Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa
File:                     6NjBHZaOAXajAsZeg6gKZEGSbME.roa (raw, json)
Hash identifier:          k+M74MGk0dSayviu5Gx4p7Dcx/URrTFopzQFgxFSUpw=
Subject key identifier:   E8:D8:C1:1D:96:8E:01:76:A3:02:C6:5E:83:A8:0A:64:41:92:6C:C1
Certificate issuer:       /CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Certificate serial:       08333A57
Authority key identifier: D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa
Signing time:             Sat 01 Jan 2022 13:03:47 +0000
ROA not before:           Sat 01 Jan 2022 13:03:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213192
IP address blocks:        46.235.40.0/21 maxlen: 21
                          83.150.232.0/22 maxlen: 22
                          83.150.235.0/24 maxlen: 24
                          2a00:d640::/32 maxlen: 32
                          2a00:d641::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137574999 (0x8333a57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
        Validity
            Not Before: Jan  1 13:03:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8d8c11d968e0176a302c65e83a80a6441926cc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c7:f4:0f:09:86:b1:9e:92:1d:9d:44:a5:7b:
                    dc:4c:26:71:aa:f7:86:5d:75:79:57:df:fb:30:35:
                    11:3e:8c:df:9c:c0:14:46:f1:b7:3d:14:d7:a7:e7:
                    4d:f3:32:5f:b0:5a:93:9b:87:47:15:e0:1b:d1:03:
                    cb:82:0e:86:15:fc:2c:24:8e:6a:c4:de:11:26:2b:
                    d5:b3:b8:01:f1:74:67:5a:e3:4e:79:7a:8d:ab:fe:
                    c6:08:17:73:3f:8c:db:52:35:72:b5:6e:ac:26:d1:
                    f2:70:12:24:a6:f6:d9:8f:f9:7b:f3:1f:fc:be:60:
                    8e:f5:39:81:e3:88:78:4d:89:9a:5f:52:19:26:08:
                    3d:7f:af:e8:94:b4:a1:7a:ab:2c:3c:0f:ea:07:ef:
                    bd:81:de:7d:47:89:8e:5a:53:23:bb:1b:37:b2:7d:
                    7f:80:75:6e:68:31:d5:38:16:cf:36:d4:50:e6:44:
                    c6:9a:69:08:95:1e:58:d9:af:0c:0e:f5:07:4f:b5:
                    04:7a:03:ff:ce:58:7f:b6:f7:3b:f4:b9:22:86:55:
                    cc:f6:32:83:7d:99:e7:0f:a8:22:32:af:36:db:c4:
                    58:b9:e8:46:6f:6c:8d:58:e8:46:20:54:98:1f:77:
                    bd:90:ed:f7:49:03:d6:2b:d4:cb:4d:97:1c:29:b1:
                    b4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:D8:C1:1D:96:8E:01:76:A3:02:C6:5E:83:A8:0A:64:41:92:6C:C1
            X509v3 Authority Key Identifier:
                keyid:D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/6NjBHZaOAXajAsZeg6gKZEGSbME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.235.40.0/21
                  83.150.232.0/22
                IPv6:
                  2a00:d640::/31

    Signature Algorithm: sha256WithRSAEncryption
         40:12:de:ed:bf:ba:c4:9d:c8:ca:9b:42:41:52:d5:84:2d:2d:
         f9:03:ae:95:39:95:1e:bb:3d:f0:32:23:9c:b3:b2:a6:75:89:
         d7:34:9b:83:6f:cd:af:64:ed:c2:1b:34:bd:a5:6b:9b:2d:83:
         31:58:85:bf:10:13:ca:8c:ef:ef:9b:4c:ee:0b:8d:8e:1d:3e:
         78:11:50:ae:de:07:81:6a:9c:ce:39:30:2c:0c:80:c6:8f:a3:
         c0:02:ca:5a:2f:2a:03:99:ff:fb:f9:e2:cc:fd:a2:c5:bf:b2:
         38:54:26:36:f5:78:89:1b:22:34:0f:46:b8:1f:22:f8:e9:ed:
         e3:e2:ad:33:67:89:a5:09:2e:a4:72:43:99:9d:e5:4b:1b:91:
         7b:5e:22:87:df:d4:2a:8a:da:a5:c2:f2:6a:18:34:f4:2d:88:
         f4:6b:b3:20:fd:75:96:76:51:eb:c1:b6:c2:0d:3f:88:1d:fb:
         43:40:10:ed:1e:d9:20:12:42:28:4c:f0:9d:f5:4b:f7:8b:7c:
         61:5c:45:55:b2:3b:40:4a:a1:47:c5:0a:55:2b:88:0e:15:e9:
         5e:d4:01:ea:f9:d7:03:ae:6b:75:bf:79:b7:a5:c5:5c:0b:b9:
         6d:62:aa:6a:0b:0b:fa:36:ae:03:6f:c1:de:24:2f:66:f4:28:
         a1:2e:24:e5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECDM6VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmZhMmE3MDAwMzg4MGQ3NTYxNjEyYTNjMGExMjYwMmNlMzU0MWE0MB4XDTIyMDEw
MTEzMDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThkOGMxMWQ5Njhl
MDE3NmEzMDJjNjVlODNhODBhNjQ0MTkyNmNjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzH9A8JhrGekh2dRKV73Ewmcar3hl11eVff+zA1ET6M35zA
FEbxtz0U16fnTfMyX7Bak5uHRxXgG9EDy4IOhhX8LCSOasTeESYr1bO4AfF0Z1rj
Tnl6jav+xggXcz+M21I1crVurCbR8nASJKb22Y/5e/Mf/L5gjvU5geOIeE2Jml9S
GSYIPX+v6JS0oXqrLDwP6gfvvYHefUeJjlpTI7sbN7J9f4B1bmgx1TgWzzbUUOZE
xpppCJUeWNmvDA71B0+1BHoD/85Yf7b3O/S5IoZVzPYyg32Z5w+oIjKvNtvEWLno
Rm9sjVjoRiBUmB93vZDt90kD1ivUy02XHCmxtEsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTo2MEdlo4BdqMCxl6DqApkQZJswTAfBgNVHSMEGDAWgBTS+ipwADiA11YW
EqPAoSYCzjVBpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2b3FjQUE0Z05kV0ZoS2p3S0VtQXM0MVFhUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvYjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8x
LzZOakJIWmFPQVhhakFzWmVnNmdLWkVHU2JNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
YjIwN2QxLThiN2ItNGUyNy04MzcwLWE3OTY1MDFlNzdhMS8xLzB2b3FjQUE0Z05k
V0ZoS2p3S0VtQXM0MVFhUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAy7rKAMEAlOW6DANBAIAAjAHAwUB
KgDWQDANBgkqhkiG9w0BAQsFAAOCAQEAQBLe7b+6xJ3IyptCQVLVhC0t+QOulTmV
Hrs98DIjnLOypnWJ1zSbg2/Nr2Ttwhs0vaVrmy2DMViFvxATyozv75tM7guNjh0+
eBFQrt4HgWqczjkwLAyAxo+jwALKWi8qA5n/+/nizP2ixb+yOFQmNvV4iRsiNA9G
uB8i+Ont4+KtM2eJpQkupHJDmZ3lSxuRe14ih9/UKorapcLyahg09C2I9GuzIP11
lnZR68G2wg0/iB37Q0AQ7R7ZIBJCKEzwnfVL94t8YVxFVbI7QEqhR8UKVSuIDhXp
XtQB6vnXA65rdb95t6XFXAu5bWKqagsL+jauA2/B3iQvZvQooS4k5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org