Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/6AuQgFvf2mN7CXwRLj2E9AcCQ_o.roa
File:                     6AuQgFvf2mN7CXwRLj2E9AcCQ_o.roa (raw, json)
Hash identifier:          5btXjc4iRX0FlvIMN//jWwHRdtc3Q8+lTV/W0+TxC9M=
Subject key identifier:   E8:0B:90:80:5B:DF:DA:63:7B:09:7C:11:2E:3D:84:F4:07:02:43:FA
Certificate issuer:       /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial:       0182D71E15A45FDF82BC4DC8B2E3CA17CCD9
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/6AuQgFvf2mN7CXwRLj2E9AcCQ_o.roa
Signing time:             Thu 25 Aug 2022 22:27:29 +0000
ROA not before:           Thu 25 Aug 2022 22:27:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1257
IP address blocks:        2a11:cd40:1000::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d7:1e:15:a4:5f:df:82:bc:4d:c8:b2:e3:ca:17:cc:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
        Validity
            Not Before: Aug 25 22:27:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e80b90805bdfda637b097c112e3d84f4070243fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b7:0a:71:e7:d3:d7:ce:1a:d8:e8:92:58:d6:
                    1b:74:1a:c5:f0:52:43:e8:d9:b2:be:35:31:c2:15:
                    62:61:7d:f1:c9:b7:6d:39:d6:ff:be:69:b0:80:c5:
                    cd:9a:c1:7e:05:82:e9:19:33:27:1f:21:6f:45:07:
                    30:97:0f:0a:24:2e:40:7f:e8:43:14:76:35:fd:45:
                    a7:aa:01:6f:b2:d9:0a:4b:e6:5a:3c:87:97:5e:8f:
                    3d:17:bc:35:e7:08:72:9b:88:b4:2e:ca:b2:d4:86:
                    6e:fe:3d:50:49:3c:a4:9b:8d:29:a9:11:5a:e5:07:
                    12:ac:61:24:4d:8e:5e:09:fc:a1:c8:84:e4:e4:c8:
                    cd:76:83:8a:fe:e6:ff:7d:7f:a3:8a:0a:ec:2c:1e:
                    9a:5b:bf:ec:d0:59:47:e7:f1:47:bd:ec:0d:32:23:
                    2c:83:b7:d3:6b:7f:28:b1:80:89:e6:21:9f:f5:9f:
                    13:12:d9:37:fb:68:0e:09:e5:6c:88:f6:d1:a0:8d:
                    65:ba:47:9a:bf:d9:74:6e:1d:3e:3b:7a:7a:93:ee:
                    13:f5:32:e0:b9:01:7f:d6:cb:65:5e:28:1e:e5:41:
                    fe:ea:b3:c6:bc:18:c0:85:ff:38:11:01:9e:3c:d6:
                    e4:67:64:3d:6a:29:fe:7b:8a:1f:fe:74:83:06:ca:
                    0f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:0B:90:80:5B:DF:DA:63:7B:09:7C:11:2E:3D:84:F4:07:02:43:FA
            X509v3 Authority Key Identifier:
                keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/6AuQgFvf2mN7CXwRLj2E9AcCQ_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:cd40:1000::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:58:f1:21:d4:08:3b:3c:cf:de:a0:ff:5c:42:eb:47:87:f7:
         ed:ef:de:23:69:f4:51:7a:08:ca:b1:1f:7a:c9:14:4f:59:33:
         3a:86:0c:b0:e3:76:5f:ad:28:17:ca:44:15:9d:6d:58:75:cc:
         68:3b:25:c3:6a:01:71:9d:fc:4e:62:91:f7:db:4f:cf:c3:41:
         3d:58:12:04:3c:9d:79:38:bf:ce:3a:eb:94:32:85:94:ae:8f:
         78:76:a7:c2:53:02:92:0d:05:18:83:ed:1f:e1:64:58:f7:05:
         61:80:55:6f:bc:c3:44:5b:01:5c:63:69:aa:ec:8d:72:4c:e2:
         1c:6a:f1:ee:11:80:33:67:d3:fa:02:2c:44:42:01:77:20:bf:
         69:1e:78:60:6e:4f:f7:c7:7a:6f:ca:bc:0c:4c:75:48:cf:2e:
         95:b2:94:cc:7d:4b:ed:6f:00:c1:4a:3c:bd:17:46:39:86:8c:
         fb:31:86:ef:e1:1b:4e:4c:18:1e:0b:ba:8f:6d:35:f6:90:ee:
         fd:b4:3d:88:fb:75:be:b3:2c:fc:14:09:91:71:ee:2f:3e:90:
         bd:57:ac:39:69:73:64:99:f4:71:8e:61:36:30:f4:d3:e4:0d:
         a9:3d:f1:b4:fa:78:f9:0e:65:05:7a:05:b0:ba:e6:c8:da:4d:
         e2:c1:8a:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLXHhWkX9+CvE3IsuPKF8zZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjIwODI1MjIyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODBiOTA4MDViZGZkYTYzN2IwOTdjMTEyZTNkODRmNDA3MDI0M2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LcKcefT184a2OiSWNYbdBrF8FJD
6NmyvjUxwhViYX3xybdtOdb/vmmwgMXNmsF+BYLpGTMnHyFvRQcwlw8KJC5Af+hD
FHY1/UWnqgFvstkKS+ZaPIeXXo89F7w15whym4i0Lsqy1IZu/j1QSTykm40pqRFa
5QcSrGEkTY5eCfyhyITk5MjNdoOK/ub/fX+jigrsLB6aW7/s0FlH5/FHvewNMiMs
g7fTa38osYCJ5iGf9Z8TEtk3+2gOCeVsiPbRoI1lukeav9l0bh0+O3p6k+4T9TLg
uQF/1stlXige5UH+6rPGvBjAhf84EQGePNbkZ2Q9ain+e4of/nSDBsoPvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOgLkIBb39pjewl8ES49hPQHAkP6MB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEvNkF1UWdGdmYybU43Q1h3UkxqMkU5QWNDUV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhHNQBAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBPWPEh1Ag7PM/eoP9cQutHh/ft794jafRRegjK
sR96yRRPWTM6hgyw43ZfrSgXykQVnW1YdcxoOyXDagFxnfxOYpH320/Pw0E9WBIE
PJ15OL/OOuuUMoWUro94dqfCUwKSDQUYg+0f4WRY9wVhgFVvvMNEWwFcY2mq7I1y
TOIcavHuEYAzZ9P6AixEQgF3IL9pHnhgbk/3x3pvyrwMTHVIzy6VspTMfUvtbwDB
Sjy9F0Y5hoz7MYbv4RtOTBgeC7qPbTX2kO79tD2I+3W+syz8FAmRce4vPpC9V6w5
aXNkmfRxjmE2MPTT5A2pPfG0+nj5DmUFegWwuubI2k3iwYoS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:15 2024 by rpki-client on console-ams.rpki-client.org