Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/_xIav5wHZkwRpmpyii94aqeo_Mc.roa
File:                     _xIav5wHZkwRpmpyii94aqeo_Mc.roa (raw, json)
Hash identifier:          z9LMLG++szCniwTRsm/A5ZQedaAxibbIBIFCb1HuD+o=
Subject key identifier:   FF:12:1A:BF:9C:07:66:4C:11:A6:6A:72:8A:2F:78:6A:A7:A8:FC:C7
Certificate issuer:       /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial:       011EACCD
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/_xIav5wHZkwRpmpyii94aqeo_Mc.roa
Signing time:             Sat 01 Jan 2022 00:58:53 +0000
ROA not before:           Sat 01 Jan 2022 00:58:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212568
IP address blocks:        2a11:e487:cafe::/48 maxlen: 48
                          2a11:e487:affe::/48 maxlen: 48
                          2a11:e487:dead::/48 maxlen: 48
                          2a11:e487:42::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18787533 (0x11eaccd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
        Validity
            Not Before: Jan  1 00:58:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ff121abf9c07664c11a66a728a2f786aa7a8fcc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2c:38:fe:24:49:60:3f:f9:40:04:ea:dd:05:
                    ff:d5:df:ff:8c:b2:12:99:1d:06:8d:99:25:50:ca:
                    6d:40:78:09:81:0d:06:f5:26:0a:07:91:16:1c:da:
                    8d:1a:e4:78:45:79:52:17:b3:e9:49:4f:ba:2c:7f:
                    72:33:e3:33:f8:3e:7f:fb:51:d5:05:24:6b:21:2d:
                    6a:3c:18:82:71:36:34:48:0e:dc:e6:72:c0:b0:bd:
                    d5:81:49:29:58:50:a9:7e:39:4e:9c:ef:4c:d8:00:
                    0a:12:f5:59:4e:b4:97:f0:36:54:d4:e1:86:85:2e:
                    11:cf:67:09:33:6c:6c:53:c7:9e:18:8d:33:81:3d:
                    e1:70:50:d2:e7:e6:a0:23:f8:ba:06:bd:9c:87:f8:
                    f1:fe:cb:d8:cd:b8:f5:09:36:35:e3:1c:b3:6b:01:
                    5e:42:22:61:38:b4:ef:6a:4c:35:d9:73:7d:00:0e:
                    8c:b8:b4:cb:bf:87:ea:59:86:23:bb:b9:e3:fc:f2:
                    fd:d9:8f:df:0b:2d:ae:54:76:12:2b:af:b3:b8:aa:
                    53:46:d9:47:91:45:27:80:42:a0:2b:c8:e1:9f:31:
                    6e:c3:2e:b2:c2:e0:17:33:65:ca:dd:14:5e:66:fb:
                    16:73:c5:85:57:12:27:ff:c6:53:e4:8f:bb:6e:4c:
                    7f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:12:1A:BF:9C:07:66:4C:11:A6:6A:72:8A:2F:78:6A:A7:A8:FC:C7
            X509v3 Authority Key Identifier:
                keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/_xIav5wHZkwRpmpyii94aqeo_Mc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:e487:42::/48
                  2a11:e487:affe::/48
                  2a11:e487:cafe::/48
                  2a11:e487:dead::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:b4:5a:47:2a:32:89:ba:82:3b:84:6f:8b:1d:27:2b:50:f0:
         70:99:bb:e9:e2:b6:e9:d3:67:04:bd:80:86:4d:b6:cf:51:bc:
         c6:40:0b:66:76:1e:93:98:9d:77:54:04:a7:ff:8b:d0:dd:6c:
         08:eb:81:c9:3b:22:15:f9:f6:c9:04:62:ce:fd:22:83:c8:f6:
         9f:d6:63:29:30:ba:49:2e:c3:5b:fc:7b:40:de:d2:f9:93:f4:
         0f:1d:15:d0:7c:f9:2b:b0:82:71:d8:cd:57:56:c2:3e:94:a3:
         33:4c:da:f4:08:53:92:f3:2e:84:e0:9d:6a:10:a0:6b:a1:16:
         c4:15:71:2a:cc:4a:20:42:9d:7b:b1:7e:35:71:f3:80:1f:41:
         96:6b:0a:72:c5:65:44:a0:a0:ae:a6:00:9d:70:28:1a:80:f5:
         49:14:2b:b2:40:86:f4:14:c8:4a:28:50:9a:86:b8:a3:02:0c:
         c4:47:16:5e:15:35:59:b9:64:b1:9d:36:9c:65:29:f3:12:72:
         70:b4:77:b7:e1:c6:72:c4:01:65:11:8f:d2:a5:6f:bf:43:50:
         94:ef:b2:9f:ef:83:11:21:0a:e0:92:31:3b:5a:5b:7c:33:d0:
         a2:4b:ad:a8:b7:5b:3a:08:35:11:5c:91:4b:95:f7:8a:45:dd:
         fa:27:a0:cf
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAR6szTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmFmY2Q4ZmI0MGFhZTFkMjQzYzJhOGNlMjU0MWE2OTk4N2VlZDEzMB4XDTIyMDEw
MTAwNTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYxMjFhYmY5YzA3
NjY0YzExYTY2YTcyOGEyZjc4NmFhN2E4ZmNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgsOP4kSWA/+UAE6t0F/9Xf/4yyEpkdBo2ZJVDKbUB4CYEN
BvUmCgeRFhzajRrkeEV5Uhez6UlPuix/cjPjM/g+f/tR1QUkayEtajwYgnE2NEgO
3OZywLC91YFJKVhQqX45TpzvTNgAChL1WU60l/A2VNThhoUuEc9nCTNsbFPHnhiN
M4E94XBQ0ufmoCP4uga9nIf48f7L2M249Qk2NeMcs2sBXkIiYTi072pMNdlzfQAO
jLi0y7+H6lmGI7u54/zy/dmP3wstrlR2Eiuvs7iqU0bZR5FFJ4BCoCvI4Z8xbsMu
ssLgFzNlyt0UXmb7FnPFhVcSJ//GU+SPu25Mfx0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBT/Ehq/nAdmTBGmanKKL3hqp6j8xzAfBgNVHSMEGDAWgBRWr82PtAquHSQ8
KoziVBppmH7tEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxX05qN1FLcmgwa1BDcU00bFFhYVpoLTdSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvNGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8x
L194SWF2NXdIWmt3UnBtcHlpaTk0YXFlb19NYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
NGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8xL1ZxX05qN1FLcmgw
a1BDcU00bFFhYVpoLTdSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHACoR5IcAQgMHACoR5Iev/gMHACoR
5IfK/gMHACoR5IferTANBgkqhkiG9w0BAQsFAAOCAQEAWrRaRyoyibqCO4Rvix0n
K1DwcJm76eK26dNnBL2Ahk22z1G8xkALZnYek5idd1QEp/+L0N1sCOuByTsiFfn2
yQRizv0ig8j2n9ZjKTC6SS7DW/x7QN7S+ZP0Dx0V0Hz5K7CCcdjNV1bCPpSjM0za
9AhTkvMuhOCdahCga6EWxBVxKsxKIEKde7F+NXHzgB9BlmsKcsVlRKCgrqYAnXAo
GoD1SRQrskCG9BTISihQmoa4owIMxEcWXhU1WblksZ02nGUp8xJycLR3t+HGcsQB
ZRGP0qVvv0NQlO+yn++DESEK4JIxO1pbfDPQokutqLdbOgg1EVyRS5X3ikXd+ieg
zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org