Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/oVYzCFZBK2tM2HikYZJR6rqGAnM.roa
File:                     oVYzCFZBK2tM2HikYZJR6rqGAnM.roa (raw, json)
Hash identifier:          7fFY5+FsMqM+XXUuckMLmCR20Ys0IXFRHTLP9NGhfuU=
Subject key identifier:   A1:56:33:08:56:41:2B:6B:4C:D8:78:A4:61:92:51:EA:BA:86:02:73
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       078B4765
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/oVYzCFZBK2tM2HikYZJR6rqGAnM.roa
Signing time:             Sat 01 Jan 2022 05:52:20 +0000
ROA not before:           Sat 01 Jan 2022 05:52:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210769
IP address blocks:        2a0f:607:1300::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126568293 (0x78b4765)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Jan  1 05:52:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a156330856412b6b4cd878a4619251eaba860273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fc:da:cb:a0:71:01:33:c3:e0:b4:24:48:ad:
                    f2:7c:4d:8f:d2:b9:36:d9:ab:8f:fa:af:60:19:2a:
                    28:ee:c0:db:02:b3:bb:78:3e:25:dc:1b:7c:75:80:
                    96:06:4b:65:28:58:83:fb:ed:4d:3c:d1:77:0e:b1:
                    71:72:98:94:ef:c8:c2:ee:ac:c2:97:60:10:de:37:
                    a5:71:4d:21:ce:25:2e:20:72:23:be:ae:39:ab:d5:
                    f6:2c:82:89:18:6e:04:44:44:02:91:f0:06:f1:7a:
                    43:8e:c3:d4:de:29:c1:53:02:e6:0b:96:52:23:74:
                    a1:fc:e6:ce:33:c5:4c:96:ee:00:2b:39:d6:6f:94:
                    57:d9:c4:18:72:ca:cc:06:5b:03:53:93:af:2f:b4:
                    89:d7:39:e8:34:3f:f0:2d:2d:50:96:b2:38:59:83:
                    77:e6:52:76:47:cf:f9:db:d1:a5:9e:b1:93:99:3a:
                    84:46:78:19:e1:f2:65:e1:92:31:8a:dc:8d:bc:29:
                    27:9f:04:7b:84:f3:e9:44:c5:f1:21:ad:7f:d8:24:
                    85:8c:61:e0:b8:bb:a2:11:48:50:6c:28:e8:e3:a8:
                    65:9d:17:1d:79:f0:48:d0:d1:66:88:79:44:d1:31:
                    f5:fc:bf:bd:47:47:16:5f:5a:f8:86:0c:a4:50:5d:
                    99:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:56:33:08:56:41:2B:6B:4C:D8:78:A4:61:92:51:EA:BA:86:02:73
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/oVYzCFZBK2tM2HikYZJR6rqGAnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1300::/44

    Signature Algorithm: sha256WithRSAEncryption
         16:a7:1b:24:37:02:74:b8:5f:48:49:52:b2:8e:1d:a0:7c:69:
         78:b3:0b:38:3a:16:0e:41:e5:75:fa:60:ac:80:89:b3:58:84:
         18:03:a5:fa:07:7c:45:a1:db:a1:2a:62:ad:41:32:c3:2a:e0:
         0c:eb:50:61:96:1a:7f:75:36:42:04:ab:90:be:73:30:75:98:
         9c:18:53:97:6a:9e:4c:58:3d:a7:4d:80:a5:04:ce:37:f2:21:
         66:e7:c3:74:1b:52:aa:20:e3:95:c6:74:d3:0a:d1:84:45:5a:
         fa:b7:26:a5:6f:27:35:ab:03:06:de:ff:47:86:1a:8c:e3:9f:
         9d:2a:bd:8b:88:6e:e0:27:fd:1f:59:49:28:29:d9:03:33:5c:
         22:d6:b2:ef:03:a7:ea:9f:64:a8:b3:4c:bd:65:cc:54:c7:9f:
         72:24:8e:f8:3a:1b:06:a1:3a:71:39:a1:90:c5:2e:8a:2a:73:
         83:bc:43:29:80:76:2a:94:a9:21:19:5e:b3:04:e8:4e:1a:9b:
         f2:d6:49:b1:a1:95:1c:0d:55:42:ab:8d:5d:06:c8:1b:61:e3:
         45:2e:9b:06:16:8a:d8:24:5e:72:70:14:ee:85:e0:39:6c:0a:
         dc:22:55:8e:84:44:63:6b:2e:e4:1d:39:39:a8:23:5c:f8:23:
         d6:d4:97:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB4tHZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDEw
MTA1NTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE1NjMzMDg1NjQx
MmI2YjRjZDg3OGE0NjE5MjUxZWFiYTg2MDI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJP82sugcQEzw+C0JEit8nxNj9K5Ntmrj/qvYBkqKO7A2wKz
u3g+JdwbfHWAlgZLZShYg/vtTTzRdw6xcXKYlO/Iwu6swpdgEN43pXFNIc4lLiBy
I76uOavV9iyCiRhuBEREApHwBvF6Q47D1N4pwVMC5guWUiN0ofzmzjPFTJbuACs5
1m+UV9nEGHLKzAZbA1OTry+0idc56DQ/8C0tUJayOFmDd+ZSdkfP+dvRpZ6xk5k6
hEZ4GeHyZeGSMYrcjbwpJ58Ee4Tz6UTF8SGtf9gkhYxh4Li7ohFIUGwo6OOoZZ0X
HXnwSNDRZoh5RNEx9fy/vUdHFl9a+IYMpFBdmRECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBShVjMIVkEra0zYeKRhklHquoYCczAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L29WWXpDRlpCSzJ0TTJIaWtZWkpSNnJxR0FuTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoPBgcTADANBgkqhkiG9w0BAQsF
AAOCAQEAFqcbJDcCdLhfSElSso4doHxpeLMLODoWDkHldfpgrICJs1iEGAOl+gd8
RaHboSpirUEywyrgDOtQYZYaf3U2QgSrkL5zMHWYnBhTl2qeTFg9p02ApQTON/Ih
ZufDdBtSqiDjlcZ00wrRhEVa+rcmpW8nNasDBt7/R4YajOOfnSq9i4hu4Cf9H1lJ
KCnZAzNcItay7wOn6p9kqLNMvWXMVMefciSO+DobBqE6cTmhkMUuiipzg7xDKYB2
KpSpIRleswToThqb8tZJsaGVHA1VQquNXQbIG2HjRS6bBhaK2CRecnAU7oXgOWwK
3CJVjoREY2su5B05OagjXPgj1tSXPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org