Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgNbPLnqgYV8hnpqBbM6jDmMwaI.roa
File:                     CgNbPLnqgYV8hnpqBbM6jDmMwaI.roa (raw, json)
Hash identifier:          RlHwIM6vlCaPdGGwEQQDq3X+GzKy+8+WFzE4lnq7Dn8=
Subject key identifier:   0A:03:5B:3C:B9:EA:81:85:7C:86:7A:6A:05:B3:3A:8C:39:8C:C1:A2
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       01823665485D5636509838F826E9691708D1
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgNbPLnqgYV8hnpqBbM6jDmMwaI.roa
Signing time:             Mon 25 Jul 2022 17:26:23 +0000
ROA not before:           Mon 25 Jul 2022 17:26:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        2a09:7c46::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:36:65:48:5d:56:36:50:98:38:f8:26:e9:69:17:08:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Jul 25 17:26:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a035b3cb9ea81857c867a6a05b33a8c398cc1a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bd:3f:55:a9:ab:7b:0e:24:3e:93:93:36:4d:
                    22:30:7f:73:51:4c:fb:91:6b:71:a8:46:4b:47:b9:
                    5d:bd:33:d7:c3:24:81:5f:31:fe:d8:75:1d:72:45:
                    21:5f:1b:31:93:e1:fa:1c:06:04:4e:e8:53:47:5f:
                    32:f4:dd:5c:c3:87:7e:dd:df:fa:0d:d1:5e:97:e7:
                    40:69:56:a8:2e:3e:44:47:0d:03:d5:3a:65:69:31:
                    ed:99:79:17:f9:19:c6:e1:6f:0d:58:9c:11:03:31:
                    59:a0:15:da:2a:c7:0f:74:f8:c5:e1:6c:b5:99:78:
                    c1:80:99:25:53:3e:52:32:f3:20:9e:9f:60:dd:07:
                    d2:73:62:67:51:85:e1:6c:44:9f:91:fa:9c:f2:2a:
                    c5:6c:8a:c9:b0:9d:ae:f0:73:b4:65:40:54:04:23:
                    e1:7d:c6:31:71:ca:db:30:a1:13:c6:89:90:ee:d0:
                    85:67:87:0f:c5:16:37:0f:a5:c1:98:5d:d0:ac:3a:
                    4f:00:d0:9f:fe:24:29:ee:a1:21:c0:4b:75:04:74:
                    77:5e:b8:bc:6e:ef:f6:4d:cf:d9:d2:74:04:43:6b:
                    6d:a0:80:82:c1:10:34:84:63:fa:36:eb:4e:49:29:
                    84:70:d1:f4:75:63:fc:9e:30:9d:c9:5b:eb:41:b7:
                    d8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:03:5B:3C:B9:EA:81:85:7C:86:7A:6A:05:B3:3A:8C:39:8C:C1:A2
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/CgNbPLnqgYV8hnpqBbM6jDmMwaI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7c46::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:a5:a2:41:11:91:f2:34:c4:eb:3e:f0:68:7e:28:f4:88:bb:
         9d:42:48:e1:4e:a6:32:eb:a0:75:1e:10:a3:ac:88:71:eb:ce:
         53:f2:8e:c1:fd:98:cc:1c:86:3a:22:3e:a3:b2:62:0f:6e:e7:
         db:6c:d0:6e:26:7b:60:3d:34:91:ed:3e:d6:e8:3a:4b:16:45:
         77:08:8b:27:d6:15:da:52:5b:1a:e6:46:8c:64:7a:27:d2:85:
         9e:cd:5e:6e:21:ba:15:8f:84:e9:85:2d:f5:65:51:2d:84:0e:
         fe:28:bd:74:3c:1f:18:75:d5:00:a0:b1:35:04:a8:3b:88:eb:
         d7:36:a9:b2:59:09:fe:f6:5d:80:cc:07:78:9f:2d:2c:99:7c:
         d3:22:0d:1a:dc:29:d8:80:cf:9d:5d:29:d1:79:ef:bd:2a:1b:
         46:2d:4f:dd:b7:05:d4:ec:7e:98:18:d3:a2:6b:cb:a9:43:b2:
         49:07:13:3c:c1:b6:d3:b3:43:b5:a4:d5:e3:45:f1:78:37:55:
         7d:b4:3c:2f:49:4a:de:48:73:d9:dc:4a:53:38:bc:a3:05:33:
         69:4d:27:62:0b:4f:3e:95:cc:b4:11:51:e1:9a:11:cf:83:51:
         b5:9e:aa:70:14:d9:2d:29:d3:a3:31:22:dc:b6:be:cd:a6:c5:
         36:23:03:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI2ZUhdVjZQmDj4JulpFwjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIwNzI1MTcyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAzNWIzY2I5ZWE4MTg1N2M4NjdhNmEwNWIzM2E4YzM5OGNjMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb0/Vamrew4kPpOTNk0iMH9zUUz7
kWtxqEZLR7ldvTPXwySBXzH+2HUdckUhXxsxk+H6HAYETuhTR18y9N1cw4d+3d/6
DdFel+dAaVaoLj5ERw0D1TplaTHtmXkX+RnG4W8NWJwRAzFZoBXaKscPdPjF4Wy1
mXjBgJklUz5SMvMgnp9g3QfSc2JnUYXhbESfkfqc8irFbIrJsJ2u8HO0ZUBUBCPh
fcYxccrbMKETxomQ7tCFZ4cPxRY3D6XBmF3QrDpPANCf/iQp7qEhwEt1BHR3Xri8
bu/2Tc/Z0nQEQ2ttoICCwRA0hGP6NutOSSmEcNH0dWP8njCdyVvrQbfYawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAoDWzy56oGFfIZ6agWzOow5jMGiMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvQ2dOYlBMbnFnWVY4aG5wcUJiTTZqRG1Nd2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgl8RjAN
BgkqhkiG9w0BAQsFAAOCAQEAHKWiQRGR8jTE6z7waH4o9Ii7nUJI4U6mMuugdR4Q
o6yIcevOU/KOwf2YzByGOiI+o7JiD27n22zQbiZ7YD00ke0+1ug6SxZFdwiLJ9YV
2lJbGuZGjGR6J9KFns1ebiG6FY+E6YUt9WVRLYQO/ii9dDwfGHXVAKCxNQSoO4jr
1zapslkJ/vZdgMwHeJ8tLJl80yINGtwp2IDPnV0p0XnvvSobRi1P3bcF1Ox+mBjT
omvLqUOySQcTPMG207NDtaTV40XxeDdVfbQ8L0lK3khz2dxKUzi8owUzaU0nYgtP
PpXMtBFR4ZoRz4NRtZ6qcBTZLSnTozEi3La+zabFNiMDww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org