Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zTBuPTQE-KJ4z46ddjXsJ8inROE.roa
File:                     zTBuPTQE-KJ4z46ddjXsJ8inROE.roa (raw, json)
Hash identifier:          W9zxJ723TgGKV4E4j1xY1kaYLyA0/9XdhyNnRZedW9Q=
Subject key identifier:   CD:30:6E:3D:34:04:F8:A2:78:CF:8E:9D:76:35:EC:27:C8:A7:44:E1
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       093724CE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zTBuPTQE-KJ4z46ddjXsJ8inROE.roa
Signing time:             Sat 01 Jan 2022 16:01:00 +0000
ROA not before:           Sat 01 Jan 2022 16:01:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212623
IP address blocks:        2a0b:b83:ff::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154608846 (0x93724ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:01:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd306e3d3404f8a278cf8e9d7635ec27c8a744e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ab:58:09:9c:e5:33:9b:85:91:85:3c:3f:a3:
                    39:96:54:71:e5:4b:04:e8:63:2d:56:6f:12:f0:7f:
                    23:aa:77:07:2f:9f:92:86:c2:9d:95:9e:ec:82:c3:
                    e8:69:a2:7b:53:e6:ad:09:4b:51:e3:d3:04:6d:31:
                    b1:23:83:80:ab:00:4e:0e:64:b7:0f:eb:2d:9d:2a:
                    b2:5f:7d:56:32:74:f4:db:5b:a5:44:10:23:e9:00:
                    87:e9:28:c4:09:b1:36:fe:2f:76:44:74:ed:cc:fc:
                    2a:fa:7b:d3:72:66:e2:e5:2e:66:be:b8:83:c5:54:
                    66:52:2a:b0:37:5b:eb:fe:b9:92:d5:60:a5:7e:d3:
                    a4:66:9e:29:38:00:98:e3:a0:5f:08:e2:89:0c:c8:
                    c1:7d:04:d9:51:7c:fb:d5:6d:65:4e:93:b5:21:bd:
                    6d:18:6c:36:40:57:47:0e:a0:41:63:26:11:7e:18:
                    81:c3:ca:2d:2f:8c:19:51:0b:24:ca:cd:71:7c:7b:
                    a6:35:cc:49:d9:46:5c:fa:e3:a7:ef:36:4b:7b:42:
                    06:0f:61:47:46:6e:46:c4:a6:e4:67:6c:ca:e0:46:
                    45:56:b4:5d:bb:3a:e4:a0:6d:9d:ab:c8:4c:1c:2d:
                    d7:5b:68:9b:00:76:26:34:46:fd:6b:81:a6:71:52:
                    d9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:30:6E:3D:34:04:F8:A2:78:CF:8E:9D:76:35:EC:27:C8:A7:44:E1
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/zTBuPTQE-KJ4z46ddjXsJ8inROE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:b83:ff::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:45:4f:40:96:97:2f:79:db:58:42:c7:85:db:02:be:10:13:
         5a:6b:52:38:e8:72:3f:0b:02:aa:6e:8d:60:ae:b4:27:be:a9:
         90:cb:92:e8:40:1a:cc:23:61:fa:c6:43:56:5a:66:aa:42:f2:
         0b:83:dd:79:01:de:5d:c3:cc:ca:4c:de:d8:13:db:1e:3c:a9:
         5e:66:b3:69:c7:3b:fa:8b:ca:3f:e2:cb:9d:64:74:f6:8e:bf:
         9f:4f:1f:f0:36:d4:1a:71:f6:87:8d:d0:ee:8a:f8:6c:15:cb:
         b3:cb:b1:d2:ca:aa:27:6c:19:55:18:d0:47:86:68:b8:3c:a6:
         bb:a7:f5:71:09:55:62:41:b1:34:b0:08:cf:8a:16:35:67:57:
         da:dc:3c:e9:46:71:f6:9b:7e:06:b9:87:0b:ff:65:d6:40:2e:
         35:e3:88:77:96:77:e2:21:9f:30:6c:fa:3d:0e:fa:25:9d:68:
         59:0d:2d:1b:e7:15:c4:4c:75:5a:5c:95:07:22:0a:39:10:9e:
         c6:a5:8f:2a:a7:25:f3:cc:a4:31:0c:cf:7f:30:0a:0a:77:da:
         eb:88:7c:7e:ff:9d:59:88:71:f9:6d:df:c4:ef:41:3e:fe:db:
         cf:e8:2c:8d:2c:33:b0:d7:b8:0f:94:5e:df:8d:73:27:ec:78:
         88:5c:28:b7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECTckzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QzMDZlM2QzNDA0
ZjhhMjc4Y2Y4ZTlkNzYzNWVjMjdjOGE3NDRlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOrWAmc5TObhZGFPD+jOZZUceVLBOhjLVZvEvB/I6p3By+f
kobCnZWe7ILD6Gmie1PmrQlLUePTBG0xsSODgKsATg5ktw/rLZ0qsl99VjJ09Ntb
pUQQI+kAh+koxAmxNv4vdkR07cz8Kvp703Jm4uUuZr64g8VUZlIqsDdb6/65ktVg
pX7TpGaeKTgAmOOgXwjiiQzIwX0E2VF8+9VtZU6TtSG9bRhsNkBXRw6gQWMmEX4Y
gcPKLS+MGVELJMrNcXx7pjXMSdlGXPrjp+82S3tCBg9hR0ZuRsSm5GdsyuBGRVa0
Xbs65KBtnavITBwt11tomwB2JjRG/WuBpnFS2SsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTNMG49NAT4onjPjp12NewnyKdE4TAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L3pUQnVQVFFFLUtKNHo0NmRkalhzSjhpblJPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoLC4MA/zANBgkqhkiG9w0BAQsF
AAOCAQEAsEVPQJaXL3nbWELHhdsCvhATWmtSOOhyPwsCqm6NYK60J76pkMuS6EAa
zCNh+sZDVlpmqkLyC4PdeQHeXcPMykze2BPbHjypXmazacc7+ovKP+LLnWR09o6/
n08f8DbUGnH2h43Q7or4bBXLs8ux0sqqJ2wZVRjQR4ZouDymu6f1cQlVYkGxNLAI
z4oWNWdX2tw86UZx9pt+BrmHC/9l1kAuNeOId5Z34iGfMGz6PQ76JZ1oWQ0tG+cV
xEx1WlyVByIKORCexqWPKqcl88ykMQzPfzAKCnfa64h8fv+dWYhx+W3fxO9BPv7b
z+gsjSwzsNe4D5Re341zJ+x4iFwotw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org