Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bTI5gZmhznbfqqBuof8qo5GCDIU.roa
File:                     bTI5gZmhznbfqqBuof8qo5GCDIU.roa (raw, json)
Hash identifier:          5AyNJX0MxMAPoAo2h+mRe3s7xkorp2SxRSEoIsloGnk=
Subject key identifier:   6D:32:39:81:99:A1:CE:76:DF:AA:A0:6E:A1:FF:2A:A3:91:82:0C:85
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       07AC144B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bTI5gZmhznbfqqBuof8qo5GCDIU.roa
Signing time:             Sat 01 Jan 2022 16:06:01 +0000
ROA not before:           Sat 01 Jan 2022 16:06:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44364
IP address blocks:        2a09:cc0::/48 maxlen: 48
                          2a09:9d40::/48 maxlen: 48
                          2a09:1240::/48 maxlen: 48
                          2a09:9dc0::/48 maxlen: 48
                          2a09:4740::/48 maxlen: 48
                          2a09:a080::/48 maxlen: 48
                          2a09:9e40::/48 maxlen: 48
                          2a09:47c0::/48 maxlen: 48
                          2a09:9cc0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128717899 (0x7ac144b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 16:06:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d32398199a1ce76dfaaa06ea1ff2aa391820c85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b3:af:c4:cf:e0:93:df:0d:36:b2:62:34:f0:
                    47:62:4a:a4:3e:44:f7:e1:c8:5e:bc:b4:f6:ce:6d:
                    ef:5d:d9:25:0c:9e:5b:0b:d1:d6:81:12:8a:f0:8d:
                    11:70:35:f3:a1:4c:3b:0e:cd:55:d7:4c:8a:43:8e:
                    2a:3a:9f:31:4b:ac:92:90:49:3c:5b:12:5b:e1:71:
                    95:79:54:cd:0f:8e:7a:73:d1:a3:50:f2:d7:2c:6b:
                    87:d4:d3:15:37:81:c4:53:2c:50:73:57:fa:e5:f8:
                    d7:d2:94:e9:29:07:77:bf:81:f0:f0:7c:da:c4:bc:
                    2e:bc:8f:f8:e1:14:3e:24:2c:f2:85:75:32:4f:7a:
                    a3:07:f7:c7:e9:57:9d:d4:31:d6:13:87:70:9e:2d:
                    b1:d5:3f:6a:04:90:4c:dd:5f:83:65:02:89:c5:a7:
                    f2:9b:ad:8a:7c:7e:93:15:43:f2:e2:9d:9e:8e:0a:
                    c2:01:ce:a7:da:d5:80:cf:0d:14:9f:cf:b9:0a:85:
                    4f:66:5c:1e:48:ee:af:9a:db:14:da:ed:4c:6a:1c:
                    27:e7:a8:d4:23:6f:5b:b3:50:b1:e9:07:76:b8:b2:
                    68:92:fc:4b:a7:ea:0f:01:3c:3b:c5:38:8b:34:34:
                    13:b3:02:bc:40:15:07:d4:5e:35:24:09:e6:41:97:
                    2e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:32:39:81:99:A1:CE:76:DF:AA:A0:6E:A1:FF:2A:A3:91:82:0C:85
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bTI5gZmhznbfqqBuof8qo5GCDIU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:cc0::/48
                  2a09:1240::/48
                  2a09:4740::/48
                  2a09:47c0::/48
                  2a09:9cc0::/48
                  2a09:9d40::/48
                  2a09:9dc0::/48
                  2a09:9e40::/48
                  2a09:a080::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:3c:02:92:3f:49:8c:c4:50:f2:24:36:24:d4:54:62:33:64:
         93:95:48:34:5e:11:c9:64:47:2a:33:d2:59:1f:75:46:79:ba:
         18:ed:cf:ef:9c:a6:84:b4:34:8b:3f:f7:d6:79:4e:5e:ee:cf:
         38:23:25:27:f3:c2:38:cb:43:7d:da:d0:03:27:55:e1:5d:40:
         f1:b3:dc:1d:be:31:d8:93:a5:80:be:38:27:5a:2c:bc:b7:34:
         57:3e:99:fd:5c:6b:a4:5d:b5:b4:c0:5b:b7:df:c7:1c:df:b8:
         bd:fa:f7:65:aa:f0:73:d6:c5:de:c2:49:94:8f:15:15:ff:8b:
         3a:fe:12:80:4d:e1:04:0e:43:09:f6:e8:c1:b7:79:e2:cf:41:
         d1:9d:00:11:c6:f5:75:18:55:14:e8:f5:93:33:63:b1:0b:cb:
         f9:87:c7:23:a4:96:d7:27:c3:53:ae:27:7f:e7:0f:ea:aa:3b:
         7d:af:38:c2:68:87:6b:b9:79:8b:b4:d6:10:c5:1c:3f:51:8b:
         91:1f:5a:77:28:03:cb:5a:4b:d8:05:2d:85:46:ac:20:98:cc:
         64:44:23:25:4b:5d:5f:8d:c3:ea:0a:89:7e:16:bf:d4:a6:d2:
         11:15:14:4f:9b:8b:45:44:d2:70:5e:59:d3:1c:00:d5:a3:74:
         61:be:59:94
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEB6wUSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZkYjY3NjU0ZGY2MTg0ZTdkNjBjNDE1MGVhOTUzM2MyY2Y5NzA0MB4XDTIyMDEw
MTE2MDYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQzMjM5ODE5OWEx
Y2U3NmRmYWFhMDZlYTFmZjJhYTM5MTgyMGM4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKzr8TP4JPfDTayYjTwR2JKpD5E9+HIXry09s5t713ZJQye
WwvR1oESivCNEXA186FMOw7NVddMikOOKjqfMUuskpBJPFsSW+FxlXlUzQ+OenPR
o1Dy1yxrh9TTFTeBxFMsUHNX+uX419KU6SkHd7+B8PB82sS8LryP+OEUPiQs8oV1
Mk96owf3x+lXndQx1hOHcJ4tsdU/agSQTN1fg2UCicWn8putinx+kxVD8uKdno4K
wgHOp9rVgM8NFJ/PuQqFT2ZcHkjur5rbFNrtTGocJ+eo1CNvW7NQsekHdriyaJL8
S6fqDwE8O8U4izQ0E7MCvEAVB9ReNSQJ5kGXLi8CAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBRtMjmBmaHOdt+qoG6h/yqjkYIMhTAfBgNVHSMEGDAWgBRi/bZ2VN9hhOfW
DEFQ6pUzws+XBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8x
L2JUSTVnWm1oem5iZnFxQnVvZjhxbzVHQ0RJVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8xL1l2MjJkbFRmWVlU
bjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwVwQCAAIwUQMHACoJDMAAAAMHACoJEkAAAAMHACoJ
R0AAAAMHACoJR8AAAAMHACoJnMAAAAMHACoJnUAAAAMHACoJncAAAAMHACoJnkAA
AAMHACoJoIAAADANBgkqhkiG9w0BAQsFAAOCAQEAHzwCkj9JjMRQ8iQ2JNRUYjNk
k5VINF4RyWRHKjPSWR91Rnm6GO3P75ymhLQ0iz/31nlOXu7POCMlJ/PCOMtDfdrQ
AydV4V1A8bPcHb4x2JOlgL44J1osvLc0Vz6Z/VxrpF21tMBbt9/HHN+4vfr3Zarw
c9bF3sJJlI8VFf+LOv4SgE3hBA5DCfbowbd54s9B0Z0AEcb1dRhVFOj1kzNjsQvL
+YfHI6SW1yfDU64nf+cP6qo7fa84wmiHa7l5i7TWEMUcP1GLkR9adygDy1pL2AUt
hUasIJjMZEQjJUtdX43D6gqJfha/1KbSERUUT5uLRUTScF5Z0xwA1aN0Yb5ZlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org