Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/6RUwm3MgB-e4qH0NK0-6M4Mnq08.roa
File:                     6RUwm3MgB-e4qH0NK0-6M4Mnq08.roa (raw, json)
Hash identifier:          ir5FMYvvnRNuYdeDCbb9wyHMn20aRaaKPlM9D3DZBlw=
Subject key identifier:   E9:15:30:9B:73:20:07:E7:B8:A8:7D:0D:2B:4F:BA:33:83:27:AB:4F
Certificate issuer:       /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial:       08F59BF2
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/6RUwm3MgB-e4qH0NK0-6M4Mnq08.roa
Signing time:             Fri 04 Mar 2022 13:37:44 +0000
ROA not before:           Fri 04 Mar 2022 13:37:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210851
IP address blocks:        2a0e:e704:46::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150313970 (0x8f59bf2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
        Validity
            Not Before: Mar  4 13:37:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e915309b732007e7b8a87d0d2b4fba338327ab4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a6:85:19:7d:a4:8e:42:8f:5f:43:f9:bb:4b:
                    b2:ab:18:a4:cf:a3:b0:40:13:a2:d8:41:fb:9d:9a:
                    4d:e6:f0:c1:e5:2c:a8:a4:88:21:1e:4a:d6:f4:a6:
                    80:8b:19:87:48:0e:d5:81:c1:66:21:91:55:87:05:
                    71:41:41:c0:18:f0:52:51:77:bc:83:42:99:bf:f6:
                    c9:89:fa:23:ad:db:05:70:94:a6:38:9e:19:52:dd:
                    1d:05:42:d3:25:8e:7f:30:55:78:ed:87:4b:03:54:
                    0f:b5:2a:20:94:be:5d:ca:54:5d:e6:a6:f8:8a:f6:
                    8e:ce:6b:82:12:d6:6d:71:8c:aa:be:0c:55:75:5f:
                    76:62:15:68:27:97:da:11:8f:67:70:45:24:c2:49:
                    d2:13:20:d0:4a:75:93:b4:a4:78:6d:b3:4d:03:3a:
                    d6:86:e3:48:5d:2b:25:e0:a5:63:c2:c8:0e:b4:c9:
                    b9:3c:4f:29:37:9a:76:19:fa:98:30:b7:2b:8f:d0:
                    b5:d4:3a:8a:41:2c:ad:fd:9c:58:ec:fa:01:82:e7:
                    fc:97:d8:6a:1c:89:59:1f:eb:07:fe:b9:b3:19:a3:
                    61:92:61:5b:5b:7a:0e:0c:fd:12:b6:36:87:ee:46:
                    65:c5:0d:d0:35:84:ef:57:a2:da:8d:ec:07:60:07:
                    00:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:15:30:9B:73:20:07:E7:B8:A8:7D:0D:2B:4F:BA:33:83:27:AB:4F
            X509v3 Authority Key Identifier:
                keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/6RUwm3MgB-e4qH0NK0-6M4Mnq08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:e704:46::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:cc:95:fa:5e:ec:97:0d:5c:c4:0b:f9:b4:d5:cb:03:33:ee:
         db:09:fc:52:11:7c:53:5b:82:59:a2:93:6a:a6:e4:86:51:f9:
         9f:60:22:6f:e0:df:77:bf:af:99:f2:e1:13:7c:b3:af:10:38:
         53:9b:c6:2e:bb:a6:67:9a:34:4f:b4:7b:d8:85:71:d4:41:48:
         48:18:b4:36:c4:8d:61:63:ab:f5:46:72:0e:39:c5:9a:be:6f:
         e1:be:fe:ad:d7:c1:2a:0d:01:12:9b:19:76:c7:45:02:f4:56:
         2a:eb:6b:b3:ed:cf:70:c1:ed:a4:9c:d0:30:aa:c2:8d:9b:6a:
         8b:84:ba:ef:ec:9a:ed:91:e7:82:ee:49:1f:76:f9:41:76:83:
         4e:4d:ca:41:06:7b:8c:f3:06:c6:46:7e:0f:90:c5:31:8f:d4:
         d1:77:43:48:32:90:22:3e:21:2a:1d:51:10:51:0b:5c:87:9f:
         2d:4b:40:b7:b0:8b:06:8e:74:6b:a5:d3:62:7b:b1:14:6b:31:
         16:db:34:f3:19:74:03:6a:f3:df:bd:26:a0:3d:44:27:ab:5b:
         b9:34:a9:ee:c7:f6:9b:ed:24:9a:e0:a1:a7:89:f9:86:d0:0e:
         8a:89:bf:1e:cd:ec:38:00:58:d0:4b:2a:54:d8:44:1c:68:30:
         06:c8:d3:f8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECPWb8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjBmNDVmN2NjNGI2OTFmZDRhMzFjMWYxYzBiNGY2MDVkNzdhNmVmMB4XDTIyMDMw
NDEzMzc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTkxNTMwOWI3MzIw
MDdlN2I4YTg3ZDBkMmI0ZmJhMzM4MzI3YWI0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+mhRl9pI5Cj19D+btLsqsYpM+jsEATothB+52aTebwweUs
qKSIIR5K1vSmgIsZh0gO1YHBZiGRVYcFcUFBwBjwUlF3vINCmb/2yYn6I63bBXCU
pjieGVLdHQVC0yWOfzBVeO2HSwNUD7UqIJS+XcpUXeam+Ir2js5rghLWbXGMqr4M
VXVfdmIVaCeX2hGPZ3BFJMJJ0hMg0Ep1k7SkeG2zTQM61objSF0rJeClY8LIDrTJ
uTxPKTeadhn6mDC3K4/QtdQ6ikEsrf2cWOz6AYLn/JfYahyJWR/rB/65sxmjYZJh
W1t6Dgz9ErY2h+5GZcUN0DWE71ei2o3sB2AHAFcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTpFTCbcyAH57iofQ0rT7ozgyerTzAfBgNVHSMEGDAWgBTWD0X3zEtpH9Sj
HB8cC09gXXem7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnOUY5OHhMYVJfVW94d2ZIQXRQWUYxM3B1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvYWQzMDQ0LWNkY2UtNDZjZi05MmM5LWE5NTRkMDUzOTk0YS8x
LzZSVXdtM01nQi1lNHFIME5LMC02TTRNbnEwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
YWQzMDQ0LWNkY2UtNDZjZi05MmM5LWE5NTRkMDUzOTk0YS8xLzFnOUY5OHhMYVJf
VW94d2ZIQXRQWUYxM3B1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoO5wQARjANBgkqhkiG9w0BAQsF
AAOCAQEAQcyV+l7slw1cxAv5tNXLAzPu2wn8UhF8U1uCWaKTaqbkhlH5n2Aib+Df
d7+vmfLhE3yzrxA4U5vGLrumZ5o0T7R72IVx1EFISBi0NsSNYWOr9UZyDjnFmr5v
4b7+rdfBKg0BEpsZdsdFAvRWKutrs+3PcMHtpJzQMKrCjZtqi4S67+ya7ZHngu5J
H3b5QXaDTk3KQQZ7jPMGxkZ+D5DFMY/U0XdDSDKQIj4hKh1REFELXIefLUtAt7CL
Bo50a6XTYnuxFGsxFts08xl0A2rz370moD1EJ6tbuTSp7sf2m+0kmuChp4n5htAO
iom/Hs3sOABY0EsqVNhEHGgwBsjT+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:10 2024 by rpki-client on console-ams.rpki-client.org