Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6wAJ7ztgimk0Q6AAVYusBp01eGc.roa
File:                     6wAJ7ztgimk0Q6AAVYusBp01eGc.roa (raw, json)
Hash identifier:          iK4X4RxytjpOkKiPgbjnhWKtAqqXJ7OjZ9i6z5nEAmU=
Subject key identifier:   EB:00:09:EF:3B:60:8A:69:34:43:A0:00:55:8B:AC:06:9D:35:78:67
Certificate issuer:       /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial:       01823A84E129A862CA3F12A00EBB062C2924
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6wAJ7ztgimk0Q6AAVYusBp01eGc.roa
Signing time:             Tue 26 Jul 2022 12:39:23 +0000
ROA not before:           Tue 26 Jul 2022 12:39:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        88.209.245.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3a:84:e1:29:a8:62:ca:3f:12:a0:0e:bb:06:2c:29:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
        Validity
            Not Before: Jul 26 12:39:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb0009ef3b608a693443a000558bac069d357867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3e:43:79:f9:ca:21:cb:86:e3:2d:2d:c2:25:
                    dd:b6:a2:17:21:8e:97:ec:e0:32:d9:53:4d:04:df:
                    52:35:be:53:91:0f:09:67:56:16:c2:b7:23:11:14:
                    4c:c2:66:d7:7e:6c:87:9a:2d:de:9b:74:3c:67:8b:
                    48:46:20:9d:6e:62:47:d0:64:90:78:d7:01:a8:ff:
                    cc:91:b8:fd:a0:e1:7d:9b:62:96:74:72:39:6c:f4:
                    46:4f:5c:62:82:43:bd:f8:36:4d:f6:e2:9f:49:57:
                    d4:8e:99:3d:9e:78:63:42:3d:00:cf:40:a0:04:b3:
                    95:19:32:a2:f1:91:e0:0d:1c:cc:a2:38:bc:7f:75:
                    0d:91:0a:19:80:7a:54:5e:02:87:8a:08:13:69:29:
                    5a:b2:0d:a4:26:fe:6c:3b:ca:8b:2a:5a:15:bc:6c:
                    0f:16:78:13:03:aa:a8:83:21:4f:7f:43:d6:2a:10:
                    89:3e:95:62:b1:2e:9f:9e:4f:19:93:4b:bb:c4:00:
                    92:eb:9b:54:e8:e5:7d:0a:a9:97:df:3e:fc:ff:36:
                    1b:58:17:83:ba:64:e3:19:0a:4d:63:de:af:49:29:
                    b1:b3:d9:5b:1c:2f:bf:d0:51:75:7c:cd:9e:b6:59:
                    d3:33:cb:0e:dd:79:78:48:ba:98:04:c5:f4:41:b6:
                    14:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:00:09:EF:3B:60:8A:69:34:43:A0:00:55:8B:AC:06:9D:35:78:67
            X509v3 Authority Key Identifier:
                keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6wAJ7ztgimk0Q6AAVYusBp01eGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.209.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:b6:fc:ac:24:9d:b7:36:51:7d:8e:f6:42:35:ca:da:d2:f9:
         22:94:3b:38:2e:ee:76:0f:58:f4:ff:ea:1c:92:0b:60:dc:ed:
         23:36:2b:f0:a1:35:74:43:02:0e:bb:92:ff:7f:1e:4c:ba:25:
         77:e8:25:63:85:4b:b3:d4:5d:28:49:ac:ab:81:a2:a6:49:0a:
         29:b1:4d:d2:2f:ea:fa:90:49:a8:37:85:db:4f:7e:4d:e2:be:
         0a:7c:85:c4:45:71:2e:a0:ba:08:4a:4e:ea:03:51:cd:16:f9:
         c0:c5:43:3d:67:52:09:5e:a1:bc:5e:40:cb:0d:a2:38:94:fe:
         fc:ec:55:c9:a4:68:5b:b2:c4:b1:39:41:48:6d:4b:d5:5f:4c:
         dc:e6:38:99:ec:4c:ef:c6:cd:0b:c7:98:95:78:fb:23:e9:25:
         fb:de:59:4b:c7:e4:b4:1f:ea:c4:cb:88:50:d8:13:bd:90:e0:
         cc:ee:56:c4:81:ef:e3:19:ea:ed:74:9f:35:86:b9:76:a0:21:
         75:6d:ed:16:ca:14:4d:37:c8:de:39:f9:97:9e:88:dc:af:fe:
         8c:b6:e3:59:f2:1f:af:c7:9d:f5:38:0a:97:66:3f:a6:ae:5b:
         08:4f:c2:61:61:9e:81:f3:43:dd:6c:e3:a2:73:db:2b:f6:53:
         f6:7e:a2:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI6hOEpqGLKPxKgDrsGLCkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI2MTIzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjAwMDllZjNiNjA4YTY5MzQ0M2EwMDA1NThiYWMwNjlkMzU3ODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD5DefnKIcuG4y0twiXdtqIXIY6X
7OAy2VNNBN9SNb5TkQ8JZ1YWwrcjERRMwmbXfmyHmi3em3Q8Z4tIRiCdbmJH0GSQ
eNcBqP/Mkbj9oOF9m2KWdHI5bPRGT1xigkO9+DZN9uKfSVfUjpk9nnhjQj0Az0Cg
BLOVGTKi8ZHgDRzMoji8f3UNkQoZgHpUXgKHiggTaSlasg2kJv5sO8qLKloVvGwP
FngTA6qogyFPf0PWKhCJPpVisS6fnk8Zk0u7xACS65tU6OV9CqmX3z78/zYbWBeD
umTjGQpNY96vSSmxs9lbHC+/0FF1fM2etlnTM8sO3Xl4SLqYBMX0QbYUOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOsACe87YIppNEOgAFWLrAadNXhnMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNndBSjd6dGdpbWswUTZBQVZZdXNCcDAxZUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH1MA0G
CSqGSIb3DQEBCwUAA4IBAQBrtvysJJ23NlF9jvZCNcra0vkilDs4Lu52D1j0/+oc
kgtg3O0jNivwoTV0QwIOu5L/fx5MuiV36CVjhUuz1F0oSayrgaKmSQopsU3SL+r6
kEmoN4XbT35N4r4KfIXERXEuoLoISk7qA1HNFvnAxUM9Z1IJXqG8XkDLDaI4lP78
7FXJpGhbssSxOUFIbUvVX0zc5jiZ7Ezvxs0Lx5iVePsj6SX73llLx+S0H+rEy4hQ
2BO9kODM7lbEge/jGertdJ81hrl2oCF1be0WyhRNN8jeOfmXnojcr/6MtuNZ8h+v
x531OAqXZj+mrlsIT8JhYZ6B80PdbOOic9sr9lP2fqL4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org