Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/Zvv0JK6RadUGyZJTr3IYEbTqnT0.roa
File:                     Zvv0JK6RadUGyZJTr3IYEbTqnT0.roa (raw, json)
Hash identifier:          a8b7xOYhqJ42t+l8ro6iMyM5v6jzgeDhrl64CAfH+5c=
Subject key identifier:   66:FB:F4:24:AE:91:69:D5:06:C9:92:53:AF:72:18:11:B4:EA:9D:3D
Certificate issuer:       /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial:       0182689136B340E70D4893157D2C4C5F7C4E
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/Zvv0JK6RadUGyZJTr3IYEbTqnT0.roa
Signing time:             Thu 04 Aug 2022 11:15:23 +0000
ROA not before:           Thu 04 Aug 2022 11:15:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60781
IP address blocks:        2a05:3040::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:68:91:36:b3:40:e7:0d:48:93:15:7d:2c:4c:5f:7c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
        Validity
            Not Before: Aug  4 11:15:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66fbf424ae9169d506c99253af721811b4ea9d3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:80:3b:d7:97:97:fc:3c:57:4d:b0:30:cd:1b:
                    b7:35:34:b4:b8:3b:79:50:4f:3f:bf:3a:bb:bb:6d:
                    22:15:b7:a4:73:96:92:f8:fe:84:71:78:5e:cf:d2:
                    8e:06:fe:52:67:61:fe:68:e3:29:f4:44:e8:14:65:
                    8b:b0:90:2e:af:03:b3:43:f4:8a:46:19:4e:3f:e4:
                    2b:c6:6f:fd:be:0e:30:6c:14:2c:5c:5d:0c:f0:9d:
                    fd:c3:92:32:e4:70:f3:13:dc:c7:c7:6d:d9:28:53:
                    9b:b5:f2:99:ac:5f:49:0d:58:f1:b7:13:c8:a5:24:
                    65:df:14:b2:04:2f:10:04:c1:11:58:d1:9b:1a:aa:
                    19:07:a1:d5:5d:26:83:8d:c3:11:f3:61:3e:bd:8d:
                    08:92:48:8c:fa:2c:9f:81:24:af:18:80:78:62:b2:
                    d3:1d:2d:4f:74:20:e5:a2:5c:cf:02:43:1d:6d:ff:
                    8d:e1:27:bf:08:0d:cc:bd:84:1e:4d:05:3f:15:e8:
                    a0:e5:03:5b:cc:86:35:7d:f4:d7:6c:73:a0:8b:10:
                    cf:4b:c8:d3:0c:13:98:cb:3e:76:96:fb:69:3a:de:
                    4f:e6:fd:58:a2:11:83:f8:57:1e:27:3f:f8:ad:43:
                    bd:2b:2b:3e:c3:04:f0:b2:90:e4:10:a2:e6:46:98:
                    55:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:FB:F4:24:AE:91:69:D5:06:C9:92:53:AF:72:18:11:B4:EA:9D:3D
            X509v3 Authority Key Identifier:
                keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/Zvv0JK6RadUGyZJTr3IYEbTqnT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:3040::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:4c:32:70:e2:02:db:c6:b2:02:74:95:ec:24:0a:85:40:4a:
         a3:0d:d4:65:78:d3:e8:7e:5c:51:74:53:b3:f6:97:82:10:9d:
         af:d5:de:ec:37:b0:be:e3:e9:4c:1f:83:2f:9c:d5:9e:93:d1:
         d1:a2:09:b4:8c:16:3a:b4:fc:15:27:c5:b7:ba:b2:db:fe:38:
         a2:13:de:39:60:82:c7:85:28:15:51:b8:3a:b3:9b:f0:7f:74:
         62:cd:42:6b:ec:2f:f5:d1:d3:9a:b9:1f:34:1a:c9:02:ad:ca:
         e9:23:0f:d3:77:62:8f:56:30:75:7b:b9:ff:d0:c2:16:93:53:
         1d:56:e3:bb:bd:5b:a8:6f:7a:17:b8:41:06:a3:db:42:95:ba:
         ae:6c:9e:ce:cc:0c:03:ae:e4:e5:3b:d1:ce:ac:48:3b:21:32:
         b2:dc:5c:0e:7d:8f:2f:18:d1:36:0d:42:d3:fc:0f:81:62:bd:
         43:67:f9:2b:db:55:bb:2d:e2:ed:d7:92:d9:a0:a9:b8:87:6f:
         00:e8:fe:00:88:51:f9:a3:20:12:19:6c:b7:75:31:7b:00:71:
         3c:92:5c:e4:aa:ab:05:ad:b0:c9:9e:c7:23:5f:95:3b:da:af:
         14:67:76:35:de:0f:3a:f6:9e:69:aa:5d:aa:85:a9:39:5a:36:
         bd:c8:36:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYJokTazQOcNSJMVfSxMX3xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MjBlYWRiMmUxNTYyYjRlMmU0ZjQ4MDc3MmMzNjg4N2E3
NzdmMjQwHhcNMjIwODA0MTExNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmZiZjQyNGFlOTE2OWQ1MDZjOTkyNTNhZjcyMTgxMWI0ZWE5ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIA715eX/DxXTbAwzRu3NTS0uDt5
UE8/vzq7u20iFbekc5aS+P6EcXhez9KOBv5SZ2H+aOMp9EToFGWLsJAurwOzQ/SK
RhlOP+Qrxm/9vg4wbBQsXF0M8J39w5Iy5HDzE9zHx23ZKFObtfKZrF9JDVjxtxPI
pSRl3xSyBC8QBMERWNGbGqoZB6HVXSaDjcMR82E+vY0IkkiM+iyfgSSvGIB4YrLT
HS1PdCDlolzPAkMdbf+N4Se/CA3MvYQeTQU/Feig5QNbzIY1ffTXbHOgixDPS8jT
DBOYyz52lvtpOt5P5v1YohGD+FceJz/4rUO9Kys+wwTwspDkEKLmRphV5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGb79CSukWnVBsmSU69yGBG06p09MB8GA1UdIwQY
MBaAFAYg6tsuFWK04uT0gHcsNoh6d38kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQt
YTVmZGI1NzBmZTlhLzEvWnZ2MEpLNlJhZFVHeVpKVHIzSVlFYlRxblQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQtYTVmZGI1NzBmZTlh
LzEvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUwQDAN
BgkqhkiG9w0BAQsFAAOCAQEATUwycOIC28ayAnSV7CQKhUBKow3UZXjT6H5cUXRT
s/aXghCdr9Xe7DewvuPpTB+DL5zVnpPR0aIJtIwWOrT8FSfFt7qy2/44ohPeOWCC
x4UoFVG4OrOb8H90Ys1Ca+wv9dHTmrkfNBrJAq3K6SMP03dij1YwdXu5/9DCFpNT
HVbju71bqG96F7hBBqPbQpW6rmyezswMA67k5TvRzqxIOyEystxcDn2PLxjRNg1C
0/wPgWK9Q2f5K9tVuy3i7deS2aCpuIdvAOj+AIhR+aMgEhlst3UxewBxPJJc5Kqr
Ba2wyZ7HI1+VO9qvFGd2Nd4POvaeaapdqoWpOVo2vcg2xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:29 2024 by rpki-client on console-fra.rpki-client.org