Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AHyX7P7JNup2xqRQb1XlDgeI-_Y.roa
File:                     AHyX7P7JNup2xqRQb1XlDgeI-_Y.roa (raw, json)
Hash identifier:          AcuwiT2wwgOPBmchSMm1b+2Rax2DaUiVTFsF5fqRolE=
Subject key identifier:   00:7C:97:EC:FE:C9:36:EA:76:C6:A4:50:6F:55:E5:0E:07:88:FB:F6
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       01846E0DB62FB1BD8BB12C6B00A62E0F81C6
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AHyX7P7JNup2xqRQb1XlDgeI-_Y.roa
Signing time:             Sat 12 Nov 2022 22:55:03 +0000
ROA not before:           Sat 12 Nov 2022 22:55:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18041
IP address blocks:        2a0f:607:1051::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:6e:0d:b6:2f:b1:bd:8b:b1:2c:6b:00:a6:2e:0f:81:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Nov 12 22:55:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=007c97ecfec936ea76c6a4506f55e50e0788fbf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f6:4f:be:fc:42:4e:c0:8d:55:fc:d9:4b:9c:
                    05:07:5b:bd:63:b5:c4:18:dd:6f:3d:46:51:a5:9c:
                    a9:37:45:21:50:69:25:da:91:4b:fa:d8:d0:22:b3:
                    3b:48:70:f8:74:51:d8:83:12:fe:f8:bc:e0:52:57:
                    c7:db:6e:86:ba:8c:61:a6:95:61:1a:0b:11:3b:b2:
                    30:61:1d:44:76:10:1c:29:30:c3:2b:52:a8:f6:e5:
                    d8:58:35:aa:10:8e:82:f0:54:27:42:ff:9c:ac:e9:
                    35:f9:71:85:d0:da:e9:91:19:f2:80:6d:11:48:cd:
                    eb:cc:45:fc:5d:a1:a0:c5:d9:a4:37:37:eb:06:15:
                    ed:96:b6:40:2b:7b:fc:59:79:0c:5f:f3:50:bf:d4:
                    5f:b3:50:73:54:95:40:2d:59:7c:d8:27:b0:94:e4:
                    0a:e7:d5:72:94:22:0f:9d:df:9a:45:d9:f6:c9:51:
                    95:b3:9a:46:55:93:5f:bf:8c:98:e5:32:c9:05:41:
                    3d:b4:ec:cc:5c:c8:6f:76:eb:09:18:87:18:e2:08:
                    4b:b6:c5:81:c5:0d:db:c8:9f:b7:ce:db:0c:76:fa:
                    89:a8:33:21:23:2f:74:a5:b6:33:32:d1:e1:2e:47:
                    62:67:9f:a5:66:d6:2d:92:a5:2f:87:0e:3a:1b:74:
                    f6:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:7C:97:EC:FE:C9:36:EA:76:C6:A4:50:6F:55:E5:0E:07:88:FB:F6
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/AHyX7P7JNup2xqRQb1XlDgeI-_Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1051::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:c2:e6:86:71:a6:d9:b3:61:89:d9:ce:6c:9b:ee:08:bf:0c:
         6d:bd:19:ee:7e:39:e0:e5:6b:b8:d9:d3:33:2e:5b:b9:1d:b0:
         12:78:b2:aa:c5:14:10:01:33:24:55:b9:5e:8c:74:3b:68:91:
         38:08:67:ac:20:35:18:ae:7d:c4:74:bf:f8:c9:2f:7d:c9:ff:
         25:cb:64:db:dc:ac:12:18:ef:72:e3:c1:44:55:e4:7e:6d:bf:
         60:78:2a:2c:ea:ee:3b:40:82:22:bb:0e:12:8e:e8:9d:b9:f9:
         f5:88:cc:19:73:6a:4a:d3:0b:b8:fb:ae:7f:65:ce:21:74:b3:
         b9:6d:7e:9d:12:af:3b:bb:80:20:f9:b8:86:d8:d0:89:34:7d:
         c3:c1:29:16:97:5a:37:4a:5f:f5:7c:20:44:cf:10:c5:de:ef:
         7b:34:8f:02:7f:03:fe:cc:b0:d2:9d:34:5a:dd:ce:54:59:c1:
         96:55:cb:7d:67:7a:ae:d0:9c:00:5d:4d:cd:c5:1d:17:2d:24:
         76:68:84:c7:da:03:7b:59:40:02:37:54:48:ab:63:9e:69:b0:
         84:a0:11:9a:40:b1:3c:d7:f0:9d:59:01:8b:72:b8:a3:b5:8b:
         ff:88:ae:8c:8c:6b:a4:fa:a8:e1:36:bf:31:77:0f:2f:e7:aa:
         9a:b3:1e:45
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYRuDbYvsb2LsSxrAKYuD4HGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjIxMTEyMjI1NTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdjOTdlY2ZlYzkzNmVhNzZjNmE0NTA2ZjU1ZTUwZTA3ODhmYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfZPvvxCTsCNVfzZS5wFB1u9Y7XE
GN1vPUZRpZypN0UhUGkl2pFL+tjQIrM7SHD4dFHYgxL++LzgUlfH226GuoxhppVh
GgsRO7IwYR1EdhAcKTDDK1Ko9uXYWDWqEI6C8FQnQv+crOk1+XGF0NrpkRnygG0R
SM3rzEX8XaGgxdmkNzfrBhXtlrZAK3v8WXkMX/NQv9Rfs1BzVJVALVl82CewlOQK
59VylCIPnd+aRdn2yVGVs5pGVZNfv4yY5TLJBUE9tOzMXMhvdusJGIcY4ghLtsWB
xQ3byJ+3ztsMdvqJqDMhIy90pbYzMtHhLkdiZ5+lZtYtkqUvhw46G3T2LQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAB8l+z+yTbqdsakUG9V5Q4HiPv2MB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvQUh5WDdQN0pOdXAyeHFSUWIxWGxEZ2VJLV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBR
MA0GCSqGSIb3DQEBCwUAA4IBAQAuwuaGcabZs2GJ2c5sm+4IvwxtvRnufjng5Wu4
2dMzLlu5HbASeLKqxRQQATMkVblejHQ7aJE4CGesIDUYrn3EdL/4yS99yf8ly2Tb
3KwSGO9y48FEVeR+bb9geCos6u47QIIiuw4Sjuidufn1iMwZc2pK0wu4+65/Zc4h
dLO5bX6dEq87u4Ag+biG2NCJNH3DwSkWl1o3Sl/1fCBEzxDF3u97NI8CfwP+zLDS
nTRa3c5UWcGWVct9Z3qu0JwAXU3NxR0XLSR2aITH2gN7WUACN1RIq2OeabCEoBGa
QLE81/CdWQGLcrijtYv/iK6MjGuk+qjhNr8xdw8v56qasx5F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org