Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/B7ZPTwx0D2GGQQ4D8bB3Wl7wm80.roa
File:                     B7ZPTwx0D2GGQQ4D8bB3Wl7wm80.roa (raw, json)
Hash identifier:          z1hReKJ9oEtKWXF+clWsYYnUu/02i4bagensZvwkVAA=
Subject key identifier:   07:B6:4F:4F:0C:74:0F:61:86:41:0E:03:F1:B0:77:5A:5E:F0:9B:CD
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0676F1A0
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/B7ZPTwx0D2GGQQ4D8bB3Wl7wm80.roa
Signing time:             Wed 09 Feb 2022 15:00:28 +0000
ROA not before:           Wed 09 Feb 2022 15:00:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211151
IP address blocks:        2a0d:f407:1029::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108458400 (0x676f1a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Feb  9 15:00:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=07b64f4f0c740f6186410e03f1b0775a5ef09bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d4:b6:7a:9a:a1:ef:db:5c:3b:d5:07:63:9a:
                    16:9d:a5:99:e2:ae:5a:fa:fe:61:0d:17:1b:36:15:
                    67:a2:a3:a0:55:78:92:33:d6:81:b8:0a:33:89:d0:
                    db:23:c3:9e:a3:84:04:71:0f:51:81:3b:e1:62:5d:
                    75:59:b7:20:1b:e5:b1:6d:83:2d:f8:40:75:49:80:
                    02:55:bf:b3:21:88:dd:7c:46:51:70:ba:57:66:a4:
                    12:de:ce:b7:d8:b4:92:ea:94:f2:96:f0:bf:1c:7c:
                    72:f3:13:44:50:c0:83:df:cf:37:36:79:65:0d:99:
                    64:ce:10:17:62:4d:e2:9e:84:50:09:14:68:2f:fc:
                    ca:f5:8b:4a:b6:a5:db:f5:18:df:cf:48:14:21:db:
                    df:f4:a9:93:ab:bc:28:e2:da:39:aa:f1:a8:67:ba:
                    07:3e:35:55:10:62:cc:69:4b:f9:f1:e6:29:59:92:
                    bb:d0:44:4f:d8:f2:a4:c7:d5:63:3b:74:29:a6:cf:
                    4d:b7:bf:11:16:7d:e6:6a:93:ae:04:89:6d:0e:e4:
                    82:a3:78:f2:bf:0b:af:52:7b:ec:83:07:04:6e:9f:
                    7f:3d:86:d0:e8:9e:ce:10:e8:e8:c5:da:fd:9b:ab:
                    ef:5d:16:93:f4:4e:63:f0:73:86:1d:be:4e:04:bd:
                    30:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:B6:4F:4F:0C:74:0F:61:86:41:0E:03:F1:B0:77:5A:5E:F0:9B:CD
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/B7ZPTwx0D2GGQQ4D8bB3Wl7wm80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:f407:1029::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:b9:85:fc:be:0d:55:3a:df:39:4b:94:f9:09:47:f8:d7:1b:
         14:95:a7:14:c5:8a:32:df:2a:0a:87:4d:36:1f:e9:5c:af:64:
         a2:6f:1b:1e:0d:c3:39:d0:ec:fe:fb:88:c1:b3:bc:c4:6b:8c:
         22:34:76:aa:24:7c:73:58:a2:b0:32:a2:ee:13:dd:13:3b:bb:
         b9:e7:11:df:e0:eb:6d:28:b7:c5:f7:4e:6e:42:4b:0b:b6:3b:
         ae:d8:20:ce:e8:f7:e9:44:23:f0:86:89:d2:bf:8c:bf:8f:95:
         8a:61:31:ee:3d:50:9f:55:dc:36:e7:68:ac:74:65:14:84:dc:
         f5:3a:f6:73:ce:fc:82:e7:b1:57:1a:85:19:3b:d5:10:86:be:
         5e:dc:b6:00:2e:4c:3d:a0:80:aa:ba:07:5b:3f:7a:3c:a5:6c:
         b9:4d:fc:d2:c5:0a:c8:a2:85:35:46:1f:e3:68:0e:d6:f2:09:
         0e:35:31:d1:a5:ee:ba:d5:16:bb:9a:07:aa:ea:46:b1:67:91:
         1e:21:26:b2:09:00:61:81:d8:e2:d4:8c:a8:63:6d:65:96:8a:
         c7:47:58:0d:a1:a6:d1:b4:40:55:ff:5d:33:54:5b:6b:04:e2:
         43:f3:81:88:da:da:4c:28:87:7e:43:1b:5b:94:a1:d8:64:5a:
         e7:66:65:4e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBnbxoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDIw
OTE1MDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDdiNjRmNGYwYzc0
MGY2MTg2NDEwZTAzZjFiMDc3NWE1ZWYwOWJjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPUtnqaoe/bXDvVB2OaFp2lmeKuWvr+YQ0XGzYVZ6KjoFV4
kjPWgbgKM4nQ2yPDnqOEBHEPUYE74WJddVm3IBvlsW2DLfhAdUmAAlW/syGI3XxG
UXC6V2akEt7Ot9i0kuqU8pbwvxx8cvMTRFDAg9/PNzZ5ZQ2ZZM4QF2JN4p6EUAkU
aC/8yvWLSral2/UY389IFCHb3/Spk6u8KOLaOarxqGe6Bz41VRBizGlL+fHmKVmS
u9BET9jypMfVYzt0KabPTbe/ERZ95mqTrgSJbQ7kgqN48r8Lr1J77IMHBG6ffz2G
0OiezhDo6MXa/Zur710Wk/ROY/Bzhh2+TgS9MNECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQHtk9PDHQPYYZBDgPxsHdaXvCbzTAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
L0I3WlBUd3gwRDJHR1FRNEQ4YkIzV2w3d204MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN9AcQKTANBgkqhkiG9w0BAQsF
AAOCAQEAHbmF/L4NVTrfOUuU+QlH+NcbFJWnFMWKMt8qCodNNh/pXK9kom8bHg3D
OdDs/vuIwbO8xGuMIjR2qiR8c1iisDKi7hPdEzu7uecR3+DrbSi3xfdObkJLC7Y7
rtggzuj36UQj8IaJ0r+Mv4+VimEx7j1Qn1XcNudorHRlFITc9Tr2c878guexVxqF
GTvVEIa+Xty2AC5MPaCAqroHWz96PKVsuU380sUKyKKFNUYf42gO1vIJDjUx0aXu
utUWu5oHqupGsWeRHiEmsgkAYYHY4tSMqGNtZZaKx0dYDaGm0bRAVf9dM1RbawTi
Q/OBiNraTCiHfkMbW5Sh2GRa52ZlTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org