Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/6v6g-ZwWf6fNKSUNvLYHmvCnfzI.roa
File:                     6v6g-ZwWf6fNKSUNvLYHmvCnfzI.roa (raw, json)
Hash identifier:          WuCK6Dqapq8Pi0AUcaDU1DyJOaxaCdF+GLqJVDZQ/B4=
Subject key identifier:   EA:FE:A0:F9:9C:16:7F:A7:CD:29:25:0D:BC:B6:07:9A:F0:A7:7F:32
Certificate issuer:       /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial:       0183AC286B406A1159420923E223B7E74528
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/6v6g-ZwWf6fNKSUNvLYHmvCnfzI.roa
Signing time:             Thu 06 Oct 2022 07:17:53 +0000
ROA not before:           Thu 06 Oct 2022 07:17:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25400
IP address blocks:        2a0c:1bc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ac:28:6b:40:6a:11:59:42:09:23:e2:23:b7:e7:45:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
        Validity
            Not Before: Oct  6 07:17:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eafea0f99c167fa7cd29250dbcb6079af0a77f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:21:a6:c5:b3:c5:fa:49:c2:e4:e8:c5:36:6d:
                    ef:b7:0c:cf:0b:55:7c:08:07:04:f8:a5:12:a1:4d:
                    37:fd:ca:3e:25:f9:e6:db:42:12:5b:f3:2a:14:e1:
                    97:87:60:a8:25:c5:1a:ae:01:9c:5e:26:d2:91:07:
                    ad:ae:e2:3f:4a:49:74:b6:57:e4:57:9f:77:36:49:
                    9c:1e:e2:fa:46:71:ab:a5:06:fb:9a:b3:44:23:fb:
                    74:1c:22:af:de:9b:48:43:22:93:72:7a:31:d7:4f:
                    45:39:bb:62:0c:bb:1d:04:f6:4e:f4:28:44:61:11:
                    2d:df:63:8b:0a:40:11:c3:c3:78:12:0c:95:26:67:
                    5d:ae:36:c8:a5:07:49:6b:ff:cb:06:63:5b:8a:f4:
                    f6:4e:6a:63:64:53:6c:be:9e:c2:2d:1e:37:4a:87:
                    a7:16:b7:6a:70:09:18:96:86:33:34:e4:25:4e:59:
                    6d:24:c9:ad:96:d0:ea:61:07:91:b8:ae:62:19:f9:
                    92:35:13:81:05:62:f6:f9:8b:27:94:04:6f:92:6f:
                    0e:f6:0e:6e:07:d3:12:0f:9b:b5:d1:05:9f:f3:ec:
                    4e:65:15:41:00:72:ce:9d:e4:1c:73:d0:10:17:0c:
                    2c:8b:38:4a:5d:40:29:d2:ee:e8:80:20:b0:3a:31:
                    b3:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:FE:A0:F9:9C:16:7F:A7:CD:29:25:0D:BC:B6:07:9A:F0:A7:7F:32
            X509v3 Authority Key Identifier:
                keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/6v6g-ZwWf6fNKSUNvLYHmvCnfzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:1bc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:dc:49:ca:14:67:ca:da:2f:d0:2d:05:df:74:29:3b:37:1b:
         41:39:f8:b0:83:27:53:0d:88:74:16:dd:6e:72:c6:99:a5:d8:
         f2:da:ac:c3:5f:7e:e0:b4:6d:1f:c5:12:7f:13:12:0e:a7:c8:
         03:1b:d7:89:17:c2:63:57:34:e5:7b:c3:7d:be:fc:2b:c6:74:
         b0:44:55:a9:2e:cd:61:be:38:c1:59:26:ca:88:92:fb:57:1f:
         62:af:f3:ec:84:ea:cc:e8:d7:40:29:9a:3b:8e:42:b7:44:75:
         91:3c:63:f6:f0:3b:0d:0c:a3:cb:c7:1e:dd:ab:bd:23:c2:4f:
         07:95:3c:96:61:3c:ae:a2:24:87:26:6e:87:78:b8:b7:68:08:
         8b:1d:ba:ff:27:f9:d5:18:51:49:7d:e1:6c:12:db:44:17:9c:
         e3:78:c9:31:ee:90:b8:be:db:77:ec:67:cb:05:9d:74:3b:e2:
         80:6d:6b:4b:94:ee:0d:e2:5c:e4:a3:38:f2:35:29:8c:3f:19:
         ad:3e:5a:3f:66:3f:0d:ce:8d:40:0d:90:f3:b6:0e:3c:55:8e:
         23:38:82:7b:ec:d8:24:d3:a3:3f:22:8a:1e:6e:3c:f4:ce:a3:
         fe:43:71:6a:91:4e:de:9a:c1:39:90:ac:2c:8e:91:da:77:d5:
         d0:9c:87:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYOsKGtAahFZQgkj4iO350UoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjIxMDA2MDcxNzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWZlYTBmOTljMTY3ZmE3Y2QyOTI1MGRiY2I2MDc5YWYwYTc3ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiGmxbPF+knC5OjFNm3vtwzPC1V8
CAcE+KUSoU03/co+Jfnm20ISW/MqFOGXh2CoJcUargGcXibSkQetruI/Skl0tlfk
V593NkmcHuL6RnGrpQb7mrNEI/t0HCKv3ptIQyKTcnox109FObtiDLsdBPZO9ChE
YREt32OLCkARw8N4EgyVJmddrjbIpQdJa//LBmNbivT2TmpjZFNsvp7CLR43Soen
FrdqcAkYloYzNOQlTlltJMmtltDqYQeRuK5iGfmSNROBBWL2+YsnlARvkm8O9g5u
B9MSD5u10QWf8+xOZRVBAHLOneQcc9AQFwwsizhKXUAp0u7ogCCwOjGzTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOr+oPmcFn+nzSklDby2B5rwp38yMB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvNnY2Zy1ad1dmNmZOS1NVTnZMWUhtdkNuZnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgwbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAuNxJyhRnytov0C0F33QpOzcbQTn4sIMnUw2IdBbd
bnLGmaXY8tqsw19+4LRtH8USfxMSDqfIAxvXiRfCY1c05XvDfb78K8Z0sERVqS7N
Yb44wVkmyoiS+1cfYq/z7ITqzOjXQCmaO45Ct0R1kTxj9vA7DQyjy8ce3au9I8JP
B5U8lmE8rqIkhyZuh3i4t2gIix26/yf51RhRSX3hbBLbRBec43jJMe6QuL7bd+xn
ywWddDvigG1rS5TuDeJc5KM48jUpjD8ZrT5aP2Y/Dc6NQA2Q87YOPFWOIziCe+zY
JNOjPyKKHm489M6j/kNxapFO3prBOZCsLI6R2nfV0JyH2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org