Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Fut_68hizKRM7yFXJcdc9FrFfEI.roa
File:                     Fut_68hizKRM7yFXJcdc9FrFfEI.roa (raw, json)
Hash identifier:          uh0t03EDb5+1iu9QuXcjtIotEiOg+muatm+rjz2qN/k=
Subject key identifier:   16:EB:7F:EB:C8:62:CC:A4:4C:EF:21:57:25:C7:5C:F4:5A:C5:7C:42
Certificate issuer:       /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial:       3E05E483
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Fut_68hizKRM7yFXJcdc9FrFfEI.roa
Signing time:             Wed 16 Mar 2022 14:43:35 +0000
ROA not before:           Wed 16 Mar 2022 14:43:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397514
IP address blocks:        2a01:488:bb15::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1040573571 (0x3e05e483)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
        Validity
            Not Before: Mar 16 14:43:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16eb7febc862cca44cef215725c75cf45ac57c42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f7:bd:95:1b:44:76:d1:1a:7d:62:27:aa:97:
                    5c:e7:4a:e6:49:d0:65:14:fb:a5:8e:5b:5c:f6:ee:
                    4e:e8:96:f3:2b:f4:3a:98:ac:0b:c8:d0:ba:42:8f:
                    8d:78:2c:8a:e4:06:29:77:9f:82:d8:72:ac:4a:b0:
                    41:d5:9d:0f:8a:ff:99:5a:e5:a3:45:63:82:65:93:
                    5f:08:ab:9a:63:49:0d:98:8b:60:29:36:48:df:08:
                    d2:82:e4:00:34:c5:3e:35:48:b2:e7:81:91:47:36:
                    f8:87:24:22:8e:2a:ed:90:dc:1c:5e:aa:ac:51:5c:
                    a2:f0:eb:db:22:b6:60:2b:dc:63:58:e7:43:50:cc:
                    86:4f:1d:b1:22:06:88:8a:02:68:7a:a4:6a:5f:6d:
                    a6:d4:02:a0:8a:62:a0:95:15:bf:24:c4:0d:ef:f7:
                    b7:d2:8a:7d:21:fa:06:e1:89:4c:5c:53:84:59:00:
                    3c:de:fa:34:ac:a5:a4:06:5b:2f:0c:a2:7d:f7:54:
                    21:ba:90:83:30:5d:50:e3:a8:ed:7f:ce:e3:20:db:
                    6d:f7:1b:f0:e2:19:83:ee:63:3c:98:b2:d2:9f:5c:
                    f5:34:94:14:5a:8c:9e:e2:43:37:40:d7:0e:14:f4:
                    4d:87:09:25:e1:c3:a3:ff:7a:ad:b2:06:c3:be:e6:
                    4b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:EB:7F:EB:C8:62:CC:A4:4C:EF:21:57:25:C7:5C:F4:5A:C5:7C:42
            X509v3 Authority Key Identifier:
                keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Fut_68hizKRM7yFXJcdc9FrFfEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:488:bb15::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:22:fd:30:d7:55:fb:87:b5:31:cc:5d:f5:92:0f:27:fa:9b:
         9d:04:7f:1b:a5:fb:f8:36:63:0a:1a:d7:00:36:f3:20:7e:a8:
         f4:82:d9:3f:5e:fb:4b:11:89:bc:e4:56:1d:e5:e6:14:d8:94:
         e7:d7:4b:b0:0a:3c:92:ca:10:b4:75:bf:db:96:66:b3:f2:33:
         7c:b5:03:05:db:90:a0:45:c7:ee:99:e7:1e:0e:64:bf:dd:91:
         da:06:af:6b:1c:23:40:4c:7a:fa:3e:c1:df:e2:13:6b:b5:a3:
         30:94:c9:3e:47:57:50:6a:d0:c1:1b:3f:9c:07:07:37:63:94:
         0c:d1:f3:b2:a8:c2:6a:f5:ab:11:0e:bd:5c:8c:b0:c4:0b:47:
         07:9f:07:8c:81:8e:8b:92:5e:fb:21:a4:be:39:b8:ac:37:03:
         e1:7b:47:f9:ce:50:9f:6e:40:81:7f:61:43:d6:7b:52:7a:7b:
         cd:73:82:ce:5a:25:83:ed:5c:db:76:4e:3f:e4:5c:26:be:f0:
         57:1a:d4:a5:d3:42:b7:84:47:be:59:6a:ed:a6:34:0a:0a:3a:
         f4:ac:1c:dc:d0:e9:e5:e1:40:3e:94:ae:c6:5e:5d:b2:53:ab:
         3d:b3:06:de:36:05:a9:82:e3:b8:b9:b3:0d:12:51:93:04:a5:
         3d:d6:ed:0f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEPgXkgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDMx
NjE0NDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZlYjdmZWJjODYy
Y2NhNDRjZWYyMTU3MjVjNzVjZjQ1YWM1N2M0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf3vZUbRHbRGn1iJ6qXXOdK5knQZRT7pY5bXPbuTuiW8yv0
OpisC8jQukKPjXgsiuQGKXefgthyrEqwQdWdD4r/mVrlo0VjgmWTXwirmmNJDZiL
YCk2SN8I0oLkADTFPjVIsueBkUc2+IckIo4q7ZDcHF6qrFFcovDr2yK2YCvcY1jn
Q1DMhk8dsSIGiIoCaHqkal9tptQCoIpioJUVvyTEDe/3t9KKfSH6BuGJTFxThFkA
PN76NKylpAZbLwyiffdUIbqQgzBdUOOo7X/O4yDbbfcb8OIZg+5jPJiy0p9c9TSU
FFqMnuJDN0DXDhT0TYcJJeHDo/96rbIGw77mS0cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQW63/ryGLMpEzvIVclx1z0WsV8QjAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L0Z1dF82OGhpektSTTd5RlhKY2RjOUZyRmZFSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBIi7FTANBgkqhkiG9w0BAQsF
AAOCAQEAKiL9MNdV+4e1Mcxd9ZIPJ/qbnQR/G6X7+DZjChrXADbzIH6o9ILZP177
SxGJvORWHeXmFNiU59dLsAo8ksoQtHW/25Zms/IzfLUDBduQoEXH7pnnHg5kv92R
2gavaxwjQEx6+j7B3+ITa7WjMJTJPkdXUGrQwRs/nAcHN2OUDNHzsqjCavWrEQ69
XIywxAtHB58HjIGOi5Je+yGkvjm4rDcD4XtH+c5Qn25AgX9hQ9Z7Unp7zXOCzlol
g+1c23ZOP+RcJr7wVxrUpdNCt4RHvllq7aY0Cgo69Kwc3NDp5eFAPpSuxl5dslOr
PbMG3jYFqYLjuLmzDRJRkwSlPdbtDw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:08 2023 by rpki-client on console-fra.rpki-client.org