Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/KugnSSbx_2xGY0BxDmLiTG87j4U.roa
File:                     KugnSSbx_2xGY0BxDmLiTG87j4U.roa (raw, json)
Hash identifier:          bTuv7uBqDdLQoq3M5zP+TSQEwSwCbvpEq1vOSgqjKZQ=
Subject key identifier:   2A:E8:27:49:26:F1:FF:6C:46:63:40:71:0E:62:E2:4C:6F:3B:8F:85
Certificate issuer:       /CN=ba515836af300f7c71f71dd18b9c3f51c252bb94
Certificate serial:       06A401
Authority key identifier: BA:51:58:36:AF:30:0F:7C:71:F7:1D:D1:8B:9C:3F:51:C2:52:BB:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/KugnSSbx_2xGY0BxDmLiTG87j4U.roa
Signing time:             Tue 10 May 2022 11:28:02 +0000
ROA not before:           Tue 10 May 2022 11:28:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        62.68.75.0/24 maxlen: 24
                          2a12:edc0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435201 (0x6a401)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba515836af300f7c71f71dd18b9c3f51c252bb94
        Validity
            Not Before: May 10 11:28:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ae8274926f1ff6c466340710e62e24c6f3b8f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:9c:c1:db:d3:e5:85:e6:c4:ac:a8:1b:af:43:
                    d2:43:52:5a:28:e5:6a:40:11:85:06:eb:e6:5a:2f:
                    f8:17:72:62:80:65:a2:8c:4b:89:3a:a8:bb:f1:81:
                    9f:ce:61:e2:c0:b0:60:33:27:9c:44:21:e9:68:0c:
                    f3:0a:05:5f:bc:53:e8:e3:f4:23:32:8e:78:16:0d:
                    ed:de:0d:cd:95:7b:80:ee:8e:0e:76:a4:c1:89:86:
                    f0:5d:2d:f4:09:45:cc:82:82:c4:97:65:00:bf:57:
                    77:a7:c7:a7:77:49:8f:34:d6:81:38:07:2e:24:db:
                    e7:46:37:44:53:74:95:49:a1:f0:d2:9e:a6:2a:0c:
                    8c:8b:2f:4c:17:a6:6b:44:a3:ee:e6:c7:8d:3c:f5:
                    23:82:1a:12:be:2b:3f:de:e6:42:6d:93:62:82:6b:
                    a9:18:da:1f:5b:25:7d:1f:29:28:1c:17:3e:d7:cd:
                    54:df:36:0f:fb:0a:64:26:8d:69:79:6d:16:0a:be:
                    77:ca:9c:2d:c6:98:20:ba:9a:ea:97:32:cf:d6:ea:
                    fb:33:68:f9:a4:23:3d:1b:15:48:80:5f:98:c6:05:
                    f0:56:ca:1c:6b:09:0c:22:27:3e:ef:10:32:c1:c9:
                    8b:e0:c4:8e:e0:b3:95:d4:69:03:59:fe:7b:56:85:
                    3c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:E8:27:49:26:F1:FF:6C:46:63:40:71:0E:62:E2:4C:6F:3B:8F:85
            X509v3 Authority Key Identifier:
                keyid:BA:51:58:36:AF:30:0F:7C:71:F7:1D:D1:8B:9C:3F:51:C2:52:BB:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/KugnSSbx_2xGY0BxDmLiTG87j4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.68.75.0/24
                IPv6:
                  2a12:edc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         78:49:40:e7:b9:f4:ca:3e:24:b0:60:c0:93:c9:4b:80:6a:c3:
         f1:f9:c4:a5:4e:89:77:e9:ed:8a:0b:c8:2e:84:50:32:9b:7c:
         44:92:d5:06:ef:de:1f:99:bf:28:3b:55:63:11:1f:bf:58:7b:
         49:b7:9c:cf:00:e1:ec:be:d6:91:f8:87:a8:95:66:f2:18:c6:
         c1:ce:45:51:9c:bf:d9:65:b6:02:ad:02:67:24:4a:24:82:ff:
         06:ac:5f:c4:ed:c8:e5:30:77:64:86:b2:96:59:c8:bd:11:18:
         60:74:6c:6b:df:e5:f0:ad:00:27:41:9f:71:a2:b2:42:dc:75:
         b3:18:bd:d2:14:2c:28:10:bb:bf:ed:45:c7:4e:fd:20:4f:19:
         96:1c:1c:be:ce:dd:1e:63:16:28:97:0f:2a:25:0a:48:cb:23:
         72:c8:5f:3a:96:9b:9e:30:1a:54:8a:86:9d:c7:16:a0:91:9c:
         87:16:49:39:14:78:77:a6:b0:77:d4:61:2e:43:0f:21:ea:3f:
         29:9c:65:f7:1c:11:a4:fe:ae:52:e4:0c:52:5d:ee:57:95:8b:
         4c:df:ff:88:2f:1e:16:7d:7d:b2:cb:18:fd:20:cb:d3:82:f1:
         a2:10:9b:b0:4e:8d:e8:4f:cd:79:50:1a:3e:77:09:f3:e1:e3:
         ac:4f:64:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDBqQBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
NTE1ODM2YWYzMDBmN2M3MWY3MWRkMThiOWMzZjUxYzI1MmJiOTQwHhcNMjIwNTEw
MTEyODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYWU4Mjc0OTI2ZjFm
ZjZjNDY2MzQwNzEwZTYyZTI0YzZmM2I4Zjg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzZzB29PlhebErKgbr0PSQ1JaKOVqQBGFBuvmWi/4F3JigGWi
jEuJOqi78YGfzmHiwLBgMyecRCHpaAzzCgVfvFPo4/QjMo54Fg3t3g3NlXuA7o4O
dqTBiYbwXS30CUXMgoLEl2UAv1d3p8end0mPNNaBOAcuJNvnRjdEU3SVSaHw0p6m
KgyMiy9MF6ZrRKPu5seNPPUjghoSvis/3uZCbZNigmupGNofWyV9HykoHBc+181U
3zYP+wpkJo1peW0WCr53ypwtxpgguprqlzLP1ur7M2j5pCM9GxVIgF+YxgXwVsoc
awkMIic+7xAywcmL4MSO4LOV1GkDWf57VoU8kwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFCroJ0km8f9sRmNAcQ5i4kxvO4+FMB8GA1UdIwQYMBaAFLpRWDavMA98cfcd
0YucP1HCUruUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dWxGWU5xOHdEM3h4OXgzUmk1d19VY0pTdTVRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mMy8zZjkwODctNTcyYS00YzZjLTgwYmUtYmM5MTM0NjZkNDNkLzEv
S3VnblNTYnhfMnhHWTBCeERtTGlURzg3ajRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8z
ZjkwODctNTcyYS00YzZjLTgwYmUtYmM5MTM0NjZkNDNkLzEvdWxGWU5xOHdEM3h4
OXgzUmk1d19VY0pTdTVRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPkRLMA0EAgACMAcDBQMqEu3AMA0G
CSqGSIb3DQEBCwUAA4IBAQB4SUDnufTKPiSwYMCTyUuAasPx+cSlTol36e2KC8gu
hFAym3xEktUG794fmb8oO1VjER+/WHtJt5zPAOHsvtaR+IeolWbyGMbBzkVRnL/Z
ZbYCrQJnJEokgv8GrF/E7cjlMHdkhrKWWci9ERhgdGxr3+XwrQAnQZ9xorJC3HWz
GL3SFCwoELu/7UXHTv0gTxmWHBy+zt0eYxYolw8qJQpIyyNyyF86lpueMBpUioad
xxagkZyHFkk5FHh3prB31GEuQw8h6j8pnGX3HBGk/q5S5AxSXe5XlYtM3/+ILx4W
fX2yyxj9IMvTgvGiEJuwTo3oT815UBo+dwnz4eOsT2Sr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:24 2024 by rpki-client on console-ams.rpki-client.org