Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/N2V9pXnTOqYjjz0acneuuPyQfTQ.roa
File:                     N2V9pXnTOqYjjz0acneuuPyQfTQ.roa (raw, json)
Hash identifier:          0Ptl7+SpunZbSqzFEpy4D2v/jBayNaBN2v38exKmHbQ=
Subject key identifier:   37:65:7D:A5:79:D3:3A:A6:23:8F:3D:1A:72:77:AE:B8:FC:90:7D:34
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       078E0E87
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/N2V9pXnTOqYjjz0acneuuPyQfTQ.roa
Signing time:             Sat 01 Jan 2022 05:52:21 +0000
ROA not before:           Sat 01 Jan 2022 05:52:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212359
IP address blocks:        2a0f:607:1024::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126750343 (0x78e0e87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Jan  1 05:52:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37657da579d33aa6238f3d1a7277aeb8fc907d34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:9e:6f:3f:e8:d8:13:88:95:ec:9d:b2:0b:32:
                    3d:49:fc:95:43:d8:ff:ea:49:67:61:00:cc:3a:8d:
                    cc:27:3d:76:5d:fa:6d:41:65:1e:80:69:d2:70:fe:
                    f6:22:31:99:d3:59:8e:f4:fa:c7:ad:cb:f8:a5:9a:
                    41:e9:d0:9c:b9:78:f2:da:e6:a5:ad:b4:12:e5:14:
                    fd:d9:ef:7b:65:ee:7e:bf:10:03:3f:06:22:8c:06:
                    ff:e9:02:d9:0c:f2:ea:66:58:03:fb:f2:b1:0c:9a:
                    59:46:d6:b7:1b:b1:2f:96:00:da:33:d1:b8:87:26:
                    ee:36:ad:59:ea:33:f3:4e:84:ae:fc:92:61:b3:a0:
                    06:32:a3:d6:96:e7:01:aa:76:36:6a:c0:b6:a2:16:
                    49:24:46:ad:24:e4:ca:fa:3a:41:bc:b3:6e:0f:da:
                    35:38:66:8c:b5:68:e7:55:ea:d3:82:90:5d:80:62:
                    a8:45:a1:04:a5:72:37:7e:46:99:70:34:cb:bb:2e:
                    11:8b:07:c0:79:41:5e:8b:4c:48:6b:41:73:2e:dc:
                    70:d6:c7:a6:e6:e0:94:80:69:7e:2b:1c:66:68:49:
                    a1:27:d4:f8:dc:48:59:27:c1:0b:52:e5:cf:af:6b:
                    bd:25:c0:e3:69:fd:ab:91:2f:17:c1:87:e1:35:19:
                    1a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:65:7D:A5:79:D3:3A:A6:23:8F:3D:1A:72:77:AE:B8:FC:90:7D:34
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/N2V9pXnTOqYjjz0acneuuPyQfTQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1024::/48

    Signature Algorithm: sha256WithRSAEncryption
         2e:ae:bf:ab:76:31:8a:36:e4:e5:aa:2e:14:2b:f8:90:6d:9c:
         56:dc:ae:4b:5b:e9:d8:af:e8:a5:53:a7:de:ee:7a:11:ac:9d:
         19:47:d9:09:10:3d:e9:4d:cc:a5:14:99:be:c7:8f:36:13:3e:
         1c:e3:a4:bd:30:57:a1:41:d7:b4:ff:e3:e1:6c:91:19:10:dc:
         1a:c0:2c:b3:39:3f:8d:b0:47:31:c0:26:0d:a6:4e:a0:df:52:
         09:75:c1:d9:08:74:40:89:75:74:53:24:c6:2f:98:f2:25:f8:
         5b:a0:2f:8d:40:cb:32:93:5f:6f:7f:34:e0:b1:15:32:27:0e:
         6e:63:ac:29:f9:2d:d1:3b:f7:e5:5e:15:27:51:45:31:c0:c7:
         82:d9:24:76:24:69:58:88:64:01:17:4b:fc:bb:61:e2:78:0d:
         8d:af:05:32:a4:b0:f9:4b:26:6f:4c:39:ca:8d:9c:c2:7a:7d:
         14:9a:01:ec:1f:05:65:83:e8:6a:90:e5:09:db:29:cb:59:9d:
         c0:34:fa:68:d3:6d:3d:66:da:60:cc:c0:fe:8f:1b:9e:da:62:
         92:bc:b2:5e:ed:60:cd:27:0a:f1:5c:22:03:18:f6:1d:77:a9:
         8e:e2:c9:fb:91:9e:38:e1:e9:f0:3a:5d:67:ce:5e:ad:31:26:
         9a:72:8f:c7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB44OhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDEw
MTA1NTIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc2NTdkYTU3OWQz
M2FhNjIzOGYzZDFhNzI3N2FlYjhmYzkwN2QzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPmebz/o2BOIleydsgsyPUn8lUPY/+pJZ2EAzDqNzCc9dl36
bUFlHoBp0nD+9iIxmdNZjvT6x63L+KWaQenQnLl48trmpa20EuUU/dnve2Xufr8Q
Az8GIowG/+kC2Qzy6mZYA/vysQyaWUbWtxuxL5YA2jPRuIcm7jatWeoz806ErvyS
YbOgBjKj1pbnAap2NmrAtqIWSSRGrSTkyvo6Qbyzbg/aNThmjLVo51Xq04KQXYBi
qEWhBKVyN35GmXA0y7suEYsHwHlBXotMSGtBcy7ccNbHpubglIBpfiscZmhJoSfU
+NxIWSfBC1Llz69rvSXA42n9q5EvF8GH4TUZGlkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ3ZX2ledM6piOPPRpyd664/JB9NDAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L04yVjlwWG5UT3FZamp6MGFjbmV1dVB5UWZUUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPBgcQJDANBgkqhkiG9w0BAQsF
AAOCAQEALq6/q3Yxijbk5aouFCv4kG2cVtyuS1vp2K/opVOn3u56EaydGUfZCRA9
6U3MpRSZvsePNhM+HOOkvTBXoUHXtP/j4WyRGRDcGsAsszk/jbBHMcAmDaZOoN9S
CXXB2Qh0QIl1dFMkxi+Y8iX4W6AvjUDLMpNfb3804LEVMicObmOsKfkt0Tv35V4V
J1FFMcDHgtkkdiRpWIhkARdL/Lth4ngNja8FMqSw+Usmb0w5yo2cwnp9FJoB7B8F
ZYPoapDlCdspy1mdwDT6aNNtPWbaYMzA/o8bntpikryyXu1gzScK8VwiAxj2HXep
juLJ+5GeOOHp8DpdZ85erTEmmnKPxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org