Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/YUmAXnIlhK9Rw6f1T8uDbEF84hY.roa
File:                     YUmAXnIlhK9Rw6f1T8uDbEF84hY.roa (raw, json)
Hash identifier:          iw3kQiUg6KHNASrM6CtAMLFRoyAr3YcFIpy/sNR12EE=
Subject key identifier:   61:49:80:5E:72:25:84:AF:51:C3:A7:F5:4F:CB:83:6C:41:7C:E2:16
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       093FC8A2
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/YUmAXnIlhK9Rw6f1T8uDbEF84hY.roa
Signing time:             Sat 01 Jan 2022 16:01:06 +0000
ROA not before:           Sat 01 Jan 2022 16:01:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398355
IP address blocks:        2a0b:b87:ffbd::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155175074 (0x93fc8a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:01:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6149805e722584af51c3a7f54fcb836c417ce216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:72:b6:23:5e:ed:96:30:18:62:b1:ad:49:6d:
                    46:ee:90:c6:9f:c7:a0:eb:6c:8b:79:9e:f8:3f:98:
                    af:af:28:ff:3c:0e:17:e7:92:37:e3:a8:ce:39:b8:
                    cf:0e:f4:14:22:ef:39:0f:99:af:a9:69:25:cc:37:
                    fe:f8:b4:1e:5b:45:0c:9b:d9:c9:9c:8d:38:5a:27:
                    c8:cb:03:50:d4:47:dd:68:5d:65:c8:41:55:c5:29:
                    d4:86:f5:ec:a7:57:e3:e6:87:d3:78:e1:64:93:87:
                    ce:b1:46:19:4e:22:5c:e5:f5:5c:0c:be:7a:c1:44:
                    c7:3f:86:0d:12:b7:8d:33:18:f8:f3:e5:66:5e:87:
                    f0:d2:74:9f:88:7e:79:82:ba:ca:0b:3f:d2:ef:d9:
                    c9:14:9f:b6:02:02:ed:e4:68:a1:87:47:53:0b:fe:
                    6c:00:28:5c:7e:cf:13:98:1d:fa:88:37:20:08:47:
                    15:b4:6b:98:b0:fe:9a:3a:79:99:16:69:cf:a9:dc:
                    67:72:53:09:00:30:4c:f8:d9:46:74:8a:54:0e:ca:
                    c9:5a:8f:8a:91:52:8b:8a:a0:e2:44:d1:0f:02:4e:
                    43:84:aa:ac:7b:9b:23:11:f9:51:52:6b:ee:96:34:
                    fe:5f:74:19:5e:93:4e:62:28:1d:42:7b:52:b4:44:
                    50:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:49:80:5E:72:25:84:AF:51:C3:A7:F5:4F:CB:83:6C:41:7C:E2:16
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/YUmAXnIlhK9Rw6f1T8uDbEF84hY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b87:ffbd::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:3c:68:97:6a:55:9a:6f:5a:35:09:de:62:fb:c6:c5:5c:c5:
         d9:e3:bf:8d:1c:6d:85:cd:1e:e0:7c:05:1c:4c:ba:a6:13:5b:
         0c:a0:04:18:cb:0f:6a:e5:18:ef:e1:81:d1:b2:ff:a8:56:64:
         48:e1:6f:58:1a:24:4b:c3:d5:cc:05:0e:8c:45:5c:73:b4:38:
         90:af:49:2b:2b:d1:1c:6e:b2:03:c0:3a:d5:6d:87:5d:9d:8d:
         27:97:e2:ef:bd:18:03:ca:a5:84:89:b9:76:a2:4f:e9:04:a0:
         52:63:d6:8d:51:31:0a:43:27:53:7d:42:cf:5e:78:52:70:55:
         08:5c:18:99:35:71:37:43:7c:38:98:fb:a6:be:d8:c5:27:6e:
         8a:1e:94:9b:0d:13:41:18:de:96:df:4b:7a:b1:fb:d8:85:f9:
         52:67:97:ca:f1:5f:99:52:bd:a1:76:16:2e:cd:6e:bc:2e:76:
         0a:ab:b4:31:2a:5b:8c:01:2e:36:a5:0f:85:7b:69:40:9b:bd:
         36:59:6d:b5:20:6c:18:ae:4e:3a:31:52:f7:f2:89:b9:07:a0:
         2e:2b:65:6b:b1:05:05:08:26:15:a0:b7:a9:85:15:aa:d4:5b:
         00:cd:db:d7:6c:90:43:e5:98:0a:cb:37:57:36:f0:0d:27:7a:
         aa:12:f3:f7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECT/IojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE0OTgwNWU3MjI1
ODRhZjUxYzNhN2Y1NGZjYjgzNmM0MTdjZTIxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPBytiNe7ZYwGGKxrUltRu6Qxp/HoOtsi3me+D+Yr68o/zwO
F+eSN+Oozjm4zw70FCLvOQ+Zr6lpJcw3/vi0HltFDJvZyZyNOFonyMsDUNRH3Whd
ZchBVcUp1Ib17KdX4+aH03jhZJOHzrFGGU4iXOX1XAy+esFExz+GDRK3jTMY+PPl
Zl6H8NJ0n4h+eYK6ygs/0u/ZyRSftgIC7eRooYdHUwv+bAAoXH7PE5gd+og3IAhH
FbRrmLD+mjp5mRZpz6ncZ3JTCQAwTPjZRnSKVA7KyVqPipFSi4qg4kTRDwJOQ4Sq
rHubIxH5UVJr7pY0/l90GV6TTmIoHUJ7UrREUCMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRhSYBeciWEr1HDp/VPy4NsQXziFjAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L1lVbUFYbklsaEs5Unc2ZjFUOHVEYkVGODRoWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4f/vTANBgkqhkiG9w0BAQsF
AAOCAQEAVTxol2pVmm9aNQneYvvGxVzF2eO/jRxthc0e4HwFHEy6phNbDKAEGMsP
auUY7+GB0bL/qFZkSOFvWBokS8PVzAUOjEVcc7Q4kK9JKyvRHG6yA8A61W2HXZ2N
J5fi770YA8qlhIm5dqJP6QSgUmPWjVExCkMnU31Cz154UnBVCFwYmTVxN0N8OJj7
pr7YxSduih6Umw0TQRjelt9LerH72IX5UmeXyvFfmVK9oXYWLs1uvC52Cqu0MSpb
jAEuNqUPhXtpQJu9NllttSBsGK5OOjFS9/KJuQegLitla7EFBQgmFaC3qYUVqtRb
AM3b12yQQ+WYCss3VzbwDSd6qhLz9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org