Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/oA_g1dLlLBGd8ZaudlMwv-r4kh0.roa
File:                     oA_g1dLlLBGd8ZaudlMwv-r4kh0.roa (raw, json)
Hash identifier:          B+fjLeCr9PMR7lyxss3rUmX77Y6G7GqreA4tlshs4Qw=
Subject key identifier:   A0:0F:E0:D5:D2:E5:2C:11:9D:F1:96:AE:76:53:30:BF:EA:F8:92:1D
Certificate issuer:       /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial:       04CF4154
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/oA_g1dLlLBGd8ZaudlMwv-r4kh0.roa
Signing time:             Sat 01 Jan 2022 15:05:54 +0000
ROA not before:           Sat 01 Jan 2022 15:05:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     328778
IP address blocks:        2a02:f406:fed0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80691540 (0x4cf4154)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
        Validity
            Not Before: Jan  1 15:05:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a00fe0d5d2e52c119df196ae765330bfeaf8921d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:68:96:8d:83:a3:35:be:89:45:12:dc:20:18:
                    76:1c:a0:77:c9:6f:10:ea:28:e8:99:a0:ec:48:21:
                    26:72:d0:aa:05:99:e0:31:5b:1f:05:23:35:cb:9b:
                    9d:36:1e:9d:bb:4d:71:cc:44:78:b7:d5:21:02:1e:
                    fc:02:f5:b6:35:bb:59:35:e9:37:68:a0:e7:40:d5:
                    8e:f2:87:16:6c:8b:2f:f0:3a:23:dc:b5:06:8b:b6:
                    21:d5:ac:00:ef:d2:6d:1e:db:5c:cf:d2:c8:2f:ea:
                    da:3c:f0:24:c1:15:28:6b:4a:6e:84:b4:38:5c:61:
                    0c:9c:f7:74:93:a8:df:44:ec:f0:5e:43:f7:49:ed:
                    4c:44:2f:29:4d:23:07:80:a8:c1:4b:0e:18:90:90:
                    3b:26:c2:62:31:fe:c2:ab:a2:5e:bd:1a:68:a0:b5:
                    bb:f3:09:a2:64:33:fa:41:b8:14:f8:7f:04:5c:ad:
                    18:cf:cd:ea:f7:b0:f0:6b:45:0a:9c:1d:64:69:5a:
                    04:4e:a9:67:e6:09:44:90:e1:f8:d4:c0:7d:93:53:
                    ab:7e:76:86:09:d6:5f:79:ee:f2:8a:e1:54:f0:84:
                    66:da:b0:c4:6b:1a:bf:e2:6f:22:a1:af:03:77:7f:
                    26:f6:09:e5:8a:7b:00:83:7a:3c:7a:d3:9b:f6:5b:
                    b1:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:0F:E0:D5:D2:E5:2C:11:9D:F1:96:AE:76:53:30:BF:EA:F8:92:1D
            X509v3 Authority Key Identifier:
                keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/oA_g1dLlLBGd8ZaudlMwv-r4kh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:f406:fed0::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:52:59:ff:8f:92:40:87:43:30:33:d4:d6:04:af:d6:31:f7:
         ca:b0:b0:1b:72:91:c3:c1:76:77:40:69:4e:3f:bd:3b:29:2e:
         60:9f:87:c0:02:be:35:91:a3:b9:dc:f9:79:f8:7a:c5:0c:98:
         2f:87:a3:89:49:d2:1c:0c:a7:75:a3:27:65:8a:4c:b2:5a:8a:
         35:d2:80:12:d2:1d:cd:e6:2d:02:57:6d:6b:88:95:94:61:d3:
         20:66:b6:07:65:b9:cd:5a:55:da:28:59:60:38:57:de:6a:80:
         e9:54:5e:33:29:58:4a:c0:88:22:7c:cc:ee:19:ae:5a:96:08:
         07:e3:93:a4:6e:4d:76:23:b0:45:fa:a8:9d:8c:4c:c4:0a:d8:
         a2:b2:8f:5d:10:95:b9:54:24:29:ef:1b:0a:96:c6:24:34:62:
         6f:6e:a2:f5:b4:9f:4e:6c:58:7d:d8:db:e2:a7:f9:b0:b3:35:
         aa:ed:79:08:c7:fb:50:4e:0a:c0:2e:50:1a:3b:65:5b:20:f1:
         b3:7d:f3:3e:01:96:ad:7a:e2:ce:7f:b1:17:33:4f:c8:69:c6:
         5f:d1:7d:99:3d:6b:ee:64:38:d9:50:ce:7f:1f:f2:cc:1a:28:
         d7:0e:7f:27:77:a1:84:94:57:c3:04:93:8d:b9:5f:0c:59:d0:
         f1:58:8f:87
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBM9BVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTczNjRmNTAyNTM0ZTg3NzFhMGM2MjU5Nzk0YzI2ZTI2ZDRiY2E0MB4XDTIyMDEw
MTE1MDU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAwZmUwZDVkMmU1
MmMxMTlkZjE5NmFlNzY1MzMwYmZlYWY4OTIxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJholo2DozW+iUUS3CAYdhygd8lvEOoo6Jmg7EghJnLQqgWZ
4DFbHwUjNcubnTYenbtNccxEeLfVIQIe/AL1tjW7WTXpN2ig50DVjvKHFmyLL/A6
I9y1Bou2IdWsAO/SbR7bXM/SyC/q2jzwJMEVKGtKboS0OFxhDJz3dJOo30Ts8F5D
90ntTEQvKU0jB4CowUsOGJCQOybCYjH+wquiXr0aaKC1u/MJomQz+kG4FPh/BFyt
GM/N6vew8GtFCpwdZGlaBE6pZ+YJRJDh+NTAfZNTq352hgnWX3nu8orhVPCEZtqw
xGsav+JvIqGvA3d/JvYJ5Yp7AIN6PHrTm/ZbsY0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSgD+DV0uUsEZ3xlq52UzC/6viSHTAfBgNVHSMEGDAWgBQpc2T1AlNOh3Gg
xiWXlMJuJtS8pDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tYTms5UUpUVG9keG9NWWxsNVRDYmliVXZLUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDQ1ODIwLTM1NDYtNDA3Yy04M2E1LTBhMGYzZTc4YTQ5My8x
L29BX2cxZExsTEJHZDhaYXVkbE13di1yNGtoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDQ1ODIwLTM1NDYtNDA3Yy04M2E1LTBhMGYzZTc4YTQ5My8xL0tYTms5UUpUVG9k
eG9NWWxsNVRDYmliVXZLUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoC9Ab+0DANBgkqhkiG9w0BAQsF
AAOCAQEAiFJZ/4+SQIdDMDPU1gSv1jH3yrCwG3KRw8F2d0BpTj+9OykuYJ+HwAK+
NZGjudz5efh6xQyYL4ejiUnSHAyndaMnZYpMslqKNdKAEtIdzeYtAldta4iVlGHT
IGa2B2W5zVpV2ihZYDhX3mqA6VReMylYSsCIInzM7hmuWpYIB+OTpG5NdiOwRfqo
nYxMxArYorKPXRCVuVQkKe8bCpbGJDRib26i9bSfTmxYfdjb4qf5sLM1qu15CMf7
UE4KwC5QGjtlWyDxs33zPgGWrXrizn+xFzNPyGnGX9F9mT1r7mQ42VDOfx/yzBoo
1w5/J3ehhJRXwwSTjblfDFnQ8ViPhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:09 2024 by rpki-client on console-ams.rpki-client.org