Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/neRJIRJBsMAgzcpWIE7oN5z6Fck.roa
File:                     neRJIRJBsMAgzcpWIE7oN5z6Fck.roa (raw, json)
Hash identifier:          TuPtb0NhQX7azzuLVE3/SRkl+R2UPiOBwYNOyT8VHEY=
Subject key identifier:   9D:E4:49:21:12:41:B0:C0:20:CD:CA:56:20:4E:E8:37:9C:FA:15:C9
Certificate issuer:       /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial:       02634257
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/neRJIRJBsMAgzcpWIE7oN5z6Fck.roa
Signing time:             Fri 29 Apr 2022 23:43:23 +0000
ROA not before:           Fri 29 Apr 2022 23:43:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213169
IP address blocks:        2a0e:da40:3000::/36 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40059479 (0x2634257)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
        Validity
            Not Before: Apr 29 23:43:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9de449211241b0c020cdca56204ee8379cfa15c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8c:7e:db:0a:d8:1c:b2:5f:18:5a:16:ab:7e:
                    60:ff:61:81:5a:b1:26:cd:e6:8d:67:c6:3b:e0:1e:
                    bd:72:bf:e7:48:0b:8a:78:da:ce:d0:d1:a7:47:43:
                    38:52:73:b8:39:7c:83:7f:ed:b6:64:0b:29:6f:c5:
                    60:12:45:42:29:a0:0e:b7:43:5f:f0:47:cb:4f:f9:
                    75:c6:f9:c3:87:54:4e:2c:87:99:cc:b1:a4:11:28:
                    94:28:b6:12:1f:13:0b:5f:b7:45:a4:be:d2:2c:6d:
                    6d:96:43:a7:b1:b1:15:5a:d3:d6:8b:2d:e5:e7:ec:
                    a1:c8:4b:72:87:8b:03:d8:8c:89:88:7b:c5:e8:38:
                    ce:5c:92:27:ca:0c:83:cc:8e:b4:ef:24:92:9d:01:
                    6a:95:2e:95:87:73:7f:6a:b4:5c:bc:dc:8d:8b:0e:
                    5c:fb:5a:82:cd:a9:ce:f4:78:53:1c:f9:c9:dd:02:
                    6c:9e:7e:69:64:5a:ee:fe:25:96:69:72:2a:be:b8:
                    1e:d2:7c:06:0f:61:c2:a5:38:09:58:a4:fe:c6:15:
                    a7:87:9b:9c:b4:04:d6:cd:ea:b9:f0:a7:9f:5a:6a:
                    e4:6d:4a:44:a6:fb:37:14:28:d4:aa:77:a4:56:0f:
                    f9:26:bd:9f:3d:d4:76:29:a7:c7:10:42:74:c9:d0:
                    db:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E4:49:21:12:41:B0:C0:20:CD:CA:56:20:4E:E8:37:9C:FA:15:C9
            X509v3 Authority Key Identifier:
                keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/neRJIRJBsMAgzcpWIE7oN5z6Fck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:da40:3000::/36

    Signature Algorithm: sha256WithRSAEncryption
         5c:36:89:c8:07:aa:79:ef:d0:38:4a:96:11:20:7b:b7:88:34:
         0c:68:7f:7c:d6:95:59:f7:c3:fe:51:88:c3:39:45:f4:fc:b6:
         0c:75:f9:73:ae:d4:68:9b:87:a5:fc:9d:06:25:f2:8c:80:3a:
         3e:bc:c8:0f:39:e8:d4:1c:0f:51:4c:a8:38:90:9d:bc:dc:06:
         da:f5:64:80:1d:2c:e8:27:31:2c:69:d3:23:be:d9:9d:36:19:
         4f:ac:aa:a7:88:2b:2b:23:3c:55:b9:0e:68:60:d1:25:47:72:
         96:50:17:25:af:cd:96:35:66:cb:1c:fb:da:0b:43:ce:97:58:
         1f:5c:2a:66:a0:d3:19:89:d0:70:2b:22:17:80:2f:c6:f9:84:
         53:6f:33:bd:80:3c:58:76:7b:3d:13:47:0b:1c:86:81:3b:a3:
         0d:4f:21:07:d0:43:d9:b5:4b:b1:51:a2:bc:4d:15:d7:2b:a6:
         ff:70:2b:49:89:74:5e:92:9d:b6:ed:b4:92:b0:45:ae:3a:d4:
         a1:5a:80:c4:59:b8:20:92:aa:18:2c:8d:19:da:a3:69:84:f1:
         8c:a3:9c:0d:18:77:fc:67:7c:df:97:9d:a0:67:27:c8:7a:18:
         5e:6d:d9:56:52:78:cc:b6:f4:14:f4:41:63:8a:bd:10:92:1c:
         2e:27:1d:56
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAmNCVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDQy
OTIzNDMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRlNDQ5MjExMjQx
YjBjMDIwY2RjYTU2MjA0ZWU4Mzc5Y2ZhMTVjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6MftsK2ByyXxhaFqt+YP9hgVqxJs3mjWfGO+AevXK/50gL
injaztDRp0dDOFJzuDl8g3/ttmQLKW/FYBJFQimgDrdDX/BHy0/5dcb5w4dUTiyH
mcyxpBEolCi2Eh8TC1+3RaS+0ixtbZZDp7GxFVrT1ost5efsochLcoeLA9iMiYh7
xeg4zlySJ8oMg8yOtO8kkp0BapUulYdzf2q0XLzcjYsOXPtags2pzvR4Uxz5yd0C
bJ5+aWRa7v4llmlyKr64HtJ8Bg9hwqU4CVik/sYVp4ebnLQE1s3qufCnn1pq5G1K
RKb7NxQo1Kp3pFYP+Sa9nz3UdimnxxBCdMnQ22ECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSd5EkhEkGwwCDNylYgTug3nPoVyTAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L25lUkpJUkpCc01BZ3pjcFdJRTdvTjV6NkZjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoO2kAwMA0GCSqGSIb3DQEBCwUA
A4IBAQBcNonIB6p579A4SpYRIHu3iDQMaH981pVZ98P+UYjDOUX0/LYMdflzrtRo
m4el/J0GJfKMgDo+vMgPOejUHA9RTKg4kJ283Aba9WSAHSzoJzEsadMjvtmdNhlP
rKqniCsrIzxVuQ5oYNElR3KWUBclr82WNWbLHPvaC0POl1gfXCpmoNMZidBwKyIX
gC/G+YRTbzO9gDxYdns9E0cLHIaBO6MNTyEH0EPZtUuxUaK8TRXXK6b/cCtJiXRe
kp227bSSsEWuOtShWoDEWbggkqoYLI0Z2qNphPGMo5wNGHf8Z3zfl52gZyfIehhe
bdlWUnjMtvQU9EFjir0QkhwuJx1W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org