Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/B_YMjxjPEwgy0iNM1Uld2omLdgo.roa
File:                     B_YMjxjPEwgy0iNM1Uld2omLdgo.roa (raw, json)
Hash identifier:          +X19NyRcUHX0VAgycqZW1NPedCt3EfIhETd1wygjX38=
Subject key identifier:   07:F6:0C:8F:18:CF:13:08:32:D2:23:4C:D5:49:5D:DA:89:8B:76:0A
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       01831D186BFD1DF41CB3D5F72CBC126B5B37
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/B_YMjxjPEwgy0iNM1Uld2omLdgo.roa
Signing time:             Thu 08 Sep 2022 12:34:43 +0000
ROA not before:           Thu 08 Sep 2022 12:34:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211352
IP address blocks:        2a09:11c0:300::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1d:18:6b:fd:1d:f4:1c:b3:d5:f7:2c:bc:12:6b:5b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Sep  8 12:34:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=07f60c8f18cf130832d2234cd5495dda898b760a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b6:32:7b:ed:27:8b:c6:47:40:18:d3:f1:e5:
                    77:18:e1:0c:46:44:34:f2:d7:a2:6e:4d:31:4a:f8:
                    4a:12:9a:08:c3:65:b7:53:4f:c1:bd:09:10:da:90:
                    23:46:ca:b3:8b:e1:40:e4:69:18:85:15:73:77:08:
                    6f:d7:d4:49:32:68:40:4e:f2:5f:a9:77:46:53:d8:
                    84:4c:bc:74:93:ec:aa:87:17:a5:cf:ef:3b:74:d3:
                    cf:ae:3d:0f:7d:fd:6f:de:c7:57:0e:4b:8c:f1:b6:
                    0b:1c:03:41:b5:de:3c:f9:f8:5a:41:26:39:94:ca:
                    78:08:75:ef:d3:3a:ea:6f:9f:2d:ba:74:73:d6:01:
                    c2:6c:24:da:9a:10:51:58:41:ee:5a:6d:10:6a:b8:
                    07:e2:ec:95:c9:eb:3d:49:35:40:a0:86:cb:c9:15:
                    b0:ee:30:85:04:19:7b:f4:b1:ce:41:02:fb:b5:b2:
                    41:5a:7e:4a:9b:d7:b8:87:07:8b:f3:1e:51:e7:7c:
                    76:36:1f:d5:b9:db:38:d3:50:5d:90:6d:b7:29:d6:
                    ec:7c:c7:ad:c8:57:48:8c:d4:6e:2a:d3:19:b8:4c:
                    51:f9:32:14:fd:cd:13:48:30:ca:19:ca:b4:2d:0c:
                    01:6e:a0:53:b1:1b:95:1c:f9:88:aa:0c:0b:6b:b2:
                    c9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F6:0C:8F:18:CF:13:08:32:D2:23:4C:D5:49:5D:DA:89:8B:76:0A
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/B_YMjxjPEwgy0iNM1Uld2omLdgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:11c0:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         80:3a:9d:00:1c:1c:81:8e:c3:30:61:36:a3:0f:7c:35:f0:17:
         54:62:64:99:b5:72:a8:ed:f0:e0:81:21:3b:d0:47:98:bb:9d:
         d0:17:1e:81:14:66:62:d5:a4:77:8f:80:3c:f1:d3:01:dc:de:
         29:30:33:96:cf:19:a9:1b:18:16:4e:97:9c:6d:60:81:7a:4c:
         dc:d5:72:02:27:fb:f2:41:3b:9d:6a:84:74:d1:42:e4:df:3b:
         6e:66:c8:b6:2f:50:65:23:29:a1:21:11:9f:ad:b5:08:16:ba:
         cf:12:1d:87:0c:97:8c:d2:51:94:a6:ed:24:38:df:ee:25:a8:
         bc:e7:aa:f8:65:7d:f3:02:39:d2:54:6f:30:ae:cc:4b:3d:e2:
         81:37:46:ba:7b:ec:03:d8:9c:c5:68:65:c9:f9:ba:2d:95:5c:
         8f:46:8f:37:89:86:1a:27:16:d3:82:9f:3e:c8:78:f3:d7:5b:
         a3:ff:d7:89:6c:1e:57:e0:7c:9f:54:4d:92:d9:7f:e8:cb:7a:
         1f:75:a3:8b:05:84:48:f6:bf:98:93:9b:2e:6b:0a:b7:df:b4:
         4b:05:2b:f3:5d:4e:51:2a:68:b9:6c:3d:70:58:05:ea:5c:1b:
         35:94:ae:2a:71:49:46:a0:70:c0:f1:89:03:cd:61:c9:03:40:
         5b:5a:47:11
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYMdGGv9HfQcs9X3LLwSa1s3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjIwOTA4MTIzNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y2MGM4ZjE4Y2YxMzA4MzJkMjIzNGNkNTQ5NWRkYTg5OGI3NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLYye+0ni8ZHQBjT8eV3GOEMRkQ0
8teibk0xSvhKEpoIw2W3U0/BvQkQ2pAjRsqzi+FA5GkYhRVzdwhv19RJMmhATvJf
qXdGU9iETLx0k+yqhxelz+87dNPPrj0Pff1v3sdXDkuM8bYLHANBtd48+fhaQSY5
lMp4CHXv0zrqb58tunRz1gHCbCTamhBRWEHuWm0QargH4uyVyes9STVAoIbLyRWw
7jCFBBl79LHOQQL7tbJBWn5Km9e4hweL8x5R53x2Nh/Vuds401BdkG23KdbsfMet
yFdIjNRuKtMZuExR+TIU/c0TSDDKGcq0LQwBbqBTsRuVHPmIqgwLa7LJwQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAf2DI8YzxMIMtIjTNVJXdqJi3YKMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvQl9ZTWp4alBFd2d5MGlOTTFVbGQyb21MZGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgkRwAMw
DQYJKoZIhvcNAQELBQADggEBAIA6nQAcHIGOwzBhNqMPfDXwF1RiZJm1cqjt8OCB
ITvQR5i7ndAXHoEUZmLVpHePgDzx0wHc3ikwM5bPGakbGBZOl5xtYIF6TNzVcgIn
+/JBO51qhHTRQuTfO25myLYvUGUjKaEhEZ+ttQgWus8SHYcMl4zSUZSm7SQ43+4l
qLznqvhlffMCOdJUbzCuzEs94oE3Rrp77APYnMVoZcn5ui2VXI9GjzeJhhonFtOC
nz7IePPXW6P/14lsHlfgfJ9UTZLZf+jLeh91o4sFhEj2v5iTmy5rCrfftEsFK/Nd
TlEqaLlsPXBYBepcGzWUripxSUagcMDxiQPNYckDQFtaRxE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:09 2024 by rpki-client on console-fra.rpki-client.org