Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/6cac50-3f13-4ef9-8b6d-decec41a71d1/1/f6CnOIKqvND46AD3e-FV9GGTOrg.roa
File:                     f6CnOIKqvND46AD3e-FV9GGTOrg.roa (raw, json)
Hash identifier:          60tDVJUpA7keTMySYAkMC/rKT3SmrVNk4cWzyVBZ51E=
Subject key identifier:   7F:A0:A7:38:82:AA:BC:D0:F8:E8:00:F7:7B:E1:55:F4:61:93:3A:B8
Certificate issuer:       /CN=db489fbe98994cbc098c876ba63e560ac17e5b2f
Certificate serial:       0184C8FAAA3EAFAC7A2F9C4F0E3E66E5716A
Authority key identifier: DB:48:9F:BE:98:99:4C:BC:09:8C:87:6B:A6:3E:56:0A:C1:7E:5B:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20ifvpiZTLwJjIdrpj5WCsF-Wy8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/6cac50-3f13-4ef9-8b6d-decec41a71d1/1/f6CnOIKqvND46AD3e-FV9GGTOrg.roa
Signing time:             Wed 30 Nov 2022 14:39:41 +0000
ROA not before:           Wed 30 Nov 2022 14:39:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20746
IP address blocks:        185.63.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c8:fa:aa:3e:af:ac:7a:2f:9c:4f:0e:3e:66:e5:71:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db489fbe98994cbc098c876ba63e560ac17e5b2f
        Validity
            Not Before: Nov 30 14:39:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fa0a73882aabcd0f8e800f77be155f461933ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:11:80:5d:c1:04:39:b7:a8:0a:9f:20:3b:b9:
                    20:2f:08:d8:d1:69:40:7a:e9:9d:48:39:f0:c6:bb:
                    b8:33:b7:43:4a:6d:78:50:a2:25:53:27:e4:19:a7:
                    4b:fb:5c:b6:bd:72:de:3b:7e:ac:cc:89:43:e3:0d:
                    c8:c3:ae:fa:17:77:04:73:b3:b9:cc:df:f0:56:98:
                    a9:ec:3b:7e:ab:88:cb:c0:c8:ba:ce:52:af:91:cd:
                    2b:ed:89:e4:e2:12:e5:fc:a9:81:ac:19:ce:1c:87:
                    98:1c:a4:36:3d:37:66:a2:e0:ea:99:6d:fb:ed:30:
                    de:91:87:54:27:bb:05:a6:df:ed:44:94:79:17:e4:
                    05:30:7b:ab:09:56:d4:74:3e:7d:7e:57:3d:0f:f0:
                    e4:a2:9f:ac:35:db:90:a1:a4:f3:74:c6:9c:23:7e:
                    73:77:71:0b:f3:50:d9:08:fb:79:a2:a5:c6:b1:65:
                    e4:93:09:3b:0a:4e:9c:c2:25:5b:cc:83:c7:fc:48:
                    10:49:72:b6:6e:63:9d:20:00:93:e1:a6:15:b6:87:
                    9f:fc:eb:de:1c:53:0b:cc:c4:98:c3:bb:55:b5:a8:
                    fa:48:1f:d2:71:57:4a:ca:aa:51:76:cc:a5:f3:4e:
                    9e:9d:f5:9b:86:c7:de:86:c7:dc:a7:ea:44:6a:4c:
                    89:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:A0:A7:38:82:AA:BC:D0:F8:E8:00:F7:7B:E1:55:F4:61:93:3A:B8
            X509v3 Authority Key Identifier:
                keyid:DB:48:9F:BE:98:99:4C:BC:09:8C:87:6B:A6:3E:56:0A:C1:7E:5B:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20ifvpiZTLwJjIdrpj5WCsF-Wy8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/6cac50-3f13-4ef9-8b6d-decec41a71d1/1/f6CnOIKqvND46AD3e-FV9GGTOrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/6cac50-3f13-4ef9-8b6d-decec41a71d1/1/20ifvpiZTLwJjIdrpj5WCsF-Wy8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:72:09:d6:18:6c:e5:02:80:94:19:6e:01:66:83:d4:e8:d1:
         62:e9:88:08:71:94:59:ef:d7:65:d3:7b:d7:fb:a7:d2:c8:36:
         db:8f:88:a0:96:e7:25:d0:78:68:fd:cb:1e:c4:29:28:c7:ce:
         1b:37:b5:4d:5a:de:d9:7c:75:ff:65:11:8f:62:84:2d:cd:c8:
         ad:34:9c:f7:64:9b:6c:b1:8a:54:28:a3:18:5b:95:cc:6d:61:
         3d:a6:ab:ae:36:cd:2e:e3:53:20:f2:12:f0:e2:04:d7:aa:26:
         0d:4c:f6:f2:96:5b:9a:65:15:d8:58:bd:88:80:20:01:7b:7d:
         15:14:60:59:c6:eb:2f:5e:df:dd:4e:6f:68:c2:39:80:54:17:
         06:9c:f0:0e:2f:cd:9a:85:42:a7:23:80:0e:09:6e:25:a4:42:
         c9:a7:92:c6:c2:40:51:44:30:c7:5c:e7:2e:3c:84:c9:90:17:
         2f:fd:93:bc:0c:9a:e6:bc:ed:9d:72:ea:81:fc:cf:66:9f:8a:
         32:4c:15:c1:f8:a4:bd:b9:95:91:08:21:fe:21:83:bd:f6:b8:
         0c:8f:d8:83:5e:97:70:82:a1:7a:9e:b0:2f:58:e7:ea:1e:d0:
         97:30:ac:49:58:a1:b7:46:31:b8:b1:79:d0:99:ad:5b:e4:5a:
         a7:87:ad:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTI+qo+r6x6L5xPDj5m5XFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDg5ZmJlOTg5OTRjYmMwOThjODc2YmE2M2U1NjBhYzE3
ZTViMmYwHhcNMjIxMTMwMTQzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmEwYTczODgyYWFiY2QwZjhlODAwZjc3YmUxNTVmNDYxOTMzYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRGAXcEEObeoCp8gO7kgLwjY0WlA
eumdSDnwxru4M7dDSm14UKIlUyfkGadL+1y2vXLeO36szIlD4w3Iw676F3cEc7O5
zN/wVpip7Dt+q4jLwMi6zlKvkc0r7Ynk4hLl/KmBrBnOHIeYHKQ2PTdmouDqmW37
7TDekYdUJ7sFpt/tRJR5F+QFMHurCVbUdD59flc9D/Dkop+sNduQoaTzdMacI35z
d3EL81DZCPt5oqXGsWXkkwk7Ck6cwiVbzIPH/EgQSXK2bmOdIACT4aYVtoef/Ove
HFMLzMSYw7tVtaj6SB/ScVdKyqpRdsyl806enfWbhsfehsfcp+pEakyJbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+gpziCqrzQ+OgA93vhVfRhkzq4MB8GA1UdIwQY
MBaAFNtIn76YmUy8CYyHa6Y+VgrBflsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBpZnZwaVpUTHdKaklkcnBqNVdDc0YtV3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS82Y2FjNTAtM2YxMy00ZWY5LThiNmQt
ZGVjZWM0MWE3MWQxLzEvZjZDbk9JS3F2TkQ0NkFEM2UtRlY5R0dUT3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS82Y2FjNTAtM2YxMy00ZWY5LThiNmQtZGVjZWM0MWE3MWQx
LzEvMjBpZnZwaVpUTHdKaklkcnBqNVdDc0YtV3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuT/kMA0G
CSqGSIb3DQEBCwUAA4IBAQBDcgnWGGzlAoCUGW4BZoPU6NFi6YgIcZRZ79dl03vX
+6fSyDbbj4iglucl0Hho/csexCkox84bN7VNWt7ZfHX/ZRGPYoQtzcitNJz3ZJts
sYpUKKMYW5XMbWE9pquuNs0u41Mg8hLw4gTXqiYNTPbylluaZRXYWL2IgCABe30V
FGBZxusvXt/dTm9owjmAVBcGnPAOL82ahUKnI4AOCW4lpELJp5LGwkBRRDDHXOcu
PITJkBcv/ZO8DJrmvO2dcuqB/M9mn4oyTBXB+KS9uZWRCCH+IYO99rgMj9iDXpdw
gqF6nrAvWOfqHtCXMKxJWKG3RjG4sXnQma1b5Fqnh61C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:44 2024 by rpki-client on console-ams.rpki-client.org