Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ex2uovj0OA2t5eXWytzpDSv8tJI.roa
File:                     ex2uovj0OA2t5eXWytzpDSv8tJI.roa (raw, json)
Hash identifier:          Xa7qiSrj9NQuoa85n/oPWN8Q0jbJIH6QkF3GZAUThcU=
Subject key identifier:   7B:1D:AE:A2:F8:F4:38:0D:AD:E5:E5:D6:CA:DC:E9:0D:2B:FC:B4:92
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1F2FFDFA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ex2uovj0OA2t5eXWytzpDSv8tJI.roa
Signing time:             Thu 23 Jun 2022 05:18:17 +0000
ROA not before:           Thu 23 Jun 2022 05:18:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205138
IP address blocks:        2a00:1728:38::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 523238906 (0x1f2ffdfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jun 23 05:18:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7b1daea2f8f4380dade5e5d6cadce90d2bfcb492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:45:05:5b:61:a2:57:b9:f5:97:f4:e3:4e:53:
                    97:c9:97:23:43:45:2b:c4:3c:f4:0e:79:14:b4:08:
                    70:1f:d7:0d:13:ce:aa:6d:d0:38:1d:4b:76:43:16:
                    80:0b:81:20:4b:f2:bd:06:b0:5d:06:af:55:72:fb:
                    b9:95:6c:7e:ba:6f:93:21:ba:8c:c0:35:b7:48:b7:
                    c0:d0:91:dd:c0:f9:6f:ce:0f:f3:e6:f2:96:c4:94:
                    08:c9:23:6b:eb:d7:f8:fa:8b:5b:7c:ba:35:6f:ae:
                    a5:96:4d:24:35:4b:d9:e0:99:28:39:87:e1:46:b3:
                    66:35:4f:da:f2:1f:9a:9f:5c:54:eb:ef:39:42:6b:
                    4b:3d:7f:cf:36:3c:3e:97:4d:66:17:7b:45:0b:3c:
                    7f:08:22:ff:05:c9:fb:ab:f5:19:b6:5e:b2:cd:ef:
                    59:e5:cb:ff:30:f8:0b:62:d6:d1:20:cc:5b:14:81:
                    3c:3f:08:95:67:6e:e0:c3:56:b9:cd:60:eb:96:d1:
                    1f:a0:c4:3e:c2:63:3b:7b:af:46:01:ba:f0:67:d3:
                    50:b4:3c:98:f5:79:2c:55:04:1d:d2:a2:e5:58:98:
                    93:14:1f:bf:81:50:8e:98:cb:50:b2:7c:1d:94:53:
                    2a:06:60:80:f8:04:39:ee:32:79:d9:86:0a:82:8c:
                    28:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:1D:AE:A2:F8:F4:38:0D:AD:E5:E5:D6:CA:DC:E9:0D:2B:FC:B4:92
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ex2uovj0OA2t5eXWytzpDSv8tJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1728:38::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:ef:cb:8c:a7:b9:13:35:ef:c8:8b:d8:27:8c:df:47:02:04:
         44:13:2c:81:54:9e:9f:75:28:7f:df:ab:7b:78:cc:4b:d7:3b:
         e0:62:51:a8:d6:86:ae:7b:a3:fd:66:30:5d:fa:00:8c:1d:2c:
         e3:af:91:83:70:a9:73:8b:bf:97:6f:e3:e4:f6:d5:56:1a:a0:
         f0:94:50:87:49:65:62:aa:17:4b:fb:01:64:84:9c:6a:fc:ef:
         07:7e:4d:ef:bd:e7:9d:b1:b2:84:d2:a8:33:0b:62:39:66:60:
         7e:6c:a2:cb:d7:ec:7c:37:af:6e:ac:4b:56:b8:d2:48:54:57:
         94:c3:f1:e2:c1:63:46:fa:94:fb:ce:c5:7d:98:77:03:d9:46:
         35:fd:e0:ba:f1:6e:53:4c:1d:fa:19:9d:03:2f:14:bf:af:ac:
         b9:0f:ea:87:fb:95:af:83:df:23:22:2a:3b:53:b6:3a:10:1b:
         3b:7a:52:da:9c:28:b4:4e:b8:12:8a:b9:b5:c0:7c:0b:64:ac:
         19:a7:cf:41:63:98:62:6b:18:d4:f4:e4:b7:36:ef:4d:45:7e:
         11:3f:e3:c7:5c:90:aa:39:46:0b:97:f2:a6:62:0f:0f:7c:e5:
         ba:ad:c6:a3:68:9d:b2:02:9a:d1:1f:33:33:74:b7:16:c1:c4:
         2d:7b:10:f8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEHy/9+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
MzA1MTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2IxZGFlYTJmOGY0
MzgwZGFkZTVlNWQ2Y2FkY2U5MGQyYmZjYjQ5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1FBVthole59Zf0405Tl8mXI0NFK8Q89A55FLQIcB/XDRPO
qm3QOB1LdkMWgAuBIEvyvQawXQavVXL7uZVsfrpvkyG6jMA1t0i3wNCR3cD5b84P
8+bylsSUCMkja+vX+PqLW3y6NW+upZZNJDVL2eCZKDmH4UazZjVP2vIfmp9cVOvv
OUJrSz1/zzY8PpdNZhd7RQs8fwgi/wXJ+6v1GbZess3vWeXL/zD4C2LW0SDMWxSB
PD8IlWdu4MNWuc1g65bRH6DEPsJjO3uvRgG68GfTULQ8mPV5LFUEHdKi5ViYkxQf
v4FQjpjLULJ8HZRTKgZggPgEOe4yedmGCoKMKKcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR7Ha6i+PQ4Da3l5dbK3OkNK/y0kjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2V4MnVvdmowT0EydDVlWFd5dHpwRFN2OHRKSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAFygAODANBgkqhkiG9w0BAQsF
AAOCAQEAT+/LjKe5EzXvyIvYJ4zfRwIERBMsgVSen3Uof9+re3jMS9c74GJRqNaG
rnuj/WYwXfoAjB0s46+Rg3Cpc4u/l2/j5PbVVhqg8JRQh0llYqoXS/sBZIScavzv
B35N773nnbGyhNKoMwtiOWZgfmyiy9fsfDevbqxLVrjSSFRXlMPx4sFjRvqU+87F
fZh3A9lGNf3guvFuU0wd+hmdAy8Uv6+suQ/qh/uVr4PfIyIqO1O2OhAbO3pS2pwo
tE64Eoq5tcB8C2SsGafPQWOYYmsY1PTktzbvTUV+ET/jx1yQqjlGC5fypmIPD3zl
uq3Go2idsgKa0R8zM3S3FsHELXsQ+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:39 2024 by rpki-client on console-ams.rpki-client.org