Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/td57j0xvVEVo3O7DP_zDNSzJEVI.roa
File:                     td57j0xvVEVo3O7DP_zDNSzJEVI.roa (raw, json)
Hash identifier:          71mzuwty4rwUfoCFQ9XIkp5PYOipg0RNl5ULf/bJEnk=
Subject key identifier:   B5:DE:7B:8F:4C:6F:54:45:68:DC:EE:C3:3F:FC:C3:35:2C:C9:11:52
Certificate issuer:       /CN=bbe026ef26920909d931ea4dac9d9390486b4153
Certificate serial:       04F93248
Authority key identifier: BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/td57j0xvVEVo3O7DP_zDNSzJEVI.roa
Signing time:             Sat 01 Jan 2022 04:03:52 +0000
ROA not before:           Sat 01 Jan 2022 04:03:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1680
IP address blocks:        2a10:640::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83440200 (0x4f93248)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe026ef26920909d931ea4dac9d9390486b4153
        Validity
            Not Before: Jan  1 04:03:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b5de7b8f4c6f544568dceec33ffcc3352cc91152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:71:13:97:12:30:fb:5d:07:c4:04:42:31:23:
                    67:62:4e:29:8a:ea:67:8e:cd:7d:1b:dc:7c:ae:ea:
                    82:39:2a:c3:07:8c:db:b9:b3:13:e3:82:21:46:14:
                    e7:87:ac:de:d0:d0:74:31:69:48:84:52:82:3a:6b:
                    1c:10:52:d5:49:a1:2e:b0:fe:43:da:f5:58:2a:bf:
                    33:a0:ec:d9:47:ca:98:65:a0:51:26:a6:2b:81:31:
                    8d:21:f2:ec:2c:69:58:e9:e2:e2:2e:df:be:7b:ec:
                    74:84:ec:8a:3d:ed:dd:80:20:79:26:02:21:3a:27:
                    87:4e:58:0d:d1:4b:dd:45:e0:67:f8:90:6a:3c:23:
                    06:5b:2f:7a:c3:8f:eb:db:37:29:5a:54:d8:17:34:
                    d7:84:93:28:c9:66:fe:c1:7e:65:70:3f:6b:bc:91:
                    98:af:c5:cd:fd:cb:5f:75:2e:ed:e1:95:bb:a8:d4:
                    8b:c9:e1:65:86:a2:db:84:63:d1:52:c3:85:a3:14:
                    cd:da:6a:6a:71:4b:1f:7a:d2:c8:2c:f8:fd:70:f0:
                    04:de:f5:c4:f3:1d:a1:e2:e9:9b:bf:dd:3d:2e:4d:
                    e8:72:77:d6:f8:4d:76:1d:d8:57:64:46:48:d6:b6:
                    0e:04:74:c3:c0:9e:5f:ba:f7:70:cf:61:f3:c1:80:
                    4c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:DE:7B:8F:4C:6F:54:45:68:DC:EE:C3:3F:FC:C3:35:2C:C9:11:52
            X509v3 Authority Key Identifier:
                keyid:BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/td57j0xvVEVo3O7DP_zDNSzJEVI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:640::/32

    Signature Algorithm: sha256WithRSAEncryption
         22:42:a4:33:d3:ac:cc:9a:55:6d:37:f3:d5:50:63:7e:b1:f8:
         c1:bb:f6:b4:52:93:23:cd:0e:e2:f1:24:0c:4a:6a:05:53:a8:
         f9:33:06:bc:70:e6:f2:c4:49:b0:70:90:07:3b:31:ba:80:91:
         ac:84:68:3f:c3:01:db:bc:f1:10:1e:ba:8a:58:58:f6:ea:90:
         59:6b:dc:21:c3:b5:cf:d1:79:8a:07:50:5e:7f:08:5e:46:99:
         7f:0b:01:1f:48:96:93:f3:04:0b:7d:1f:e7:79:b5:32:1e:63:
         b2:8e:6c:64:fa:5c:51:b8:91:03:29:49:80:63:cc:ea:d6:80:
         a8:c5:a7:c9:fb:af:c1:9a:c3:a3:bf:d9:d2:42:fc:e3:a1:94:
         16:b4:57:57:cc:65:72:60:bc:e3:b3:c2:00:4d:31:85:8a:67:
         7f:ab:08:4d:bb:c5:8c:12:1e:10:f3:83:68:af:2b:4f:e6:c3:
         ee:71:c6:1a:d9:c7:6b:ea:7f:86:41:cd:10:6f:2b:47:b6:72:
         e6:d6:24:44:3e:4a:e5:80:4a:92:40:9d:66:b5:31:17:46:2e:
         e7:1a:6f:58:05:5c:d1:d8:7e:58:e1:18:58:0f:78:d5:41:f1:
         a5:e1:cf:6f:bb:e5:73:ac:2c:38:3b:e6:ce:7b:24:f2:21:8a:
         b0:f7:1f:0d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBPkySDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmUwMjZlZjI2OTIwOTA5ZDkzMWVhNGRhYzlkOTM5MDQ4NmI0MTUzMB4XDTIyMDEw
MTA0MDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVkZTdiOGY0YzZm
NTQ0NTY4ZGNlZWMzM2ZmY2MzMzUyY2M5MTE1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBxE5cSMPtdB8QEQjEjZ2JOKYrqZ47NfRvcfK7qgjkqwweM
27mzE+OCIUYU54es3tDQdDFpSIRSgjprHBBS1UmhLrD+Q9r1WCq/M6Ds2UfKmGWg
USamK4ExjSHy7CxpWOni4i7fvnvsdITsij3t3YAgeSYCITonh05YDdFL3UXgZ/iQ
ajwjBlsvesOP69s3KVpU2Bc014STKMlm/sF+ZXA/a7yRmK/Fzf3LX3Uu7eGVu6jU
i8nhZYai24Rj0VLDhaMUzdpqanFLH3rSyCz4/XDwBN71xPMdoeLpm7/dPS5N6HJ3
1vhNdh3YV2RGSNa2DgR0w8CeX7r3cM9h88GATP8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBS13nuPTG9URWjc7sM//MM1LMkRUjAfBgNVHSMEGDAWgBS74CbvJpIJCdkx
6k2snZOQSGtBUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3UtQW03eWFTQ1FuWk1lcE5ySjJUa0VoclFWTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYjczYWRkLWVhMGYtNGMyMi05ODBlLTA1OWJhYjAxNWNjMy8x
L3RkNTdqMHh2VkVWbzNPN0RQX3pETlN6SkVWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
YjczYWRkLWVhMGYtNGMyMi05ODBlLTA1OWJhYjAxNWNjMy8xL3UtQW03eWFTQ1Fu
Wk1lcE5ySjJUa0VoclFWTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoQBkAwDQYJKoZIhvcNAQELBQAD
ggEBACJCpDPTrMyaVW0389VQY36x+MG79rRSkyPNDuLxJAxKagVTqPkzBrxw5vLE
SbBwkAc7MbqAkayEaD/DAdu88RAeuopYWPbqkFlr3CHDtc/ReYoHUF5/CF5GmX8L
AR9IlpPzBAt9H+d5tTIeY7KObGT6XFG4kQMpSYBjzOrWgKjFp8n7r8Gaw6O/2dJC
/OOhlBa0V1fMZXJgvOOzwgBNMYWKZ3+rCE27xYwSHhDzg2ivK0/mw+5xxhrZx2vq
f4ZBzRBvK0e2cubWJEQ+SuWASpJAnWa1MRdGLucab1gFXNHYfljhGFgPeNVB8aXh
z2+75XOsLDg75s57JPIhirD3Hw0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:43 2024 by rpki-client on console-fra.rpki-client.org