Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/6-6_AJF7TNlwEJXmmWfbjsUoGiM.roa
File:                     6-6_AJF7TNlwEJXmmWfbjsUoGiM.roa (raw, json)
Hash identifier:          rHq3tt2oap+Q7aiJEMg/+Jq1eVXOuAtM8b0DKVe2508=
Subject key identifier:   EB:EE:BF:00:91:7B:4C:D9:70:10:95:E6:99:67:DB:8E:C5:28:1A:23
Certificate issuer:       /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial:       01FA2276
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/6-6_AJF7TNlwEJXmmWfbjsUoGiM.roa
Signing time:             Sat 01 Jan 2022 15:07:06 +0000
ROA not before:           Sat 01 Jan 2022 15:07:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211656
IP address blocks:        185.117.252.0/22 maxlen: 24
                          2a10:ad40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33170038 (0x1fa2276)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
        Validity
            Not Before: Jan  1 15:07:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ebeebf00917b4cd9701095e69967db8ec5281a23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:26:64:b4:ed:45:34:de:a8:20:24:21:37:1c:
                    ce:23:f5:9b:1a:53:56:3e:59:13:82:83:7e:ef:f6:
                    db:15:0e:e7:ea:bc:d9:73:9c:d8:0e:25:ce:8d:d4:
                    ff:c4:39:44:f2:f9:ca:d3:30:65:c3:36:c8:fa:e6:
                    50:f9:09:30:2c:78:8e:c8:c7:45:30:02:de:2d:03:
                    a0:f3:fe:fc:71:0a:bb:bd:ca:c0:98:58:54:51:ee:
                    fa:04:d9:4f:ff:4c:c8:16:88:22:4d:89:c1:a2:9c:
                    ec:c9:20:b0:f7:be:18:e5:71:f6:d7:2b:95:9c:72:
                    5e:32:20:fb:91:74:7b:0f:31:c4:64:ef:a5:81:c4:
                    ad:85:48:fc:5c:f2:0d:c7:c0:82:22:2c:a1:f6:5b:
                    8f:ff:ee:8e:c4:ec:91:80:36:36:0b:70:b0:d1:0f:
                    89:86:fb:0f:6b:76:fe:30:bf:95:d3:50:89:f9:d2:
                    c3:e7:fb:45:83:b2:dd:ec:a0:c3:79:52:dd:74:3d:
                    ca:45:71:eb:6f:12:7a:d2:5a:9c:85:3b:34:b0:bc:
                    59:2e:d2:6f:c1:9c:09:3f:29:f2:e3:93:b8:d0:d7:
                    66:19:8b:3c:6e:3b:b1:13:73:66:9f:e8:06:79:73:
                    0e:4f:2a:fe:76:a9:49:68:36:95:67:bc:b4:43:9e:
                    e1:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:EE:BF:00:91:7B:4C:D9:70:10:95:E6:99:67:DB:8E:C5:28:1A:23
            X509v3 Authority Key Identifier:
                keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/6-6_AJF7TNlwEJXmmWfbjsUoGiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.252.0/22
                IPv6:
                  2a10:ad40::/29

    Signature Algorithm: sha256WithRSAEncryption
         10:2f:70:b1:d3:4d:0f:17:70:79:26:73:77:eb:18:77:55:20:
         32:3b:72:90:1d:52:b8:16:41:9c:76:66:29:25:2c:21:0d:e9:
         d7:aa:c1:65:bc:77:b9:a3:b1:13:74:8e:64:97:b8:32:e3:1e:
         5e:9e:14:50:5f:db:c6:1a:80:37:b1:5a:4b:a2:fa:40:33:58:
         7e:40:4c:e0:c0:5e:35:80:5d:20:86:a5:cc:56:32:e9:bb:35:
         d4:7a:82:38:3b:24:e2:b6:42:e5:45:1a:80:38:67:58:c6:0e:
         c3:48:00:a3:46:60:a1:1f:e4:02:5f:fc:2c:74:e2:e5:f2:50:
         4b:29:a1:4b:f5:6e:ba:d1:ee:4a:e5:9d:24:fa:b2:73:91:b1:
         9c:fc:81:59:8f:ba:5a:aa:a9:b4:fb:01:a5:99:bb:17:e0:8e:
         b5:91:f6:4a:57:ea:f5:69:bd:f9:9f:b1:cb:15:9d:85:5e:bf:
         b3:b5:07:17:ed:2e:9e:fe:93:9b:e3:3b:02:36:d4:e5:98:b4:
         d6:4b:9a:1b:e1:23:b7:cf:ec:bc:f3:3d:25:4a:03:30:36:69:
         e8:92:da:44:03:45:a4:b2:ff:f4:7b:67:14:0a:f4:3f:0d:2e:
         4b:8e:48:e8:b4:7d:23:ce:85:c7:fb:39:c0:8d:64:69:84:19:
         d0:e1:bf:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAfoidjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWQ0ZWU0YWZmZjU1ZTY3NDQ0ZDQ3ZDQ5YjUxMmE4MzY4YmY5ZWY2MB4XDTIyMDEw
MTE1MDcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJlZWJmMDA5MTdi
NGNkOTcwMTA5NWU2OTk2N2RiOGVjNTI4MWEyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALomZLTtRTTeqCAkITccziP1mxpTVj5ZE4KDfu/22xUO5+q8
2XOc2A4lzo3U/8Q5RPL5ytMwZcM2yPrmUPkJMCx4jsjHRTAC3i0DoPP+/HEKu73K
wJhYVFHu+gTZT/9MyBaIIk2JwaKc7MkgsPe+GOVx9tcrlZxyXjIg+5F0ew8xxGTv
pYHErYVI/FzyDcfAgiIsofZbj//ujsTskYA2NgtwsNEPiYb7D2t2/jC/ldNQifnS
w+f7RYOy3eygw3lS3XQ9ykVx628SetJanIU7NLC8WS7Sb8GcCT8p8uOTuNDXZhmL
PG47sRNzZp/oBnlzDk8q/napSWg2lWe8tEOe4XMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTr7r8AkXtM2XAQleaZZ9uOxSgaIzAfBgNVHSMEGDAWgBQx1O5K//VeZ0RN
R9SbUSqDaL+e9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01kVHVTdl8xWG1kRVRVZlVtMUVxZzJpX252WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZTQ0ZGVhLThkNTEtNDQwYS1iYzAyLWJhYjU3NmUyMDM5My8x
LzYtNl9BSkY3VE5sd0VKWG1tV2ZianNVb0dpTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZTQ0ZGVhLThkNTEtNDQwYS1iYzAyLWJhYjU3NmUyMDM5My8xL01kVHVTdl8xWG1k
RVRVZlVtMUVxZzJpX252WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl1/DANBAIAAjAHAwUDKhCtQDAN
BgkqhkiG9w0BAQsFAAOCAQEAEC9wsdNNDxdweSZzd+sYd1UgMjtykB1SuBZBnHZm
KSUsIQ3p16rBZbx3uaOxE3SOZJe4MuMeXp4UUF/bxhqAN7FaS6L6QDNYfkBM4MBe
NYBdIIalzFYy6bs11HqCODsk4rZC5UUagDhnWMYOw0gAo0ZgoR/kAl/8LHTi5fJQ
SymhS/VuutHuSuWdJPqyc5GxnPyBWY+6WqqptPsBpZm7F+COtZH2Slfq9Wm9+Z+x
yxWdhV6/s7UHF+0unv6Tm+M7AjbU5Zi01kuaG+Ejt8/svPM9JUoDMDZp6JLaRANF
pLL/9HtnFAr0Pw0uS45I6LR9I86Fx/s5wI1kaYQZ0OG/ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org