Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/_bDiKAKkb1LaYkzAaR0c2WtDPM0.roa
File:                     _bDiKAKkb1LaYkzAaR0c2WtDPM0.roa (raw, json)
Hash identifier:          1OafyHv0h3YgM3VLRifdR0h2t+k4ndINxKF3Y+AUax0=
Subject key identifier:   FD:B0:E2:28:02:A4:6F:52:DA:62:4C:C0:69:1D:1C:D9:6B:43:3C:CD
Certificate issuer:       /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial:       0181F6294ACE5BDC84A36C2AD77103FFE6F6
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/_bDiKAKkb1LaYkzAaR0c2WtDPM0.roa
Signing time:             Wed 13 Jul 2022 06:05:10 +0000
ROA not before:           Wed 13 Jul 2022 06:05:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200070
IP address blocks:        193.29.206.0/24 maxlen: 24
                          194.0.14.0/24 maxlen: 24
                          185.43.134.0/24 maxlen: 24
                          2001:678:1::/48 maxlen: 48
                          2001:678:11::/48 maxlen: 48
                          2001:148f:fffd::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f6:29:4a:ce:5b:dc:84:a3:6c:2a:d7:71:03:ff:e6:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
        Validity
            Not Before: Jul 13 06:05:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fdb0e22802a46f52da624cc0691d1cd96b433ccd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:26:9e:95:2d:9c:be:be:ef:d6:57:d9:1f:7d:
                    a3:4e:54:e6:bd:94:2d:d0:af:db:b5:ee:36:f3:03:
                    75:53:49:31:3f:55:77:cc:0d:ee:a2:ec:01:0e:4f:
                    59:90:de:5a:99:07:88:53:4d:6d:9d:e4:3c:da:c6:
                    d2:d2:3d:07:f5:f2:15:78:f1:3f:10:58:f4:24:8e:
                    c1:6c:43:01:74:1e:58:ca:3d:e1:8a:de:46:01:b5:
                    77:e9:11:a0:66:02:ad:42:88:00:bc:96:fa:6e:f0:
                    20:d4:aa:c6:3f:d7:fb:51:ce:ce:1f:13:94:0c:da:
                    4d:13:99:bf:e4:f1:27:b9:09:49:e4:f6:bd:ca:ef:
                    5d:59:4a:15:2e:46:bb:34:5b:e8:2b:b3:d1:81:f6:
                    ca:78:66:37:8c:a2:6c:a5:3c:7b:31:7e:79:a6:08:
                    f4:41:30:40:b3:3e:01:9d:a3:9a:3c:67:82:4e:5d:
                    ab:25:36:96:7b:00:02:19:ba:99:81:bf:68:41:4e:
                    f3:c7:08:82:f0:dd:b6:28:3e:f5:c0:72:18:09:0e:
                    e6:69:87:5b:3e:1a:8f:20:d7:19:24:33:cc:10:85:
                    68:81:ef:e9:89:45:b7:37:7b:f8:21:2c:06:bc:c4:
                    d8:3c:1a:57:e4:f5:c4:f5:82:13:a1:5b:4e:f4:75:
                    2c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B0:E2:28:02:A4:6F:52:DA:62:4C:C0:69:1D:1C:D9:6B:43:3C:CD
            X509v3 Authority Key Identifier:
                keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/_bDiKAKkb1LaYkzAaR0c2WtDPM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.134.0/24
                  193.29.206.0/24
                  194.0.14.0/24
                IPv6:
                  2001:678:1::/48
                  2001:678:11::/48
                  2001:148f:fffd::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:ca:7b:30:c5:60:07:04:19:7d:5c:20:72:db:48:97:09:d3:
         91:ea:f2:62:2a:6a:a1:5b:30:30:2f:95:96:24:a8:b3:55:6c:
         6d:ff:b4:c9:a3:c6:b5:31:e0:5d:da:ff:94:59:ca:05:a0:2b:
         54:bf:bd:87:b5:db:b5:1d:0c:b0:dd:1d:26:05:89:fd:28:4e:
         3c:58:1b:37:76:65:45:ec:3b:0d:ca:ec:a8:de:81:6f:aa:30:
         96:4e:a6:d0:3f:8e:34:50:a9:77:4c:8e:2e:78:21:52:07:0a:
         b4:08:0f:3f:c8:65:58:f9:41:94:f5:1a:94:6c:60:dc:4a:af:
         35:d5:32:01:cc:07:29:3e:67:24:ac:51:2b:bd:1e:f8:cd:99:
         36:55:b7:28:21:fc:01:7c:2a:c4:33:1c:db:67:9e:d2:10:3a:
         a0:2a:63:a4:83:83:86:dd:c2:a6:0c:e6:c8:66:2b:25:8b:59:
         97:48:33:5a:16:43:60:c1:47:3e:61:85:94:80:03:41:f7:fb:
         e0:67:a0:cc:49:36:fc:7a:67:2f:5d:e0:5a:cd:1d:90:eb:74:
         b6:22:0b:66:61:ee:cb:64:af:50:02:fb:06:64:da:df:f7:89:
         00:9f:7a:68:02:fa:bb:87:f7:74:95:a7:db:1d:ca:10:61:ea:
         5f:af:e0:f3
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYH2KUrOW9yEo2wq13ED/+b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjIwNzEzMDYwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIwZTIyODAyYTQ2ZjUyZGE2MjRjYzA2OTFkMWNkOTZiNDMzY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCaelS2cvr7v1lfZH32jTlTmvZQt
0K/bte428wN1U0kxP1V3zA3uouwBDk9ZkN5amQeIU01tneQ82sbS0j0H9fIVePE/
EFj0JI7BbEMBdB5Yyj3hit5GAbV36RGgZgKtQogAvJb6bvAg1KrGP9f7Uc7OHxOU
DNpNE5m/5PEnuQlJ5Pa9yu9dWUoVLka7NFvoK7PRgfbKeGY3jKJspTx7MX55pgj0
QTBAsz4BnaOaPGeCTl2rJTaWewACGbqZgb9oQU7zxwiC8N22KD71wHIYCQ7maYdb
PhqPINcZJDPMEIVoge/piUW3N3v4ISwGvMTYPBpX5PXE9YIToVtO9HUsLQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFP2w4igCpG9S2mJMwGkdHNlrQzzNMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvX2JEaUtBS2tiMUxhWWt6QWFSMGMyV3REUE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAuSuGAwQA
wR3OAwQAwgAOMCEEAgACMBsDBwAgAQZ4AAEDBwAgAQZ4ABEDBwAgARSP//0wDQYJ
KoZIhvcNAQELBQADggEBAGfKezDFYAcEGX1cIHLbSJcJ05Hq8mIqaqFbMDAvlZYk
qLNVbG3/tMmjxrUx4F3a/5RZygWgK1S/vYe127UdDLDdHSYFif0oTjxYGzd2ZUXs
Ow3K7KjegW+qMJZOptA/jjRQqXdMji54IVIHCrQIDz/IZVj5QZT1GpRsYNxKrzXV
MgHMByk+ZySsUSu9HvjNmTZVtygh/AF8KsQzHNtnntIQOqAqY6SDg4bdwqYM5shm
KyWLWZdIM1oWQ2DBRz5hhZSAA0H3++BnoMxJNvx6Zy9d4FrNHZDrdLYiC2Zh7stk
r1AC+wZk2t/3iQCfemgC+ruH93SVp9sdyhBh6l+v4PM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org