Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/klIn40FCnF2DK8fLl9Zpm7OQu0g.roa
File:                     klIn40FCnF2DK8fLl9Zpm7OQu0g.roa (raw, json)
Hash identifier:          PwU75UiOZ6n5xM235vBmbQLVTLIvlcAMXNXGvfeXfvo=
Subject key identifier:   92:52:27:E3:41:42:9C:5D:83:2B:C7:CB:97:D6:69:9B:B3:90:BB:48
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       07781BC5
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/klIn40FCnF2DK8fLl9Zpm7OQu0g.roa
Signing time:             Sat 01 Jan 2022 05:04:20 +0000
ROA not before:           Sat 01 Jan 2022 05:04:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62563
IP address blocks:        2a09:1d80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125311941 (0x7781bc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Jan  1 05:04:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=925227e341429c5d832bc7cb97d6699bb390bb48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:70:2e:63:fe:1b:f2:fa:f2:56:94:6c:cc:4f:
                    24:49:4e:d1:18:7a:ba:e4:69:03:de:05:ca:da:2d:
                    88:c4:94:62:1f:76:c2:d1:c0:0c:fa:20:80:c8:47:
                    2f:92:0e:b8:18:ba:c0:a3:ea:ca:15:5f:e0:28:81:
                    5d:46:45:4a:23:34:59:e9:c7:84:82:9f:e9:8d:3b:
                    3e:3a:f7:59:a0:36:5c:0f:de:ca:2a:5f:53:b6:c3:
                    e3:38:57:87:e5:2f:58:f4:64:88:c9:90:f6:cc:e2:
                    36:ea:11:09:a7:91:b5:39:85:5b:e4:e9:4e:58:ab:
                    bd:7a:f6:54:ce:b9:99:ae:d0:7c:5f:e9:c6:1a:3d:
                    16:d2:3a:80:dc:1c:2a:ea:42:b5:1f:a2:ac:59:ce:
                    ed:89:fe:bf:ce:cf:47:68:f2:f2:ca:48:5a:9f:15:
                    c7:81:b2:d4:c0:fa:e9:b4:ca:f6:fa:b0:1b:47:66:
                    22:04:0d:4c:16:f3:f1:3c:01:69:09:7a:2a:e5:2d:
                    7f:ed:c5:f8:75:fd:f7:ba:00:41:a4:df:e7:04:f2:
                    8d:6e:f3:60:b7:fb:49:33:11:8d:32:e7:73:01:e0:
                    d3:78:66:69:39:e7:04:36:84:f6:40:b3:16:2c:86:
                    84:38:5a:ba:58:d6:6a:89:bb:18:09:32:7a:b8:d4:
                    71:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:52:27:E3:41:42:9C:5D:83:2B:C7:CB:97:D6:69:9B:B3:90:BB:48
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/klIn40FCnF2DK8fLl9Zpm7OQu0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:1d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:7f:2b:8f:c5:31:91:ea:43:b9:95:13:7e:31:45:b6:8b:51:
         6e:7a:a5:90:28:c9:f3:9b:12:92:38:d1:e7:f8:f1:89:af:69:
         a3:95:33:05:3a:4c:4d:36:74:e7:95:d2:ab:f1:c4:bc:ef:84:
         d9:39:13:e5:d6:39:cd:1a:4d:02:dd:fc:0c:2c:c3:4e:7c:69:
         e9:46:d6:45:5d:e3:4c:db:ee:b9:45:a6:c8:4a:ab:19:ea:5c:
         3c:5f:3f:42:11:f8:8a:6e:ae:70:6d:76:49:3a:a1:31:fb:1b:
         96:a0:1c:4a:f5:5e:f4:f4:e2:bf:ec:cb:12:35:61:ac:30:f3:
         ab:0f:b0:af:56:92:4d:19:8c:b7:a3:c8:52:4d:31:e0:67:3c:
         04:ef:ec:56:ef:04:94:ed:cf:7b:28:e9:98:12:c0:5e:71:17:
         a5:c9:b6:39:4a:0f:3a:09:d3:49:3c:c5:60:dc:c0:d8:f3:c0:
         cb:22:a9:d5:b4:ee:14:53:96:1e:b7:c4:2e:ba:da:f8:c6:5a:
         0a:92:4f:7a:48:63:74:ca:63:19:bd:7b:45:d9:4c:8e:d3:ea:
         59:a9:e0:0d:65:aa:b5:18:91:71:43:41:50:29:7a:ca:e0:e5:
         f9:e9:2f:a2:89:2d:32:35:e2:8f:b6:af:84:c6:48:61:35:95:
         61:75:74:cf
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB3gbxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzY3N2Q3Y2I5MjcxY2UzNjEyNTZlOTgzM2NjN2IxNGZkMDIzZWJlMB4XDTIyMDEw
MTA1MDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI1MjI3ZTM0MTQy
OWM1ZDgzMmJjN2NiOTdkNjY5OWJiMzkwYmI0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxwLmP+G/L68laUbMxPJElO0Rh6uuRpA94FytotiMSUYh92
wtHADPoggMhHL5IOuBi6wKPqyhVf4CiBXUZFSiM0WenHhIKf6Y07Pjr3WaA2XA/e
yipfU7bD4zhXh+UvWPRkiMmQ9sziNuoRCaeRtTmFW+TpTlirvXr2VM65ma7QfF/p
xho9FtI6gNwcKupCtR+irFnO7Yn+v87PR2jy8spIWp8Vx4Gy1MD66bTK9vqwG0dm
IgQNTBbz8TwBaQl6KuUtf+3F+HX997oAQaTf5wTyjW7zYLf7STMRjTLncwHg03hm
aTnnBDaE9kCzFiyGhDhauljWaom7GAkyerjUcYsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSSUifjQUKcXYMrx8uX1mmbs5C7SDAfBgNVHSMEGDAWgBSTZ318uScc42El
bpgzzHsU/QI+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syZDlmTGtuSE9OaEpXNllNOHg3RlAwQ1ByNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8x
L2tsSW40MEZDbkYyREs4ZkxsOVpwbTdPUXUwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8xL2syZDlmTGtuSE9O
aEpXNllNOHg3RlAwQ1ByNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoJHYAwDQYJKoZIhvcNAQELBQAD
ggEBAGJ/K4/FMZHqQ7mVE34xRbaLUW56pZAoyfObEpI40ef48YmvaaOVMwU6TE02
dOeV0qvxxLzvhNk5E+XWOc0aTQLd/Awsw058aelG1kVd40zb7rlFpshKqxnqXDxf
P0IR+IpurnBtdkk6oTH7G5agHEr1XvT04r/syxI1Yaww86sPsK9Wkk0ZjLejyFJN
MeBnPATv7FbvBJTtz3so6ZgSwF5xF6XJtjlKDzoJ00k8xWDcwNjzwMsiqdW07hRT
lh63xC662vjGWgqST3pIY3TKYxm9e0XZTI7T6lmp4A1lqrUYkXFDQVApesrg5fnp
L6KJLTI14o+2r4TGSGE1lWF1dM8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org