Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uNj-9z72IyACHysQdIvt3vKjvGc.roa
File:                     uNj-9z72IyACHysQdIvt3vKjvGc.roa (raw, json)
Hash identifier:          sXfFG3Eg9ECr1yzxZtY1kUAo02U164uy0MqhNg1BBGA=
Subject key identifier:   B8:D8:FE:F7:3E:F6:23:20:02:1F:2B:10:74:8B:ED:DE:F2:A3:BC:67
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       0FF0C1C9
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uNj-9z72IyACHysQdIvt3vKjvGc.roa
Signing time:             Sat 01 Jan 2022 14:59:50 +0000
ROA not before:           Sat 01 Jan 2022 14:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209569
IP address blocks:        2a06:e881:5900::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 267436489 (0xff0c1c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan  1 14:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b8d8fef73ef62320021f2b10748beddef2a3bc67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0b:69:11:48:31:51:9f:b6:9c:06:11:e4:77:
                    c8:b3:b2:44:f4:23:c6:94:bf:33:25:a3:b3:19:05:
                    8c:18:68:6b:9a:35:17:01:01:4f:07:ad:9b:c8:d2:
                    6c:6c:ec:57:a7:ea:44:11:e9:dc:b8:ae:57:79:e7:
                    47:87:13:8f:6d:93:7c:f6:11:27:36:7b:e1:a7:9d:
                    db:2c:4e:ba:14:1b:c1:24:15:c2:5f:93:9e:fc:79:
                    56:6a:76:c4:48:6e:a2:85:e8:6d:97:b8:00:8c:41:
                    e3:7b:1c:4e:e0:80:d6:00:5d:5f:9f:74:0d:44:52:
                    ab:75:b7:b8:cb:96:17:22:7f:aa:a5:9f:a0:d6:c6:
                    27:78:97:8f:52:9c:d6:3f:53:43:5b:7d:53:61:f5:
                    24:0e:a7:ee:60:78:f7:5a:3a:29:e8:3c:04:6a:34:
                    30:ea:74:e0:dc:7e:0c:a3:82:6a:88:36:17:f4:ef:
                    15:d1:58:ae:a7:a4:ad:a7:bd:e2:67:07:9d:c2:dd:
                    98:98:c0:48:10:99:b8:b6:82:b4:53:51:8e:d3:83:
                    fc:b6:8b:aa:1b:6d:58:b1:60:20:ed:f8:86:4f:2a:
                    ea:aa:6e:d7:32:ab:46:57:67:a1:6d:fd:62:1c:94:
                    94:77:17:4e:df:20:31:aa:31:fb:d6:a3:96:73:cd:
                    ae:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:D8:FE:F7:3E:F6:23:20:02:1F:2B:10:74:8B:ED:DE:F2:A3:BC:67
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uNj-9z72IyACHysQdIvt3vKjvGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:5900::/44

    Signature Algorithm: sha256WithRSAEncryption
         0e:31:27:a6:7f:47:d9:4d:15:ec:ba:0f:fd:40:0c:1a:6b:97:
         81:e9:d1:f6:d5:02:d1:fe:a6:00:7e:39:d5:96:93:93:47:26:
         d8:b9:13:cb:63:cb:90:f8:da:c9:a1:12:4f:91:d2:9f:63:e2:
         2a:7c:34:64:c8:ea:9d:de:16:1d:65:34:16:bb:15:f7:0c:14:
         3e:51:2d:3d:8f:74:ec:f2:bc:3a:95:95:dc:f9:3e:f0:b9:13:
         39:ca:02:a9:ff:b0:50:a5:57:f0:2c:c0:fa:e3:e3:f7:5d:1e:
         e4:fd:95:d3:9d:5a:d3:97:8f:b5:ef:ae:f5:5a:dd:69:ab:47:
         8c:f3:0d:be:1d:5a:a3:a3:0d:8e:e2:88:62:9a:c5:a5:94:0b:
         09:ac:05:0a:1c:81:ea:0f:be:ce:8a:d0:47:a2:43:c3:17:05:
         37:62:0b:6b:ee:21:8a:54:dc:00:ff:f5:9d:64:6b:aa:f8:09:
         05:46:df:c3:c3:bc:51:a9:0d:ef:5d:eb:d9:74:b6:47:ec:c2:
         2d:7b:12:0c:ec:6e:f0:73:82:7a:df:e1:72:2e:08:27:12:bb:
         43:11:65:cd:0d:d5:7a:1f:7c:b8:fc:f2:f8:36:d0:23:6d:36:
         77:95:9c:61:61:3f:25:31:62:8b:96:07:b7:ca:4a:68:dc:7d:
         6c:53:c2:e1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED/DByTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDEw
MTE0NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhkOGZlZjczZWY2
MjMyMDAyMWYyYjEwNzQ4YmVkZGVmMmEzYmM2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4LaRFIMVGftpwGEeR3yLOyRPQjxpS/MyWjsxkFjBhoa5o1
FwEBTwetm8jSbGzsV6fqRBHp3LiuV3nnR4cTj22TfPYRJzZ74aed2yxOuhQbwSQV
wl+Tnvx5Vmp2xEhuooXobZe4AIxB43scTuCA1gBdX590DURSq3W3uMuWFyJ/qqWf
oNbGJ3iXj1Kc1j9TQ1t9U2H1JA6n7mB491o6Keg8BGo0MOp04Nx+DKOCaog2F/Tv
FdFYrqekrae94mcHncLdmJjASBCZuLaCtFNRjtOD/LaLqhttWLFgIO34hk8q6qpu
1zKrRldnoW39YhyUlHcXTt8gMaox+9ajlnPNrlMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS42P73PvYjIAIfKxB0i+3e8qO8ZzAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L3VOai05ejcySXlBQ0h5c1FkSXZ0M3ZLanZHYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoG6IFZADANBgkqhkiG9w0BAQsF
AAOCAQEADjEnpn9H2U0V7LoP/UAMGmuXgenR9tUC0f6mAH451ZaTk0cm2LkTy2PL
kPjayaEST5HSn2PiKnw0ZMjqnd4WHWU0FrsV9wwUPlEtPY907PK8OpWV3Pk+8LkT
OcoCqf+wUKVX8CzA+uPj910e5P2V051a05ePte+u9VrdaatHjPMNvh1ao6MNjuKI
YprFpZQLCawFChyB6g++zorQR6JDwxcFN2ILa+4hilTcAP/1nWRrqvgJBUbfw8O8
UakN713r2XS2R+zCLXsSDOxu8HOCet/hci4IJxK7QxFlzQ3Veh98uPzy+DbQI202
d5WcYWE/JTFii5YHt8pKaNx9bFPC4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org