Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9ddCsyAINFI_U8TEcmC4_ikuI98.roa
File:                     9ddCsyAINFI_U8TEcmC4_ikuI98.roa (raw, json)
Hash identifier:          wMH4BpdTd7RmaFQTCNUgSyae3hvkdgQYimPDqcC6qdk=
Subject key identifier:   F5:D7:42:B3:20:08:34:52:3F:53:C4:C4:72:60:B8:FE:29:2E:23:DF
Certificate issuer:       /CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Certificate serial:       018235D0F5D22CC628B9D258D38938B451DC
Authority key identifier: F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9ddCsyAINFI_U8TEcmC4_ikuI98.roa
Signing time:             Mon 25 Jul 2022 14:44:23 +0000
ROA not before:           Mon 25 Jul 2022 14:44:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47156
IP address blocks:        2a04:34c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:35:d0:f5:d2:2c:c6:28:b9:d2:58:d3:89:38:b4:51:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
        Validity
            Not Before: Jul 25 14:44:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5d742b3200834523f53c4c47260b8fe292e23df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:64:5c:c7:66:e3:ef:07:d6:a0:7e:da:82:17:
                    1d:e1:11:13:c9:1c:3d:d6:4d:47:58:7c:28:5d:50:
                    57:e3:41:2e:a4:af:1c:ef:27:b6:e5:1b:06:5b:eb:
                    8b:d6:f1:f4:d7:3d:20:84:21:af:b9:0f:71:83:13:
                    a2:40:c4:01:80:07:23:8b:ec:e2:ca:d5:9b:ab:2f:
                    70:88:cd:15:3a:a4:1f:8a:83:63:bb:be:21:d7:d4:
                    89:cc:48:84:ed:46:ae:9e:b8:81:0f:37:7f:09:61:
                    84:46:34:03:87:26:b8:a2:53:ad:e9:e8:1f:f4:a3:
                    da:8d:bf:2b:a3:f2:90:f0:94:9e:e0:41:bd:b5:ea:
                    4c:4a:bc:49:7c:a0:4c:f3:b0:10:ca:0e:5c:7f:ae:
                    48:ab:25:01:d5:17:62:58:fc:6f:c8:1d:26:ff:ff:
                    d1:05:92:c8:dd:7e:7f:2b:18:88:19:3f:9a:c2:4b:
                    45:d7:e4:82:28:d7:89:5f:d3:17:22:70:ae:7d:20:
                    3f:c6:3e:1e:61:c6:e6:df:bd:83:29:a1:e2:fa:d4:
                    2b:8c:93:b4:2e:d5:2e:7f:c8:ac:ce:e5:11:28:72:
                    3b:70:5b:9b:c5:b5:fc:a8:0e:15:e2:8a:8b:56:99:
                    94:24:fe:80:f6:db:69:11:46:a5:76:49:ab:7e:52:
                    01:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D7:42:B3:20:08:34:52:3F:53:C4:C4:72:60:B8:FE:29:2E:23:DF
            X509v3 Authority Key Identifier:
                keyid:F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9ddCsyAINFI_U8TEcmC4_ikuI98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:34c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         91:3e:84:b4:b9:49:c2:75:1b:f1:23:a9:44:07:f8:46:fc:f5:
         d1:4a:8a:3e:b4:4c:2e:4c:96:a8:c3:05:02:61:e3:53:53:fe:
         c6:4b:67:0c:fe:ce:47:2d:52:50:1a:7a:fe:07:c1:10:74:0c:
         8d:9a:03:e5:ed:62:ea:92:d5:d8:07:3b:f2:c5:a5:96:cf:4e:
         83:77:3a:a9:5d:3d:14:eb:e7:34:2f:0c:94:1a:c1:06:19:3c:
         d5:fd:7c:38:ca:19:76:fe:38:a6:b0:e2:a6:4a:20:77:68:06:
         8e:0a:b1:ad:88:7d:5c:9f:f7:42:61:e9:5d:d8:4a:a6:ef:2a:
         73:a9:55:aa:ba:9d:c9:c8:9f:b7:a8:7e:4c:93:32:d5:73:4d:
         59:c7:3a:dd:0c:ee:6b:1c:ae:c2:09:6b:25:c1:9b:96:d6:7c:
         bf:2e:0b:42:e3:5e:db:69:73:86:7e:f8:97:94:4f:99:6a:c6:
         a7:fd:83:89:fa:5f:f1:6c:df:71:66:b9:dd:c9:82:96:bc:30:
         59:e9:b0:92:85:7e:ba:b9:18:3f:49:d2:da:ca:d9:3e:42:81:
         48:61:d9:68:6e:df:f5:8d:1a:d0:9f:dd:5b:59:0e:12:54:74:
         c8:27:81:f4:47:4f:9d:3e:76:32:96:b4:52:f2:5b:db:94:75:
         94:78:72:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI10PXSLMYoudJY04k4tFHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDZhZjRkZTg5YmJhODExODk1M2NjZWViZmIzOWY0NWE4
ZWQxYmMwHhcNMjIwNzI1MTQ0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ3NDJiMzIwMDgzNDUyM2Y1M2M0YzQ3MjYwYjhmZTI5MmUyM2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWRcx2bj7wfWoH7aghcd4RETyRw9
1k1HWHwoXVBX40EupK8c7ye25RsGW+uL1vH01z0ghCGvuQ9xgxOiQMQBgAcji+zi
ytWbqy9wiM0VOqQfioNju74h19SJzEiE7UaunriBDzd/CWGERjQDhya4olOt6egf
9KPajb8ro/KQ8JSe4EG9tepMSrxJfKBM87AQyg5cf65IqyUB1RdiWPxvyB0m///R
BZLI3X5/KxiIGT+awktF1+SCKNeJX9MXInCufSA/xj4eYcbm372DKaHi+tQrjJO0
LtUuf8iszuURKHI7cFubxbX8qA4V4oqLVpmUJP6A9ttpEUaldkmrflIBTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPXXQrMgCDRSP1PExHJguP4pLiPfMB8GA1UdIwQY
MBaAFPTWr03om7qBGJU8zuv7OfRajtG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEt
ZDhkZjhlNGM2NWZlLzEvOWRkQ3N5QUlORklfVThURWNtQzRfaWt1STk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEtZDhkZjhlNGM2NWZl
LzEvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQ0wDAN
BgkqhkiG9w0BAQsFAAOCAQEAkT6EtLlJwnUb8SOpRAf4Rvz10UqKPrRMLkyWqMMF
AmHjU1P+xktnDP7ORy1SUBp6/gfBEHQMjZoD5e1i6pLV2Ac78sWlls9Og3c6qV09
FOvnNC8MlBrBBhk81f18OMoZdv44prDipkogd2gGjgqxrYh9XJ/3QmHpXdhKpu8q
c6lVqrqdycift6h+TJMy1XNNWcc63QzuaxyuwglrJcGbltZ8vy4LQuNe22lzhn74
l5RPmWrGp/2Difpf8WzfcWa53cmClrwwWemwkoV+urkYP0nS2srZPkKBSGHZaG7f
9Y0a0J/dW1kOElR0yCeB9EdPnT52Mpa0UvJb25R1lHhyzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:24 2024 by rpki-client on console-ams.rpki-client.org