Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/7lnWmgN1vB19OkDHKCXTZqfpWW4.roa
File:                     7lnWmgN1vB19OkDHKCXTZqfpWW4.roa (raw, json)
Hash identifier:          UN+R81WD5oBKDEpB+8GxuARsK+p7vYRyKWBcBVyy2XU=
Subject key identifier:   EE:59:D6:9A:03:75:BC:1D:7D:3A:40:C7:28:25:D3:66:A7:E9:59:6E
Certificate issuer:       /CN=061bb0916c853801f22ce723bc2cc418869db7d0
Certificate serial:       074879BD
Authority key identifier: 06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/7lnWmgN1vB19OkDHKCXTZqfpWW4.roa
Signing time:             Sat 01 Jan 2022 15:05:06 +0000
ROA not before:           Sat 01 Jan 2022 15:05:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208242
IP address blocks:        2001:678:b04::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122190269 (0x74879bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=061bb0916c853801f22ce723bc2cc418869db7d0
        Validity
            Not Before: Jan  1 15:05:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee59d69a0375bc1d7d3a40c72825d366a7e9596e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:40:bc:d3:86:db:51:e4:1c:d4:38:90:52:28:
                    c8:af:1c:92:e9:ed:c2:b2:5f:71:30:49:66:14:e9:
                    34:d8:9b:6f:8a:91:4c:ef:af:21:0c:a4:68:b1:6e:
                    aa:ab:28:85:18:0f:eb:93:f7:7f:93:d3:61:29:2a:
                    97:c3:59:2e:ad:5b:89:eb:bd:47:f0:60:ec:f1:32:
                    4c:87:e4:9f:52:05:8c:e4:0d:d0:47:c5:bd:b8:08:
                    98:8d:f8:70:2d:89:51:7b:0c:1e:d9:96:08:f8:f3:
                    10:f9:04:7c:c9:1d:d0:45:13:03:9e:e7:aa:f5:b7:
                    4b:6b:6f:69:b2:4b:a1:20:29:18:af:b9:a5:39:99:
                    02:0f:76:9e:8e:b3:be:43:02:c6:3e:14:65:24:13:
                    66:df:c5:45:d4:75:37:0c:cb:19:68:2d:35:29:98:
                    4b:eb:fb:80:fe:de:69:09:c3:72:f1:d0:74:e2:48:
                    fb:6b:35:35:16:df:35:70:79:c4:5a:e7:52:9a:3e:
                    79:41:9e:d7:ab:43:fd:b5:0b:65:1f:c9:19:0d:7b:
                    6e:1c:03:c1:fc:6f:f1:59:6d:bf:bb:05:6d:53:e5:
                    a9:ab:84:2e:83:8d:cb:b6:8f:a9:d6:68:cd:be:2b:
                    47:82:ec:96:67:31:36:ab:32:70:54:52:9e:c1:6e:
                    5e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:59:D6:9A:03:75:BC:1D:7D:3A:40:C7:28:25:D3:66:A7:E9:59:6E
            X509v3 Authority Key Identifier:
                keyid:06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/7lnWmgN1vB19OkDHKCXTZqfpWW4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:b04::/48

    Signature Algorithm: sha256WithRSAEncryption
         a8:c4:e1:2e:94:a6:86:dd:2f:0e:ea:58:8b:e1:c6:66:86:33:
         91:2a:58:fa:26:e0:24:5e:f3:b1:c4:17:84:4f:ab:81:56:5f:
         35:1a:7b:51:d4:ee:70:01:c9:b4:b3:78:a7:fb:c7:45:2d:1c:
         54:17:6a:92:32:15:ce:c1:58:48:a8:f3:47:f7:d5:f3:59:e2:
         51:89:a2:69:2e:3c:ef:28:40:aa:3a:98:d7:c6:75:38:db:79:
         53:b2:49:68:2a:8d:7e:cd:34:82:8e:e5:b6:70:87:d1:64:4c:
         f9:05:98:4f:28:d1:6a:8d:8d:c2:54:9f:28:ea:41:16:e5:19:
         57:67:b9:e1:01:02:57:10:6d:d4:05:b2:ff:50:27:dc:b2:3b:
         20:77:e5:92:16:d5:7c:78:61:bf:ee:6e:09:be:83:62:ca:09:
         66:ee:98:5b:81:bd:28:37:0a:55:f7:72:a9:74:93:35:a9:cb:
         46:26:eb:d5:8e:8b:9a:b4:76:6e:87:9c:c8:66:69:fb:30:48:
         ac:8f:44:f4:ee:c1:46:a6:95:9d:cc:30:39:37:93:83:8a:ca:
         8d:86:cd:f4:1e:1c:4f:61:3a:2d:75:2f:a7:0b:68:f2:c7:31:
         a7:17:22:7a:4a:ea:7f:30:14:f1:e7:bd:76:d3:9c:0e:2c:38:
         aa:61:5c:56
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEB0h5vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjFiYjA5MTZjODUzODAxZjIyY2U3MjNiYzJjYzQxODg2OWRiN2QwMB4XDTIyMDEw
MTE1MDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU1OWQ2OWEwMzc1
YmMxZDdkM2E0MGM3MjgyNWQzNjZhN2U5NTk2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJAvNOG21HkHNQ4kFIoyK8ckuntwrJfcTBJZhTpNNibb4qR
TO+vIQykaLFuqqsohRgP65P3f5PTYSkql8NZLq1bieu9R/Bg7PEyTIfkn1IFjOQN
0EfFvbgImI34cC2JUXsMHtmWCPjzEPkEfMkd0EUTA57nqvW3S2tvabJLoSApGK+5
pTmZAg92no6zvkMCxj4UZSQTZt/FRdR1NwzLGWgtNSmYS+v7gP7eaQnDcvHQdOJI
+2s1NRbfNXB5xFrnUpo+eUGe16tD/bULZR/JGQ17bhwDwfxv8Vltv7sFbVPlqauE
LoONy7aPqdZozb4rR4LslmcxNqsycFRSnsFuXqsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTuWdaaA3W8HX06QMcoJdNmp+lZbjAfBgNVHSMEGDAWgBQGG7CRbIU4AfIs
5yO8LMQYhp230DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JodXdrV3lGT0FIeUxPY2p2Q3pFR0lhZHQ5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvYmJiMWM2LTlmOTEtNDM0Ni1iNjE2LWMyZGM3YTA1OGUzMC8x
LzdsbldtZ04xdkIxOU9rREhLQ1hUWnFmcFdXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
YmJiMWM2LTlmOTEtNDM0Ni1iNjE2LWMyZGM3YTA1OGUzMC8xL0JodXdrV3lGT0FI
eUxPY2p2Q3pFR0lhZHQ5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngLBDANBgkqhkiG9w0BAQsF
AAOCAQEAqMThLpSmht0vDupYi+HGZoYzkSpY+ibgJF7zscQXhE+rgVZfNRp7UdTu
cAHJtLN4p/vHRS0cVBdqkjIVzsFYSKjzR/fV81niUYmiaS487yhAqjqY18Z1ONt5
U7JJaCqNfs00go7ltnCH0WRM+QWYTyjRao2NwlSfKOpBFuUZV2e54QECVxBt1AWy
/1An3LI7IHflkhbVfHhhv+5uCb6DYsoJZu6YW4G9KDcKVfdyqXSTNanLRibr1Y6L
mrR2boecyGZp+zBIrI9E9O7BRqaVncwwOTeTg4rKjYbN9B4cT2E6LXUvpwto8scx
pxciekrqfzAU8ee9dtOcDiw4qmFcVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:04 2024 by rpki-client on console-ams.rpki-client.org