Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/x7scBiCtH51GkzIBF9o4CQptRWE.roa
File:                     x7scBiCtH51GkzIBF9o4CQptRWE.roa (raw, json)
Hash identifier:          lACaucCjfHrLIH83XoASph+jqcbyAPZ0Etd6CAgE4TI=
Subject key identifier:   C7:BB:1C:06:20:AD:1F:9D:46:93:32:01:17:DA:38:09:0A:6D:45:61
Certificate issuer:       /CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
Certificate serial:       0ED9518C
Authority key identifier: 19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/x7scBiCtH51GkzIBF9o4CQptRWE.roa
Signing time:             Wed 04 May 2022 14:18:32 +0000
ROA not before:           Wed 04 May 2022 14:18:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39392
IP address blocks:        2a02:6ea0:cd77::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 249123212 (0xed9518c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
        Validity
            Not Before: May  4 14:18:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c7bb1c0620ad1f9d4693320117da38090a6d4561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:23:74:68:03:2e:a7:ee:03:1e:19:61:2e:d2:
                    07:1f:13:3f:41:d5:95:ad:a0:25:84:a5:1c:db:3f:
                    3d:ff:09:c6:2f:c7:90:66:46:22:44:3c:cb:a9:57:
                    03:dc:cd:db:4c:08:ed:57:63:93:35:4b:59:ee:18:
                    8e:ee:95:8c:68:07:b9:d0:b2:86:f3:67:2d:18:01:
                    5a:b9:f1:76:66:74:8d:9e:fc:f6:16:35:db:55:4d:
                    3f:14:a8:e0:c5:50:b8:6f:49:64:6f:20:4b:3f:f4:
                    e8:03:ca:dc:2c:cf:c4:e6:dc:a9:64:7a:3d:a5:55:
                    c6:c0:22:e9:4c:4d:25:ea:7e:30:96:e0:2b:fc:a5:
                    d9:bf:12:68:71:bf:84:3d:ce:86:22:04:ef:bd:d5:
                    58:c2:86:5e:fe:5d:8f:ec:e3:7e:71:1b:f6:5c:da:
                    75:7c:6a:ba:a2:3d:3b:26:76:bb:81:0a:ab:b2:33:
                    f8:55:d1:8e:8e:d3:1e:8b:9f:46:c6:91:86:e2:b5:
                    a0:a0:21:f8:37:cc:1c:a1:6b:61:4c:64:00:23:d3:
                    e2:28:17:0e:fa:23:ea:36:24:f3:97:87:6f:e7:8f:
                    a2:6a:01:98:5a:cb:a4:2f:18:a8:f1:a9:e0:74:3b:
                    54:a3:b0:99:5f:e3:49:b0:96:ab:26:58:f0:eb:1a:
                    a4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:BB:1C:06:20:AD:1F:9D:46:93:32:01:17:DA:38:09:0A:6D:45:61
            X509v3 Authority Key Identifier:
                keyid:19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/x7scBiCtH51GkzIBF9o4CQptRWE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/GRk80M-5OVmJNY4DljEs-7HIj_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:6ea0:cd77::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:cf:d5:82:0b:bd:b5:8c:bd:df:d4:60:e4:46:f2:74:6c:db:
         97:2f:d0:c6:62:af:ad:7a:96:74:29:34:a5:1e:08:f0:cc:4e:
         f3:6f:60:d4:1f:e2:9e:c6:b9:f9:75:ab:04:0b:55:0f:79:fa:
         6c:1d:1a:c3:76:76:21:70:ac:cc:59:04:33:35:0b:ca:82:da:
         47:f3:d7:6a:64:fc:66:3f:08:d3:b8:ae:b9:48:32:20:1c:9a:
         02:35:cd:b1:79:f6:8d:29:c0:31:2e:05:0c:d2:17:7e:a8:29:
         a2:91:06:da:5e:d8:06:a3:e1:65:7b:85:de:f0:c4:b5:c4:f6:
         57:0e:e5:8b:86:5a:cb:b7:68:e5:5f:d9:60:fd:b6:53:c9:c3:
         0b:2c:ec:1b:ac:32:28:cf:31:95:f8:bb:0b:3f:34:df:9e:9b:
         e0:ba:fb:fc:44:f2:ce:65:e4:d0:08:ee:1c:3d:70:85:2c:a6:
         b6:7b:7e:4e:04:49:46:f1:82:8f:77:6c:0e:51:d4:2a:8d:8b:
         20:ec:c1:6e:25:7b:6e:0a:0d:eb:1a:fd:28:5f:b0:c0:e2:c3:
         f0:66:d3:22:ca:73:7a:e0:0d:07:2f:a5:7b:e8:07:78:02:e0:
         f1:2b:18:46:a9:d6:b9:9b:0c:4b:f6:67:d1:ab:2c:69:7d:b7:
         ad:ef:5c:8f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDtlRjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTE5M2NkMGNmYjkzOTU5ODkzNThlMDM5NjMxMmNmYmIxYzg4ZmZlMB4XDTIyMDUw
NDE0MTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdiYjFjMDYyMGFk
MWY5ZDQ2OTMzMjAxMTdkYTM4MDkwYTZkNDU2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0jdGgDLqfuAx4ZYS7SBx8TP0HVla2gJYSlHNs/Pf8Jxi/H
kGZGIkQ8y6lXA9zN20wI7VdjkzVLWe4Yju6VjGgHudCyhvNnLRgBWrnxdmZ0jZ78
9hY121VNPxSo4MVQuG9JZG8gSz/06APK3CzPxObcqWR6PaVVxsAi6UxNJep+MJbg
K/yl2b8SaHG/hD3OhiIE773VWMKGXv5dj+zjfnEb9lzadXxquqI9OyZ2u4EKq7Iz
+FXRjo7THoufRsaRhuK1oKAh+DfMHKFrYUxkACPT4igXDvoj6jYk85eHb+ePomoB
mFrLpC8YqPGp4HQ7VKOwmV/jSbCWqyZY8OsapCECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTHuxwGIK0fnUaTMgEX2jgJCm1FYTAfBgNVHSMEGDAWgBQZGTzQz7k5WYk1
jgOWMSz7sciP/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dSazgwTS01T1ZtSk5ZNERsakVzLTdISWpfNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMGQ2OGQ0LWFkYjMtNGZmOS1iNzhhLTRlZjlkMDdjNDQwNS8x
L3g3c2NCaUN0SDUxR2t6SUJGOW80Q1FwdFJXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MGQ2OGQ0LWFkYjMtNGZmOS1iNzhhLTRlZjlkMDdjNDQwNS8xL0dSazgwTS01T1Zt
Sk5ZNERsakVzLTdISWpfNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCbqDNdzANBgkqhkiG9w0BAQsF
AAOCAQEACc/Vggu9tYy939Rg5EbydGzbly/QxmKvrXqWdCk0pR4I8MxO829g1B/i
nsa5+XWrBAtVD3n6bB0aw3Z2IXCszFkEMzULyoLaR/PXamT8Zj8I07iuuUgyIBya
AjXNsXn2jSnAMS4FDNIXfqgpopEG2l7YBqPhZXuF3vDEtcT2Vw7li4Zay7do5V/Z
YP22U8nDCyzsG6wyKM8xlfi7Cz80356b4Lr7/ETyzmXk0AjuHD1whSymtnt+TgRJ
RvGCj3dsDlHUKo2LIOzBbiV7bgoN6xr9KF+wwOLD8GbTIspzeuANBy+le+gHeALg
8SsYRqnWuZsMS/Zn0assaX23re9cjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org