Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C61_N_aTZhA21pJdx8zeT814E50.roa
File:                     C61_N_aTZhA21pJdx8zeT814E50.roa (raw, json)
Hash identifier:          pGjthEOja2u3oWC4o10QbWhWkaw3qh+8rN+dInZTQPA=
Subject key identifier:   0B:AD:7F:37:F6:93:66:10:36:D6:92:5D:C7:CC:DE:4F:CD:78:13:9D
Certificate issuer:       /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial:       03D7978B
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C61_N_aTZhA21pJdx8zeT814E50.roa
Signing time:             Sat 01 Jan 2022 08:54:26 +0000
ROA not before:           Sat 01 Jan 2022 08:54:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a01:bb22:8000::/33 maxlen: 33
                          2a01:bb22::/33 maxlen: 33
                          2a01:bb23:8000::/33 maxlen: 33
                          2a01:bb23::/33 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64460683 (0x3d7978b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
        Validity
            Not Before: Jan  1 08:54:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0bad7f37f693661036d6925dc7ccde4fcd78139d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5c:d3:57:fd:ae:42:b7:cb:7f:2b:12:be:a0:
                    b3:76:45:2e:46:b5:ef:8c:10:a5:b8:5d:dc:44:59:
                    25:b9:7d:c7:53:c4:bf:49:8d:74:0d:8f:36:0a:09:
                    3e:cb:ca:55:f5:0d:c1:75:16:31:5e:31:18:2f:80:
                    66:db:11:0b:98:91:80:67:1b:96:1b:2e:e4:a3:0a:
                    62:df:83:91:83:ca:0d:0a:4f:49:80:8c:c4:23:4f:
                    3c:1b:49:65:8f:7a:e2:12:bb:62:22:07:1f:ce:d2:
                    73:70:16:08:f5:f8:70:f8:89:91:66:89:2a:56:37:
                    31:53:99:a4:fe:db:43:e4:f5:8e:f4:d0:23:57:d8:
                    c3:23:4e:61:c8:f5:25:b0:8c:8a:36:d0:26:71:b8:
                    63:bb:c0:ed:48:ae:6f:f1:32:41:df:50:ca:89:27:
                    60:17:b1:44:5b:c1:a7:46:d4:70:5b:78:87:57:1d:
                    78:8a:de:53:21:68:c1:e0:5e:67:9c:e6:b6:f5:d1:
                    b3:af:e8:4a:e1:30:52:aa:83:79:25:e7:d5:c3:1b:
                    f3:02:7a:e3:d6:fd:9e:59:3c:0c:b7:5a:58:ba:6d:
                    22:38:0f:bc:cc:5b:eb:4a:12:71:53:ed:2b:a7:fb:
                    23:0f:6e:34:70:0c:45:a9:48:c3:31:49:a2:34:11:
                    f4:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AD:7F:37:F6:93:66:10:36:D6:92:5D:C7:CC:DE:4F:CD:78:13:9D
            X509v3 Authority Key Identifier:
                keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/C61_N_aTZhA21pJdx8zeT814E50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:bb22::/31

    Signature Algorithm: sha256WithRSAEncryption
         30:97:4e:21:9e:a8:bf:f2:33:d4:52:35:0a:82:57:6f:07:f0:
         92:84:72:72:28:19:cc:f3:6c:fd:82:ba:8a:71:fe:5e:ed:2b:
         c7:78:93:24:1a:f0:84:79:8b:de:c2:96:eb:98:62:0b:50:ec:
         f6:11:71:d2:29:7e:4f:84:57:b9:18:be:44:12:2a:e3:76:b6:
         03:11:3d:ff:4b:2c:d3:f0:6d:88:97:24:aa:17:48:b9:bd:f5:
         8a:ca:ac:bb:e5:21:ea:b8:35:17:bf:6e:8f:27:9a:48:7e:40:
         44:65:0c:77:8b:19:1d:d4:88:4e:36:e1:1b:c9:6e:83:7b:18:
         b6:80:16:24:19:3f:d2:65:4a:ba:f0:f7:e2:79:6b:2f:50:94:
         50:ff:4f:cb:be:a4:4d:39:92:e9:9d:63:6b:84:1a:e1:46:de:
         28:81:3a:53:40:02:db:de:01:96:fb:2a:38:cf:50:dc:7c:32:
         7c:56:c4:c5:ae:25:43:18:6d:98:88:2b:4c:4d:9d:f2:db:de:
         03:7f:93:d3:54:80:13:a8:78:4a:07:a3:44:e0:ad:e9:f3:63:
         66:c4:74:d6:48:e5:52:08:95:48:a1:c6:cb:fd:83:e2:e4:de:
         a7:27:15:2c:a2:39:11:26:4a:b9:2c:d4:52:50:6d:c5:04:ad:
         46:6a:d5:5b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEA9eXizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzUwMzA2MWUxYWU1MDNlYzYzZDk3MGIzMDg3NWRkOTNmZmFiYmRmMB4XDTIyMDEw
MTA4NTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJhZDdmMzdmNjkz
NjYxMDM2ZDY5MjVkYzdjY2RlNGZjZDc4MTM5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5c01f9rkK3y38rEr6gs3ZFLka174wQpbhd3ERZJbl9x1PE
v0mNdA2PNgoJPsvKVfUNwXUWMV4xGC+AZtsRC5iRgGcblhsu5KMKYt+DkYPKDQpP
SYCMxCNPPBtJZY964hK7YiIHH87Sc3AWCPX4cPiJkWaJKlY3MVOZpP7bQ+T1jvTQ
I1fYwyNOYcj1JbCMijbQJnG4Y7vA7Uiub/EyQd9QyoknYBexRFvBp0bUcFt4h1cd
eIreUyFoweBeZ5zmtvXRs6/oSuEwUqqDeSXn1cMb8wJ649b9nlk8DLdaWLptIjgP
vMxb60oScVPtK6f7Iw9uNHAMRalIwzFJojQR9D0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQLrX839pNmEDbWkl3HzN5PzXgTnTAfBgNVHSMEGDAWgBSTUDBh4a5QPsY9
lwswh13ZP/q73zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2sxQXdZZUd1VUQ3R1BaY0xNSWRkMlRfNnU5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYTc2YWMxLTVmMjItNDdkMS1iOGMxLWM2MjNlZDhmMmYyOC8x
L0M2MV9OX2FUWmhBMjFwSmR4OHplVDgxNEU1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YTc2YWMxLTVmMjItNDdkMS1iOGMxLWM2MjNlZDhmMmYyOC8xL2sxQXdZZUd1VUQ3
R1BaY0xNSWRkMlRfNnU5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFASoBuyIwDQYJKoZIhvcNAQELBQAD
ggEBADCXTiGeqL/yM9RSNQqCV28H8JKEcnIoGczzbP2Cuopx/l7tK8d4kyQa8IR5
i97CluuYYgtQ7PYRcdIpfk+EV7kYvkQSKuN2tgMRPf9LLNPwbYiXJKoXSLm99YrK
rLvlIeq4NRe/bo8nmkh+QERlDHeLGR3UiE424RvJboN7GLaAFiQZP9JlSrrw9+J5
ay9QlFD/T8u+pE05kumdY2uEGuFG3iiBOlNAAtveAZb7KjjPUNx8MnxWxMWuJUMY
bZiIK0xNnfLb3gN/k9NUgBOoeEoHo0TgrenzY2bEdNZI5VIIlUihxsv9g+Lk3qcn
FSyiOREmSrks1FJQbcUErUZq1Vs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org