:dd:d6:29:a7:9c:7e:f5:
                    32:ea:d5:38:a5:20:b3:12:fd:4b:d9:de:a7:cc:f8:
                    c0:7e:a2:03:c7:03:7e:ec:6d:56:05:47:36:3e:82:
                    4e:08:35:b0:42:19:50:18:85:59:24:9e:6b:d6:10:
                    0c:f7:e3:17:cb:cf:d7:37:42:aa:25:10:de:e5:b9:
                    41:e1:6f:d4:d6:33:12:bc:05:77:4d:47:f1:28:77:
                    83:9d:62:d6:9d:27:f2:ac:92:2b:8f:bc:e1:4e:21:
                    e7:c2:cf:90:c8:d8:fb:ec:1a:63:97:62:75:63:39:
                    65:64:b2:2b:64:d4:e5:a3:c7:98:fb:37:75:c2:ba:
                    84:a8:df:e8:3e:cc:8e:5b:ec:18:9e:78:12:49:67:
                    4f:bd:45:de:f3:85:4a:85:a7:44:94:cc:05:df:8b:
                    db:8a:a8:79:72:ba:b0:da:40:b9:35:e1:5c:f5:bc:
                    8f:0c:99:36:70:54:61:02:ad:30:4a:2f:e9:3e:38:
                    e4:e9:ee:85:01:9e:80:73:a7:11:86:a2:7a:79:7f:
                    37:36:18:26:4b:36:9a:7d:1e:80:6c:d1:ea:1b:be:
                    87:1d:0b:f3:b5:d8:79:3e:f7:43:6c:64:e9:ac:c9:
                    f7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:00:81:BD:44:B9:5A:7C:8A:E5:4D:3D:2E:AF:89:7D:1D:16:AD:C0
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/TgCBvUS5WnyK5U09Lq-JfR0WrcA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:9500::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:10:41:48:33:71:e7:12:6e:df:4d:08:a6:41:58:cc:55:43:
         3f:82:b6:7b:bb:08:56:41:77:96:7d:02:07:b1:e6:1e:bf:ca:
         37:11:80:b5:d7:53:2b:24:1b:7e:23:80:14:62:83:e5:e6:2f:
         b4:e2:38:0e:df:a3:13:d2:de:9a:3b:91:23:83:4f:25:b5:d6:
         60:16:44:b9:4d:fb:fc:1b:eb:64:3c:f9:ac:17:57:7e:ee:ad:
         9e:98:ee:f0:cd:49:fa:65:06:b2:19:53:18:61:26:4c:d7:c4:
         e5:8c:b1:fa:71:f8:6b:05:85:5e:17:8d:fb:83:73:36:6a:39:
         52:98:10:c9:d5:7a:b6:72:62:7b:e4:ca:27:75:0f:eb:5e:f0:
         4a:8a:fb:28:d2:bb:38:b3:83:c9:ae:7b:47:47:0d:a1:45:5d:
         de:de:86:f1:44:de:de:68:0e:0b:3f:e6:f5:48:e1:92:91:8f:
         7b:83:ce:e9:2a:be:af:7e:39:eb:5b:b4:91:ec:ef:cf:0a:a9:
         d3:bf:fb:b5:51:cb:40:89:97:86:58:28:fc:87:90:0b:4e:b8:
         1a:e2:c3:0e:36:b5:e1:bb:f3:b2:f3:bf:cb:b0:ff:8b:ec:f0:
         b2:54:37:d2:46:81:5e:31:bc:2d:99:f6:f3:eb:91:2e:a4:ac:
         1c:ce:53:e9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQWMf9ahM2F8FxAUQbQb2DjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIxMDI2MjEyODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTAwODFiZDQ0Yjk1YTdjOGFlNTRkM2QyZWFmODk3ZDFkMTZhZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWQk9CONf18ZONVDH1Mb9VDG9xHY
Ed3WKaecfvUy6tU4pSCzEv1L2d6nzPjAfqIDxwN+7G1WBUc2PoJOCDWwQhlQGIVZ
JJ5r1hAM9+MXy8/XN0KqJRDe5blB4W/U1jMSvAV3TUfxKHeDnWLWnSfyrJIrj7zh
TiHnws+QyNj77Bpjl2J1YzllZLIrZNTlo8eY+zd1wrqEqN/oPsyOW+wYnngSSWdP
vUXe84VKhadElMwF34vbiqh5crqw2kC5NeFc9byPDJk2cFRhAq0wSi/pPjjk6e6F
AZ6Ac6cRhqJ6eX83NhgmSzaafR6AbNHqG76HHQvztdh5PvdDbGTprMn3BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE4Agb1EuVp8iuVNPS6viX0dFq3AMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvVGdDQnZVUzVXbnlLNVUwOUxxLUpmUjBXcmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogZUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCtEEFIM3HnEm7fTQimQVjMVUM/grZ7uwhWQXeW
fQIHseYev8o3EYC111MrJBt+I4AUYoPl5i+04jgO36MT0t6aO5Ejg08ltdZgFkS5
Tfv8G+tkPPmsF1d+7q2emO7wzUn6ZQayGVMYYSZM18TljLH6cfhrBYVeF437g3M2
ajlSmBDJ1Xq2cmJ75MondQ/rXvBKivso0rs4s4PJrntHRw2hRV3e3obxRN7eaA4L
P+b1SOGSkY97g87pKr6vfjnrW7SR7O/PCqnTv/u1UctAiZeGWCj8h5ALTrga4sMO
NrXhu/Oy87/LsP+L7PCyVDfSRoFeMbwtmfbz65EupKwczlPp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org