Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oY5vypP3C-0ZvtiElj6GcfdVFA0.roa
File:                     oY5vypP3C-0ZvtiElj6GcfdVFA0.roa (raw, json)
Hash identifier:          HMt4D/yvegGyVP0C9p3fBUzfAyfsmb+3S7m3aqrmGsU=
Subject key identifier:   A1:8E:6F:CA:93:F7:0B:ED:19:BE:D8:84:96:3E:86:71:F7:55:14:0D
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       11C4D8D5
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oY5vypP3C-0ZvtiElj6GcfdVFA0.roa
Signing time:             Sun 03 Jul 2022 10:59:13 +0000
ROA not before:           Sun 03 Jul 2022 10:59:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a06:e881:73ff::/48 maxlen: 48
                          2a06:e881:9200::/45 maxlen: 48
                          2a06:e881:9300::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298113237 (0x11c4d8d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jul  3 10:59:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a18e6fca93f70bed19bed884963e8671f755140d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0d:04:78:85:92:7e:aa:dc:f6:fd:f2:03:57:
                    0f:1d:6f:3a:4e:3a:52:0c:f1:78:7e:76:8a:2d:d5:
                    3e:fd:23:71:c0:03:56:b3:d6:d0:2b:4d:3e:97:47:
                    34:21:8f:64:18:bb:3b:41:55:05:63:2f:4b:18:cd:
                    4e:ae:b6:28:72:16:b8:7f:2e:b5:32:30:a9:dd:77:
                    79:d7:c8:d1:a0:d9:d9:3b:db:1c:9a:63:ac:8b:19:
                    d3:ff:91:42:64:50:61:81:72:23:5b:1b:0b:c2:ee:
                    b7:d4:24:16:17:8c:51:2f:56:7c:5d:51:54:57:99:
                    4e:4e:9f:a2:37:b0:32:71:6a:48:43:ea:53:1e:79:
                    b3:bf:d8:8e:0a:e3:69:0f:df:d7:96:73:03:a5:a6:
                    99:a6:e4:9f:dc:2d:6b:d8:f3:c4:3e:42:b3:80:db:
                    1b:69:44:99:bf:07:40:6a:d8:67:24:f0:8d:ce:e3:
                    83:63:6b:c4:fc:e8:9a:e9:24:86:62:28:92:64:f0:
                    4e:9c:be:8d:77:f8:40:47:2e:49:e1:f1:e4:3d:e6:
                    cc:4d:67:33:14:11:52:0a:1b:20:a8:7d:0c:d3:0a:
                    3b:b2:17:09:30:45:c3:d0:ac:cd:36:10:37:29:8b:
                    99:9c:27:76:eb:60:be:5f:22:45:e9:fb:52:7f:88:
                    fe:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8E:6F:CA:93:F7:0B:ED:19:BE:D8:84:96:3E:86:71:F7:55:14:0D
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oY5vypP3C-0ZvtiElj6GcfdVFA0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:73ff::/48
                  2a06:e881:9200::/45
                  2a06:e881:9300::/44

    Signature Algorithm: sha256WithRSAEncryption
         95:25:31:a8:52:53:d8:c4:d4:63:fd:99:fe:76:0e:1e:4c:6c:
         e9:2b:52:36:a3:11:9a:93:5d:47:60:aa:f8:82:0f:84:10:1c:
         51:ca:72:40:c0:79:ae:18:bf:f5:a5:46:5c:22:02:cd:78:72:
         2b:45:4c:14:bc:6e:f2:85:69:cc:f4:40:96:f8:6c:3f:39:c3:
         45:81:c6:13:84:08:d9:04:39:de:22:47:17:2b:94:44:c7:21:
         f2:61:bf:57:c3:18:44:2f:64:a7:4d:d1:1f:31:cc:b1:a6:eb:
         42:d3:4a:e6:f0:9b:59:f3:93:69:7f:f9:81:6d:b3:5c:8f:42:
         aa:00:34:3f:c5:f4:2c:18:ee:df:b0:4c:56:9d:cd:ca:3d:60:
         2a:63:08:87:55:11:79:d1:7b:bf:9f:57:0a:7e:60:c5:c3:90:
         31:28:9d:1b:9b:c4:cb:b6:8f:34:83:d2:8a:a8:08:be:69:6d:
         ad:5a:a6:5e:f7:84:3c:38:76:4a:6e:6f:c8:13:0a:39:2d:47:
         b3:22:9f:50:2b:72:51:bc:8c:22:0f:fe:4c:53:4b:06:53:aa:
         cf:88:bb:e0:2b:c2:37:b2:fa:9d:df:64:1d:2f:fc:e5:c7:7f:
         47:c7:81:6c:86:e4:25:1b:44:c9:5e:5c:16:9b:9c:e5:b3:ba:
         e7:29:9b:56
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEcTY1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDcw
MzEwNTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE4ZTZmY2E5M2Y3
MGJlZDE5YmVkODg0OTYzZTg2NzFmNzU1MTQwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkNBHiFkn6q3Pb98gNXDx1vOk46UgzxeH52ii3VPv0jccAD
VrPW0CtNPpdHNCGPZBi7O0FVBWMvSxjNTq62KHIWuH8utTIwqd13edfI0aDZ2Tvb
HJpjrIsZ0/+RQmRQYYFyI1sbC8Lut9QkFheMUS9WfF1RVFeZTk6fojewMnFqSEPq
Ux55s7/YjgrjaQ/f15ZzA6Wmmabkn9wta9jzxD5Cs4DbG2lEmb8HQGrYZyTwjc7j
g2NrxPzomukkhmIokmTwTpy+jXf4QEcuSeHx5D3mzE1nMxQRUgobIKh9DNMKO7IX
CTBFw9CszTYQNymLmZwndutgvl8iRen7Un+I/rsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBShjm/Kk/cL7Rm+2ISWPoZx91UUDTAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L29ZNXZ5cFAzQy0wWnZ0aUVsajZHY2ZkVkZBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoG6IFz/wMHAyoG6IGSAAMHBCoG
6IGTADANBgkqhkiG9w0BAQsFAAOCAQEAlSUxqFJT2MTUY/2Z/nYOHkxs6StSNqMR
mpNdR2Cq+IIPhBAcUcpyQMB5rhi/9aVGXCICzXhyK0VMFLxu8oVpzPRAlvhsPznD
RYHGE4QI2QQ53iJHFyuURMch8mG/V8MYRC9kp03RHzHMsabrQtNK5vCbWfOTaX/5
gW2zXI9CqgA0P8X0LBju37BMVp3Nyj1gKmMIh1URedF7v59XCn5gxcOQMSidG5vE
y7aPNIPSiqgIvmltrVqmXveEPDh2Sm5vyBMKOS1HsyKfUCtyUbyMIg/+TFNLBlOq
z4i74CvCN7L6nd9kHS/85cd/R8eBbIbkJRtEyV5cFpuc5bO65ymbVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org