Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/_2w-BdN3dC_Z1gmsqnlhgFn5lI0.roa
File:                     _2w-BdN3dC_Z1gmsqnlhgFn5lI0.roa (raw, json)
Hash identifier:          V8m59j7bezv/RlhcP3eBQUWWbwXXeaKjXdZhqfQNb04=
Subject key identifier:   FF:6C:3E:05:D3:77:74:2F:D9:D6:09:AC:AA:79:61:80:59:F9:94:8D
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       110D8735
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/_2w-BdN3dC_Z1gmsqnlhgFn5lI0.roa
Signing time:             Thu 21 Apr 2022 23:40:40 +0000
ROA not before:           Thu 21 Apr 2022 23:40:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     53667
IP address blocks:        2a06:e881:9100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 286099253 (0x110d8735)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Apr 21 23:40:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ff6c3e05d377742fd9d609acaa79618059f9948d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:23:82:59:3b:2a:5d:6f:b4:48:6e:d3:b5:9f:
                    30:a7:66:51:0d:01:eb:81:2a:c3:14:b9:c3:13:b2:
                    0b:a3:af:a9:3e:84:bf:df:6f:b3:65:a3:e8:6e:40:
                    48:ac:31:03:46:03:1f:0e:6d:83:60:24:66:2e:44:
                    77:51:05:ce:c4:f6:9c:9e:40:75:cc:2a:66:7b:47:
                    3f:27:4c:87:67:c0:d0:8e:0a:ee:48:0e:a5:e3:7e:
                    7e:35:af:a9:93:d5:75:ab:55:73:f3:0c:51:bb:58:
                    a9:77:a6:97:ab:45:d0:c2:f3:f5:06:24:44:ad:0e:
                    af:0f:a9:d5:fc:06:35:77:dc:0a:18:dd:1c:d4:ec:
                    12:cb:fb:d8:05:ab:cf:51:05:9e:73:ca:ae:05:cc:
                    e1:10:fc:f0:40:7e:64:67:fb:b2:ea:26:07:14:05:
                    b1:7a:2e:4f:fa:b7:58:f6:9a:da:1d:41:82:f6:be:
                    74:62:aa:57:b7:2e:6b:3f:07:e8:3e:12:35:e7:99:
                    95:de:4d:0e:3c:57:57:ac:9a:47:e4:19:aa:44:bb:
                    fc:62:0d:d4:d0:fe:5d:ec:f4:5c:b0:90:65:15:d4:
                    54:9b:ad:1e:64:7c:65:cd:f5:62:77:00:2e:47:96:
                    23:64:7d:82:10:72:28:01:23:b0:7c:8f:eb:54:86:
                    4d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:6C:3E:05:D3:77:74:2F:D9:D6:09:AC:AA:79:61:80:59:F9:94:8D
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/_2w-BdN3dC_Z1gmsqnlhgFn5lI0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:9100::/40

    Signature Algorithm: sha256WithRSAEncryption
         9d:e5:31:c5:0f:82:c3:15:73:84:ee:d3:9b:ec:13:8a:47:97:
         cd:49:50:8a:cb:80:26:72:83:35:c2:27:32:c9:96:53:13:f0:
         97:f0:68:15:54:39:36:b6:0b:3c:30:27:a8:bb:e5:39:e4:18:
         1c:59:3c:ff:b2:6f:d4:ab:8a:87:f8:68:aa:ea:5e:16:79:b5:
         8d:49:eb:b1:ea:f9:f8:f4:98:97:64:cc:e2:96:d3:6f:b4:44:
         7a:cf:b8:ff:fa:6a:f1:ee:bf:07:44:a4:15:b9:2a:18:96:7f:
         73:b1:42:47:d1:bd:97:4e:dc:f6:68:56:bf:38:37:08:f5:84:
         49:17:42:61:51:2b:6a:94:68:5d:28:47:3a:1b:6a:74:a3:33:
         ac:5b:e8:d8:9c:f5:90:04:66:75:fd:f1:42:98:a2:83:aa:9b:
         43:4b:f9:cb:72:f9:ca:7a:a4:ce:60:d4:bc:b1:1b:f3:88:c0:
         b9:ae:ae:c2:74:5a:1a:19:fa:f5:a8:36:bf:4f:c3:9d:6b:b9:
         48:ab:5a:af:2b:d5:33:76:3c:bc:55:a0:b7:a7:4d:8f:ca:d9:
         20:99:cf:c9:ea:1f:95:36:46:aa:34:5e:4c:28:42:6c:cc:7d:
         4d:22:13:8e:e3:dd:bf:1c:51:1a:2d:34:cc:45:bb:82:dd:d0:
         ee:a7:d8:ce
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEQ2HNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDQy
MTIzNDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY2YzNlMDVkMzc3
NzQyZmQ5ZDYwOWFjYWE3OTYxODA1OWY5OTQ4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8jglk7Kl1vtEhu07WfMKdmUQ0B64EqwxS5wxOyC6OvqT6E
v99vs2Wj6G5ASKwxA0YDHw5tg2AkZi5Ed1EFzsT2nJ5AdcwqZntHPydMh2fA0I4K
7kgOpeN+fjWvqZPVdatVc/MMUbtYqXeml6tF0MLz9QYkRK0Orw+p1fwGNXfcChjd
HNTsEsv72AWrz1EFnnPKrgXM4RD88EB+ZGf7suomBxQFsXouT/q3WPaa2h1Bgva+
dGKqV7cuaz8H6D4SNeeZld5NDjxXV6yaR+QZqkS7/GIN1ND+Xez0XLCQZRXUVJut
HmR8Zc31YncALkeWI2R9ghByKAEjsHyP61SGTe8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT/bD4F03d0L9nWCayqeWGAWfmUjTAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L18ydy1CZE4zZENfWjFnbXNxbmxoZ0ZuNWxJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoG6IGRMA0GCSqGSIb3DQEBCwUA
A4IBAQCd5THFD4LDFXOE7tOb7BOKR5fNSVCKy4AmcoM1wicyyZZTE/CX8GgVVDk2
tgs8MCeou+U55BgcWTz/sm/Uq4qH+Giq6l4WebWNSeux6vn49JiXZMziltNvtER6
z7j/+mrx7r8HRKQVuSoYln9zsUJH0b2XTtz2aFa/ODcI9YRJF0JhUStqlGhdKEc6
G2p0ozOsW+jYnPWQBGZ1/fFCmKKDqptDS/nLcvnKeqTOYNS8sRvziMC5rq7CdFoa
Gfr1qDa/T8Oda7lIq1qvK9Uzdjy8VaC3p02Pytkgmc/J6h+VNkaqNF5MKEJszH1N
IhOO492/HFEaLTTMRbuC3dDup9jO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org