Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/bKTcL4aWrD7UjTAnSAJiuPM_yas.roa
File:                     bKTcL4aWrD7UjTAnSAJiuPM_yas.roa (raw, json)
Hash identifier:          GkDkM50+onaj5YSMycG0Pv/CF6cIRTBNT6168Ho1ELg=
Subject key identifier:   6C:A4:DC:2F:86:96:AC:3E:D4:8D:30:27:48:02:62:B8:F3:3F:C9:AB
Certificate issuer:       /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial:       34EA62
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/bKTcL4aWrD7UjTAnSAJiuPM_yas.roa
Signing time:             Wed 08 Jun 2022 10:02:09 +0000
ROA not before:           Wed 08 Jun 2022 10:02:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43150
IP address blocks:        217.199.199.0/24 maxlen: 24
                          2a00:4d80::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3467874 (0x34ea62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
        Validity
            Not Before: Jun  8 10:02:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ca4dc2f8696ac3ed48d3027480262b8f33fc9ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ab:da:b3:fa:43:ed:20:6e:87:5f:31:15:f0:
                    ef:83:e2:33:1c:b2:2e:1e:d6:90:c7:a4:54:13:83:
                    ac:fa:94:fa:13:33:2e:41:d4:f4:eb:f6:a0:bb:cd:
                    a7:90:49:3d:71:7e:a6:9a:65:d3:77:67:18:ab:d7:
                    ce:8c:3b:6a:11:1f:85:07:60:76:24:f3:50:60:27:
                    7f:35:22:e5:9e:63:4e:c4:e3:88:56:12:23:10:a4:
                    0d:6e:dd:65:90:c9:3d:f7:85:cb:f2:dc:b0:c0:84:
                    1b:1b:5e:8e:27:ee:9c:1c:52:70:1e:64:74:1f:3b:
                    a4:68:f5:27:fd:69:bf:21:33:23:14:e3:fc:0c:b2:
                    23:4e:95:d0:c6:11:54:26:a8:de:87:8b:49:b1:a5:
                    f7:e1:66:5b:2f:7c:f0:da:8b:2a:83:e8:64:0d:18:
                    9e:a7:b8:23:1a:cf:2e:f7:17:04:35:e2:e5:ac:0a:
                    7c:53:18:41:1c:91:d4:ad:30:08:a3:3a:8d:d0:2d:
                    50:e2:99:9d:69:be:74:37:bb:73:cd:31:50:41:ab:
                    b0:fe:b7:e2:70:7d:cf:3a:b7:28:29:6d:a7:f4:f3:
                    8c:e0:ff:1c:17:5a:5e:74:42:3b:70:e2:99:24:de:
                    ca:2c:d8:cd:6d:e0:1e:ec:cc:a8:6b:d9:ea:57:92:
                    6d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:A4:DC:2F:86:96:AC:3E:D4:8D:30:27:48:02:62:B8:F3:3F:C9:AB
            X509v3 Authority Key Identifier:
                keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/bKTcL4aWrD7UjTAnSAJiuPM_yas.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.199.199.0/24
                IPv6:
                  2a00:4d80::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:f4:6e:9f:18:45:ee:7f:e2:24:c2:89:7c:e0:ac:25:27:b2:
         de:50:90:76:cc:31:6b:89:e7:27:80:42:5e:4e:a4:cd:f6:76:
         44:ae:38:62:78:15:7a:90:8e:e9:0e:fd:f7:67:be:70:59:a5:
         b4:b2:bb:ea:2d:9b:b9:b6:42:82:fb:94:c0:68:f8:16:d4:a8:
         5e:a8:60:21:ee:f7:6b:08:1b:2a:92:ca:15:36:b7:ec:40:3d:
         4f:31:f7:39:23:eb:26:84:77:1a:19:59:68:43:76:33:08:1e:
         05:41:0f:5f:38:6f:f5:38:ea:f5:89:64:1b:06:98:28:e3:ab:
         58:a1:17:6b:6d:2b:ab:1a:00:38:32:dd:01:83:c6:2c:6b:29:
         87:4f:7c:f5:7b:ac:b4:ce:e2:24:f5:c6:bf:7e:ce:29:54:9a:
         75:6c:68:55:8a:d2:c0:b2:dc:2c:11:ab:7f:69:13:7c:c6:c4:
         d4:16:6d:c6:be:a9:e0:38:d8:f8:dd:27:47:8f:9b:20:d3:45:
         d7:d1:8b:54:d4:12:77:f3:5c:62:38:bd:fb:d8:7b:bd:86:fa:
         70:46:2b:72:4c:aa:e1:d2:9a:46:22:5c:6d:cd:db:de:76:96:
         48:dd:2e:ab:0d:9c:e2:b0:a8:5b:ef:05:d9:9c:da:15:28:c7:
         12:37:3d:bd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDNOpiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYy
MjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRiYWY1ZGQwHhcNMjIwNjA4
MTAwMjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2Y2E0ZGMyZjg2OTZh
YzNlZDQ4ZDMwMjc0ODAyNjJiOGYzM2ZjOWFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsKvas/pD7SBuh18xFfDvg+IzHLIuHtaQx6RUE4Os+pT6EzMu
QdT06/agu82nkEk9cX6mmmXTd2cYq9fOjDtqER+FB2B2JPNQYCd/NSLlnmNOxOOI
VhIjEKQNbt1lkMk994XL8tywwIQbG16OJ+6cHFJwHmR0HzukaPUn/Wm/ITMjFOP8
DLIjTpXQxhFUJqjeh4tJsaX34WZbL3zw2osqg+hkDRiep7gjGs8u9xcENeLlrAp8
UxhBHJHUrTAIozqN0C1Q4pmdab50N7tzzTFQQauw/rficH3POrcoKW2n9POM4P8c
F1pedEI7cOKZJN7KLNjNbeAe7Myoa9nqV5Jt1QIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFGyk3C+Glqw+1I0wJ0gCYrjzP8mrMB8GA1UdIwQYMBaAFPIi++ha5AjTd7IX
1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0LzEv
YktUY0w0YVdyRDdValRBblNBSml1UE1feWFzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8x
YWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0LzEvOGlMNzZGcmtDTk4z
c2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2cfHMA8EAgACMAkDBwAqAE2AAAAw
DQYJKoZIhvcNAQELBQADggEBAHz0bp8YRe5/4iTCiXzgrCUnst5QkHbMMWuJ5yeA
Ql5OpM32dkSuOGJ4FXqQjukO/fdnvnBZpbSyu+otm7m2QoL7lMBo+BbUqF6oYCHu
92sIGyqSyhU2t+xAPU8x9zkj6yaEdxoZWWhDdjMIHgVBD184b/U46vWJZBsGmCjj
q1ihF2ttK6saADgy3QGDxixrKYdPfPV7rLTO4iT1xr9+zilUmnVsaFWK0sCy3CwR
q39pE3zGxNQWbca+qeA42PjdJ0ePmyDTRdfRi1TUEnfzXGI4vfvYe72G+nBGK3JM
quHSmkYiXG3N2952lkjdLqsNnOKwqFvvBdmc2hUoxxI3Pb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:21 2024 by rpki-client on console-fra.rpki-client.org