Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/F_a6Ehl9j1r0uQphAAF0iBgsoTY.roa
File:                     F_a6Ehl9j1r0uQphAAF0iBgsoTY.roa (raw, json)
Hash identifier:          CEAy0wAasreEN8dU14o8hnoIFMayLfilMF2u5gPaUf4=
Subject key identifier:   17:F6:BA:12:19:7D:8F:5A:F4:B9:0A:61:00:01:74:88:18:2C:A1:36
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       434AF795
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/F_a6Ehl9j1r0uQphAAF0iBgsoTY.roa
Signing time:             Sat 01 Jan 2022 07:59:57 +0000
ROA not before:           Sat 01 Jan 2022 07:59:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48894
IP address blocks:        2a03:f80:386::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1128986517 (0x434af795)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Jan  1 07:59:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17f6ba12197d8f5af4b90a6100017488182ca136
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:c2:77:1e:86:1b:b5:2f:73:3c:9d:c0:9c:e0:
                    a3:15:e4:4a:85:98:3c:3b:20:de:9b:85:a1:6d:44:
                    25:22:4e:9a:9c:20:e5:f1:e3:e8:ec:d3:04:44:e7:
                    1c:6e:27:4d:ef:27:14:8e:1f:40:f5:fa:89:42:4e:
                    53:78:c6:d8:aa:4d:4f:66:ea:d5:bb:ba:c2:e8:c9:
                    68:11:c9:61:c9:72:9f:fd:51:13:fa:1d:46:43:46:
                    61:85:02:06:a7:d5:1a:bc:14:18:8a:9a:7d:6e:5c:
                    98:b8:88:3c:b9:94:d6:3c:e3:c2:6e:10:3d:83:6e:
                    2a:8e:36:d7:0b:7a:0f:6e:3f:9a:49:f7:d3:af:a3:
                    49:69:f4:2f:65:2c:28:44:89:40:c1:51:bb:05:4e:
                    8d:4d:db:d2:9c:ec:1c:08:68:fd:e3:10:f3:d7:70:
                    b8:cb:82:8f:76:63:58:3b:f4:61:4a:ef:7f:0d:4c:
                    ea:b7:11:6c:59:f4:49:3b:c5:68:bb:c5:12:94:07:
                    cd:34:8e:5d:2f:cb:34:bc:ff:32:58:07:f3:c1:b9:
                    bd:a3:d4:2f:c9:13:98:fd:7d:77:bd:24:09:6b:93:
                    b5:d7:0c:35:e8:da:e7:99:47:1a:e5:55:76:e5:19:
                    3a:55:aa:8f:57:99:f0:48:ea:37:dd:4c:68:96:fc:
                    10:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:F6:BA:12:19:7D:8F:5A:F4:B9:0A:61:00:01:74:88:18:2C:A1:36
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/F_a6Ehl9j1r0uQphAAF0iBgsoTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:f80:386::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:07:f1:6c:f9:31:eb:28:9e:6b:46:2b:fd:a6:e1:52:03:93:
         da:9b:b4:41:d4:87:ea:8b:f9:97:27:66:9c:1a:a0:56:e1:44:
         63:37:75:3c:07:6a:82:95:53:da:1a:eb:ac:b6:f6:b8:b0:21:
         06:49:83:23:ad:38:81:f0:06:a1:39:ba:2b:c0:24:40:c4:c5:
         46:01:72:bf:d3:dd:d5:d9:95:23:f2:b9:50:6e:e0:47:59:f1:
         48:29:18:69:d6:a0:6e:7f:c3:5f:e5:c2:b6:56:0b:14:89:31:
         e7:96:21:7f:76:04:3f:c6:f2:0d:8f:dc:10:6e:6b:89:a1:aa:
         92:8e:64:99:d8:6c:09:d6:08:a9:0a:4d:07:1f:45:3d:8f:81:
         0a:c6:5e:b6:a5:bc:89:e6:34:de:e1:13:16:38:8c:a5:21:32:
         74:3a:73:15:ba:9d:74:0f:4a:53:7f:55:f1:01:4b:a3:fe:9e:
         d8:0b:71:27:70:ae:09:21:e4:26:85:5a:42:0a:5b:32:ca:14:
         7b:20:64:30:68:8f:7c:7b:34:d2:0b:cf:c0:93:26:27:69:49:
         bd:1b:c8:e5:6e:e6:97:3c:0a:12:1e:ae:42:79:49:1f:01:4c:
         39:0d:29:aa:57:1e:cb:87:b6:28:76:35:b5:50:c2:d4:aa:a5:
         f7:12:05:f1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEQ0r3lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdmNmJhMTIxOTdk
OGY1YWY0YjkwYTYxMDAwMTc0ODgxODJjYTEzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLCdx6GG7UvczydwJzgoxXkSoWYPDsg3puFoW1EJSJOmpwg
5fHj6OzTBETnHG4nTe8nFI4fQPX6iUJOU3jG2KpNT2bq1bu6wujJaBHJYclyn/1R
E/odRkNGYYUCBqfVGrwUGIqafW5cmLiIPLmU1jzjwm4QPYNuKo421wt6D24/mkn3
06+jSWn0L2UsKESJQMFRuwVOjU3b0pzsHAho/eMQ89dwuMuCj3ZjWDv0YUrvfw1M
6rcRbFn0STvFaLvFEpQHzTSOXS/LNLz/MlgH88G5vaPUL8kTmP19d70kCWuTtdcM
Neja55lHGuVVduUZOlWqj1eZ8EjqN91MaJb8EM8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQX9roSGX2PWvS5CmEAAXSIGCyhNjAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L0ZfYTZFaGw5ajFyMHVRcGhBQUYwaUJnc29UWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDD4ADhjANBgkqhkiG9w0BAQsF
AAOCAQEAwQfxbPkx6yiea0Yr/abhUgOT2pu0QdSH6ov5lydmnBqgVuFEYzd1PAdq
gpVT2hrrrLb2uLAhBkmDI604gfAGoTm6K8AkQMTFRgFyv9Pd1dmVI/K5UG7gR1nx
SCkYadagbn/DX+XCtlYLFIkx55Yhf3YEP8byDY/cEG5riaGqko5kmdhsCdYIqQpN
Bx9FPY+BCsZetqW8ieY03uETFjiMpSEydDpzFbqddA9KU39V8QFLo/6e2AtxJ3Cu
CSHkJoVaQgpbMsoUeyBkMGiPfHs00gvPwJMmJ2lJvRvI5W7mlzwKEh6uQnlJHwFM
OQ0pqlcey4e2KHY1tVDC1Kql9xIF8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org