Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1un1-9rFd2l8CtTKWA8kpvoCCJM.roa
File:                     1un1-9rFd2l8CtTKWA8kpvoCCJM.roa (raw, json)
Hash identifier:          OsVsb1ylEIFvIoDfneVo1HLVLzfqnyy0BjgyovUvWOA=
Subject key identifier:   D6:E9:F5:FB:DA:C5:77:69:7C:0A:D4:CA:58:0F:24:A6:FA:02:08:93
Certificate issuer:       /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial:       0182E7E6A88F881B290294B60BFB39DFFA75
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1un1-9rFd2l8CtTKWA8kpvoCCJM.roa
Signing time:             Mon 29 Aug 2022 04:40:29 +0000
ROA not before:           Mon 29 Aug 2022 04:40:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211593
IP address blocks:        2a0b:b600:3c05::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e7:e6:a8:8f:88:1b:29:02:94:b6:0b:fb:39:df:fa:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
        Validity
            Not Before: Aug 29 04:40:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d6e9f5fbdac577697c0ad4ca580f24a6fa020893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5b:fe:92:32:d4:97:05:bc:e7:8b:61:a0:d9:
                    f2:7b:9f:21:a5:e7:f1:59:96:96:e3:38:23:5a:c2:
                    e6:4d:f8:23:07:9a:bf:c8:30:5f:1e:cc:39:36:fc:
                    0d:c9:f1:bd:3f:c1:c5:2f:f8:d6:64:d4:7b:31:e7:
                    d8:a8:18:81:bd:eb:80:0a:a6:38:2d:0b:25:a0:56:
                    c2:98:0c:96:a6:1f:f4:f9:b6:19:66:6e:7b:61:87:
                    a3:24:a8:41:de:75:d7:22:73:42:80:5a:e4:7c:26:
                    4e:dd:c8:2b:d6:ac:31:81:a1:81:71:11:9c:3a:a9:
                    d0:f8:3c:98:18:67:ef:57:af:99:26:c3:ff:d2:00:
                    5b:ff:e7:b5:80:8c:f1:aa:8d:3c:73:46:31:9f:bc:
                    0e:ae:af:6e:7f:54:3d:c1:5a:71:21:22:0a:81:92:
                    71:57:72:20:0c:bf:4b:d1:e2:99:32:e3:d7:82:f8:
                    b2:83:f7:e2:41:a3:42:c9:06:03:01:f5:6d:45:3f:
                    94:d5:2f:7c:78:d5:a4:4b:c5:9e:d6:84:2e:ad:e0:
                    58:f7:8f:66:bc:18:bb:82:a9:dd:ad:8d:ca:89:19:
                    3d:9d:66:8b:81:17:e3:6a:41:a0:49:a1:93:76:3f:
                    13:9c:d8:79:1a:40:73:8e:be:25:5e:df:78:67:ad:
                    a4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:E9:F5:FB:DA:C5:77:69:7C:0A:D4:CA:58:0F:24:A6:FA:02:08:93
            X509v3 Authority Key Identifier:
                keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1un1-9rFd2l8CtTKWA8kpvoCCJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b600:3c05::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:b5:32:8c:50:4e:fc:53:b0:21:f2:7b:91:a3:c4:d0:ca:4f:
         e3:49:87:0a:e7:43:9c:58:11:0c:6c:4a:de:c2:6d:bd:9b:fa:
         db:d8:cd:87:f4:71:45:bb:5b:ca:46:11:84:a3:bb:3c:da:6c:
         0a:dc:70:e3:6c:ec:18:7c:89:4a:3b:3a:88:fd:fa:13:98:fc:
         28:09:92:89:39:ac:a6:07:47:40:48:95:1d:c0:9f:0d:ce:e4:
         0d:28:52:62:9e:33:63:e3:c9:35:6e:a7:d5:7a:1d:d6:53:49:
         49:09:7a:2e:a1:ac:c2:3d:e0:10:f1:34:1a:f6:ac:b9:ed:28:
         62:e0:a2:1f:ba:5b:6f:5d:a5:42:12:b5:12:1c:6d:f0:8e:c9:
         6f:c1:bc:69:2e:69:ce:f1:c4:a4:60:98:74:dc:61:82:65:d1:
         a6:bd:0d:bd:e4:67:13:2b:28:57:1a:9b:5f:58:5a:da:26:f0:
         7d:f8:0c:d3:46:86:60:c1:dd:f7:db:27:85:40:19:fc:60:01:
         c4:d4:c7:00:f3:3e:0a:df:08:86:dc:10:9b:28:48:86:6a:8f:
         af:61:92:68:92:30:89:d6:d0:eb:9b:6a:28:b4:4d:4f:02:50:
         53:5e:0e:bc:b1:e3:00:51:f0:30:87:ea:9c:d2:8e:8a:82:42:
         ca:02:2f:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLn5qiPiBspApS2C/s53/p1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjIwODI5MDQ0MDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU5ZjVmYmRhYzU3NzY5N2MwYWQ0Y2E1ODBmMjRhNmZhMDIwODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1v+kjLUlwW854thoNnye58hpefx
WZaW4zgjWsLmTfgjB5q/yDBfHsw5NvwNyfG9P8HFL/jWZNR7MefYqBiBveuACqY4
LQsloFbCmAyWph/0+bYZZm57YYejJKhB3nXXInNCgFrkfCZO3cgr1qwxgaGBcRGc
OqnQ+DyYGGfvV6+ZJsP/0gBb/+e1gIzxqo08c0Yxn7wOrq9uf1Q9wVpxISIKgZJx
V3IgDL9L0eKZMuPXgviyg/fiQaNCyQYDAfVtRT+U1S98eNWkS8We1oQureBY949m
vBi7gqndrY3KiRk9nWaLgRfjakGgSaGTdj8TnNh5GkBzjr4lXt94Z62kqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNbp9fvaxXdpfArUylgPJKb6AgiTMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvMXVuMS05ckZkMmw4Q3RUS1dBOGtwdm9DQ0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgu2ADwF
MA0GCSqGSIb3DQEBCwUAA4IBAQBntTKMUE78U7Ah8nuRo8TQyk/jSYcK50OcWBEM
bErewm29m/rb2M2H9HFFu1vKRhGEo7s82mwK3HDjbOwYfIlKOzqI/foTmPwoCZKJ
OaymB0dASJUdwJ8NzuQNKFJinjNj48k1bqfVeh3WU0lJCXouoazCPeAQ8TQa9qy5
7Shi4KIfultvXaVCErUSHG3wjslvwbxpLmnO8cSkYJh03GGCZdGmvQ295GcTKyhX
GptfWFraJvB9+AzTRoZgwd332yeFQBn8YAHE1McA8z4K3wiG3BCbKEiGao+vYZJo
kjCJ1tDrm2ootE1PAlBTXg68seMAUfAwh+qc0o6KgkLKAi9/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org