Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/a63qh6YS1IdL7yy_KUh60WJmR6I.roa
File:                     a63qh6YS1IdL7yy_KUh60WJmR6I.roa (raw, json)
Hash identifier:          PERZWE8joUUWzZfjAaHeC5y9MuH3Gbp87AS8tdC9zfc=
Subject key identifier:   6B:AD:EA:87:A6:12:D4:87:4B:EF:2C:BF:29:48:7A:D1:62:66:47:A2
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0185397CC3BE86B34A33E9F4F340DAD83794
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/a63qh6YS1IdL7yy_KUh60WJmR6I.roa
Signing time:             Thu 22 Dec 2022 10:59:15 +0000
ROA not before:           Thu 22 Dec 2022 10:59:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29119
IP address blocks:        80.246.226.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:39:7c:c3:be:86:b3:4a:33:e9:f4:f3:40:da:d8:37:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Dec 22 10:59:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6badea87a612d4874bef2cbf29487ad1626647a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:24:b6:31:ae:24:45:01:d1:fa:68:2e:63:c2:
                    d9:03:c0:26:88:6d:54:8a:06:d4:78:fb:b0:e0:f2:
                    db:e5:71:ed:78:47:77:81:f7:84:c2:d0:de:82:b4:
                    d5:03:46:58:07:36:77:a7:3c:89:ba:31:9b:33:c4:
                    50:15:71:8c:18:44:22:3e:bc:12:53:db:45:af:6f:
                    4d:6f:f8:97:75:f8:91:6e:83:5a:17:a1:ba:3b:28:
                    f8:5e:33:b7:82:4a:a8:28:b6:74:63:9a:d7:fe:e0:
                    17:f3:b4:3f:a0:b7:8a:23:ca:58:82:23:bd:7d:6f:
                    fc:04:05:06:72:4f:5e:85:67:66:e6:cd:26:f3:41:
                    a7:81:80:3c:c5:a2:44:c0:73:52:33:65:19:55:24:
                    18:17:d1:d8:68:47:05:5a:b4:78:73:23:ac:90:94:
                    d3:b1:cd:22:d0:2b:61:4c:07:01:cf:eb:6c:7e:79:
                    22:e3:bc:14:44:ad:96:ed:ac:c8:c6:02:38:7f:f2:
                    47:8c:07:06:22:29:ea:a0:90:01:e1:9e:df:a3:bf:
                    c8:2f:3d:43:77:23:a3:e5:b6:e8:d5:f4:ae:69:3a:
                    ef:57:f4:ee:d3:5c:ba:a6:cc:55:5b:a0:dd:97:9d:
                    26:2c:4e:ae:af:21:c5:aa:26:db:8d:a1:f7:da:d7:
                    72:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:AD:EA:87:A6:12:D4:87:4B:EF:2C:BF:29:48:7A:D1:62:66:47:A2
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/a63qh6YS1IdL7yy_KUh60WJmR6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.246.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:53:ab:3a:de:03:a9:2a:70:e5:5f:d4:49:28:53:7d:49:6f:
         b7:f7:da:22:b5:72:95:88:f7:63:6e:c8:fd:d2:ab:78:6b:db:
         9d:d4:2d:c1:fd:33:25:8d:e7:73:5c:0d:20:94:d8:af:52:88:
         c6:18:5c:94:0f:b3:9b:56:35:71:bc:99:84:53:e1:a4:1f:ab:
         1f:ad:10:8c:dd:bd:25:8e:ec:3e:dd:b8:83:59:d2:08:27:f2:
         cb:31:f9:2b:8d:4d:83:11:4b:78:dc:4b:7d:fe:c1:51:bb:cf:
         0d:fe:3a:a8:f7:67:fd:fc:21:e0:a1:4e:90:64:7b:7b:01:9c:
         3e:12:3d:49:b3:3f:5a:cf:65:ce:32:24:46:4a:4c:d4:23:3e:
         ed:f6:32:f7:0d:a7:0f:84:27:d5:ae:6f:aa:37:0f:56:7b:8b:
         30:84:77:ea:d2:39:16:ef:b7:55:a8:c7:5f:07:cc:51:d3:62:
         ec:73:4f:4a:69:11:59:13:8f:8a:42:d5:f1:88:4c:dc:22:19:
         86:70:05:85:09:d1:5a:69:65:cc:1b:1c:16:47:fc:1a:ef:58:
         00:de:1a:c1:15:7b:55:22:24:f9:74:16:82:fa:e5:35:75:73:
         16:ad:c4:8c:6b:a3:63:d1:bb:9c:31:25:40:23:6c:1e:53:a7:
         6b:4c:fd:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU5fMO+hrNKM+n080Da2DeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjIxMjIyMTA1OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFkZWE4N2E2MTJkNDg3NGJlZjJjYmYyOTQ4N2FkMTYyNjY0N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSS2Ma4kRQHR+mguY8LZA8AmiG1U
igbUePuw4PLb5XHteEd3gfeEwtDegrTVA0ZYBzZ3pzyJujGbM8RQFXGMGEQiPrwS
U9tFr29Nb/iXdfiRboNaF6G6Oyj4XjO3gkqoKLZ0Y5rX/uAX87Q/oLeKI8pYgiO9
fW/8BAUGck9ehWdm5s0m80GngYA8xaJEwHNSM2UZVSQYF9HYaEcFWrR4cyOskJTT
sc0i0CthTAcBz+tsfnki47wURK2W7azIxgI4f/JHjAcGIinqoJAB4Z7fo7/ILz1D
dyOj5bbo1fSuaTrvV/Tu01y6psxVW6Ddl50mLE6uryHFqibbjaH32tdyFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGut6oemEtSHS+8svylIetFiZkeiMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvYTYzcWg2WVMxSWRMN3l5X0tVaDYwV0ptUjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUPbiMA0G
CSqGSIb3DQEBCwUAA4IBAQAmU6s63gOpKnDlX9RJKFN9SW+399oitXKViPdjbsj9
0qt4a9ud1C3B/TMljedzXA0glNivUojGGFyUD7ObVjVxvJmEU+GkH6sfrRCM3b0l
juw+3biDWdIIJ/LLMfkrjU2DEUt43Et9/sFRu88N/jqo92f9/CHgoU6QZHt7AZw+
Ej1Jsz9az2XOMiRGSkzUIz7t9jL3DacPhCfVrm+qNw9We4swhHfq0jkW77dVqMdf
B8xR02Lsc09KaRFZE4+KQtXxiEzcIhmGcAWFCdFaaWXMGxwWR/wa71gA3hrBFXtV
IiT5dBaC+uU1dXMWrcSMa6Nj0bucMSVAI2weU6drTP0F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org