Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Bj6CmDrV99zogtgfjt9jQdmKH2w.roa
File:                     Bj6CmDrV99zogtgfjt9jQdmKH2w.roa (raw, json)
Hash identifier:          Ru9eYFcS4LMH/EEw1EUV5JouY4SD4yE89l38ZePpC7w=
Subject key identifier:   06:3E:82:98:3A:D5:F7:DC:E8:82:D8:1F:8E:DF:63:41:D9:8A:1F:6C
Certificate issuer:       /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial:       028E1E
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Bj6CmDrV99zogtgfjt9jQdmKH2w.roa
Signing time:             Tue 22 Mar 2022 18:39:41 +0000
ROA not before:           Tue 22 Mar 2022 18:39:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60960
IP address blocks:        2a07:7b00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167454 (0x28e1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
        Validity
            Not Before: Mar 22 18:39:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=063e82983ad5f7dce882d81f8edf6341d98a1f6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d7:d5:53:be:8c:9c:d0:85:92:1f:0e:42:55:
                    b5:c4:a6:d1:e7:b2:5c:a9:df:b4:ba:59:bd:69:58:
                    b8:80:42:8f:b0:a7:47:a2:04:d2:41:bc:d8:9d:36:
                    d4:73:50:9f:23:f1:46:dd:fa:07:57:44:eb:4f:bc:
                    a0:9b:6c:20:5f:a4:65:34:19:17:37:69:ee:6e:b7:
                    b9:3c:00:ea:5b:65:dd:85:26:78:ea:25:6e:35:f4:
                    42:29:67:c1:9c:b8:c8:11:ad:f1:64:ab:81:df:85:
                    e3:0c:c9:a6:0b:ac:05:78:70:c0:c4:0c:c6:b0:98:
                    ea:5b:76:1f:ad:df:14:da:40:8c:fc:75:58:dc:05:
                    67:04:9c:78:f0:87:19:9b:16:88:b5:b7:0e:09:c1:
                    fb:88:43:9f:30:28:8f:e5:c6:e5:78:ed:f7:8c:9a:
                    f1:36:6c:3b:ed:3a:2c:9a:65:ab:b3:a0:0f:02:5b:
                    f5:b5:ff:ed:52:48:90:2a:1b:d9:fe:d8:9a:05:bc:
                    84:00:b6:5e:d8:36:cc:89:28:f6:9a:e9:e0:90:59:
                    ce:38:d9:43:af:65:1c:d2:b1:7c:c5:42:9b:ae:d6:
                    17:72:1b:f0:df:e9:3b:42:86:9b:65:7c:0e:51:0a:
                    ad:3b:d6:61:71:7e:a6:bc:6d:84:39:6b:d8:83:60:
                    8e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:3E:82:98:3A:D5:F7:DC:E8:82:D8:1F:8E:DF:63:41:D9:8A:1F:6C
            X509v3 Authority Key Identifier:
                keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Bj6CmDrV99zogtgfjt9jQdmKH2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:7b00::/29

    Signature Algorithm: sha256WithRSAEncryption
         67:73:f3:4e:20:eb:9f:32:28:99:9b:0e:69:6d:f4:67:9c:35:
         ef:67:d5:4b:10:3e:19:68:35:c0:6d:ba:ab:76:6b:7d:f1:48:
         0c:4d:96:1a:95:c7:a6:2e:aa:02:bb:19:3c:f1:9b:2b:a0:11:
         33:49:d5:dd:a7:e0:91:fa:42:07:db:69:1f:0f:c7:ca:69:d2:
         c0:6b:b1:48:b5:ec:7b:38:4e:5c:0f:e5:86:2a:c3:1c:21:eb:
         eb:cc:a8:eb:73:a2:24:0d:29:be:a1:87:61:da:06:8b:35:0b:
         a2:9f:07:d2:2b:56:dc:1f:90:f2:e3:61:cb:a6:1d:5c:38:c4:
         26:64:df:d8:25:01:85:a8:ac:28:bd:25:be:17:68:d5:46:26:
         3a:29:9d:d6:28:8e:d3:39:9b:bb:e5:00:74:e5:c0:6a:5e:84:
         71:10:20:d9:d6:8e:6e:21:15:02:f6:85:68:9b:30:3c:5a:e0:
         a9:bf:4f:fb:4c:c7:c8:8d:24:f1:e3:c0:5f:f0:11:6f:ae:82:
         35:cb:35:7e:2a:53:80:a3:94:62:c3:9e:cb:c3:55:e3:78:7b:
         fd:b8:03:0b:5f:06:2b:7e:2d:60:a5:06:36:11:f1:84:1e:b8:
         b0:64:bc:1a:4e:ba:59:a8:c7:35:5a:df:a5:2a:cf:6f:43:27:
         e4:cc:77:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAo4eMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkwYWI3NzAwHhcNMjIwMzIy
MTgzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNjNlODI5ODNhZDVm
N2RjZTg4MmQ4MWY4ZWRmNjM0MWQ5OGExZjZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqNfVU76MnNCFkh8OQlW1xKbR57Jcqd+0ulm9aVi4gEKPsKdH
ogTSQbzYnTbUc1CfI/FG3foHV0TrT7ygm2wgX6RlNBkXN2nubre5PADqW2XdhSZ4
6iVuNfRCKWfBnLjIEa3xZKuB34XjDMmmC6wFeHDAxAzGsJjqW3Yfrd8U2kCM/HVY
3AVnBJx48IcZmxaItbcOCcH7iEOfMCiP5cbleO33jJrxNmw77TosmmWrs6APAlv1
tf/tUkiQKhvZ/tiaBbyEALZe2DbMiSj2mungkFnOONlDr2Uc0rF8xUKbrtYXchvw
3+k7QoabZXwOUQqtO9ZhcX6mvG2EOWvYg2COPwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFAY+gpg61ffc6ILYH47fY0HZih9sMB8GA1UdIwQYMBaAFNnv6dNvX4j98EdC
xBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEv
Qmo2Q21EclY5OXpvZ3RnZmp0OWpRZG1LSDJ3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81
NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEvMmVfcDAyOWZpUDN3
UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgd7ADANBgkqhkiG9w0BAQsFAAOC
AQEAZ3PzTiDrnzIomZsOaW30Z5w172fVSxA+GWg1wG26q3ZrffFIDE2WGpXHpi6q
ArsZPPGbK6ARM0nV3afgkfpCB9tpHw/HymnSwGuxSLXsezhOXA/lhirDHCHr68yo
63OiJA0pvqGHYdoGizULop8H0itW3B+Q8uNhy6YdXDjEJmTf2CUBhaisKL0lvhdo
1UYmOimd1iiO0zmbu+UAdOXAal6EcRAg2daObiEVAvaFaJswPFrgqb9P+0zHyI0k
8ePAX/ARb66CNcs1fipTgKOUYsOey8NV43h7/bgDC18GK34tYKUGNhHxhB64sGS8
Gk66WajHNVrfpSrPb0Mn5Mx3tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org