Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Xnm4wAZDdryGVU_b-hXhJ3lmlsY.roa
File:                     Xnm4wAZDdryGVU_b-hXhJ3lmlsY.roa (raw, json)
Hash identifier:          r+U61tDZPBslSFC7j3ydfrxucT2CBUqmVBXeXRPgGYI=
Subject key identifier:   5E:79:B8:C0:06:43:76:BC:86:55:4F:DB:FA:15:E1:27:79:66:96:C6
Certificate issuer:       /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial:       01855D3F12DA8AEABD7E073108A2C80F8A75
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Xnm4wAZDdryGVU_b-hXhJ3lmlsY.roa
Signing time:             Thu 29 Dec 2022 09:38:12 +0000
ROA not before:           Thu 29 Dec 2022 09:38:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210810
IP address blocks:        2a10:4646:d0::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:5d:3f:12:da:8a:ea:bd:7e:07:31:08:a2:c8:0f:8a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
        Validity
            Not Before: Dec 29 09:38:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e79b8c0064376bc86554fdbfa15e127796696c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:12:94:50:b8:52:d0:b2:93:a9:e4:40:6f:ed:
                    34:a0:d1:aa:bc:32:4b:ff:c6:dd:f6:b3:fa:53:c5:
                    54:1d:64:ff:36:eb:ab:56:f5:56:2a:c6:4d:88:52:
                    2d:c8:e5:67:5d:66:2f:07:f9:42:70:a5:2b:17:ca:
                    c2:84:3b:1a:14:9b:99:a9:49:d5:fc:00:2a:92:60:
                    1d:d3:59:00:b9:ef:03:91:39:5e:c8:07:10:fb:0e:
                    e1:51:6b:2a:3d:fa:a0:6a:f5:50:1c:7f:e7:a9:fa:
                    30:12:ea:52:ca:6b:ae:69:f1:44:50:19:29:15:ce:
                    57:e9:1a:04:82:82:f4:6d:b6:d1:ef:6d:a4:25:25:
                    c1:1f:78:02:05:4c:89:1d:79:40:e4:a2:f2:18:cf:
                    f3:10:64:d3:0a:70:73:a5:5f:a4:44:a3:b0:b5:e9:
                    bc:d9:71:23:e3:05:a4:23:09:62:ae:2d:7f:41:8c:
                    54:dd:d9:02:06:1b:18:40:dc:9f:5d:60:0c:68:6b:
                    c4:9e:94:92:e1:5d:9e:b0:fe:82:23:f6:e7:39:5c:
                    42:bd:fa:3e:91:fd:62:2e:0e:5c:2e:ae:ab:e1:93:
                    26:ec:aa:9a:79:8d:b7:fb:33:d0:a0:83:2b:3b:42:
                    df:ad:1b:e7:12:25:90:4b:53:d4:6b:8f:77:a4:43:
                    3d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:79:B8:C0:06:43:76:BC:86:55:4F:DB:FA:15:E1:27:79:66:96:C6
            X509v3 Authority Key Identifier:
                keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Xnm4wAZDdryGVU_b-hXhJ3lmlsY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4646:d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         43:e6:e7:39:33:05:83:c0:fe:1f:98:a6:47:fe:50:52:7e:34:
         0a:5a:c2:d8:72:54:83:27:eb:d6:be:ae:c0:d8:7f:88:a0:5c:
         48:f0:a2:61:52:77:a4:a4:47:33:ad:62:f1:15:a8:76:44:fc:
         a1:52:ba:41:19:60:9b:c9:2e:98:ff:24:80:b5:e2:a0:67:61:
         16:dc:06:6b:51:fc:f8:89:82:fe:d1:53:51:d5:cf:11:0a:e9:
         54:e7:f3:23:4e:06:ae:6b:f6:50:b2:d9:cc:98:df:71:7f:52:
         17:af:d2:ea:39:c3:cc:36:b0:51:92:80:f8:a9:aa:ae:23:d6:
         69:0b:95:71:f1:83:c1:99:23:9e:49:ad:69:45:44:f9:50:4d:
         f0:8d:a0:6a:a4:05:1e:42:bc:87:ca:85:d1:4a:f5:00:29:c2:
         e7:86:0c:3d:d0:de:b5:7a:c0:bd:13:35:e5:83:fe:bd:d5:a8:
         75:db:d1:c6:1e:99:56:96:bd:af:8e:21:65:a0:2f:0b:a6:66:
         61:d5:8e:4f:9b:22:4a:10:89:f9:e6:79:e7:f1:33:7e:3f:0a:
         eb:3c:1d:e9:65:56:b0:27:99:8b:04:13:56:1a:f1:42:b0:bf:
         ff:47:98:8f:b9:43:cc:7a:d5:cc:62:96:0b:c5:1d:07:e5:85:
         47:b2:cf:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVdPxLaiuq9fgcxCKLID4p1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjIxMjI5MDkzODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc5YjhjMDA2NDM3NmJjODY1NTRmZGJmYTE1ZTEyNzc5NjY5NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhKUULhS0LKTqeRAb+00oNGqvDJL
/8bd9rP6U8VUHWT/NuurVvVWKsZNiFItyOVnXWYvB/lCcKUrF8rChDsaFJuZqUnV
/AAqkmAd01kAue8DkTleyAcQ+w7hUWsqPfqgavVQHH/nqfowEupSymuuafFEUBkp
Fc5X6RoEgoL0bbbR722kJSXBH3gCBUyJHXlA5KLyGM/zEGTTCnBzpV+kRKOwtem8
2XEj4wWkIwliri1/QYxU3dkCBhsYQNyfXWAMaGvEnpSS4V2esP6CI/bnOVxCvfo+
kf1iLg5cLq6r4ZMm7KqaeY23+zPQoIMrO0LfrRvnEiWQS1PUa493pEM93wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF55uMAGQ3a8hlVP2/oV4Sd5ZpbGMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvWG5tNHdBWkRkcnlHVlVfYi1oWGhKM2xtbHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgDQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBD5uc5MwWDwP4fmKZH/lBSfjQKWsLYclSDJ+vW
vq7A2H+IoFxI8KJhUnekpEczrWLxFah2RPyhUrpBGWCbyS6Y/ySAteKgZ2EW3AZr
Ufz4iYL+0VNR1c8RCulU5/MjTgaua/ZQstnMmN9xf1IXr9LqOcPMNrBRkoD4qaqu
I9ZpC5Vx8YPBmSOeSa1pRUT5UE3wjaBqpAUeQryHyoXRSvUAKcLnhgw90N61esC9
EzXlg/691ah129HGHplWlr2vjiFloC8LpmZh1Y5PmyJKEIn55nnn8TN+PwrrPB3p
ZVawJ5mLBBNWGvFCsL//R5iPuUPMetXMYpYLxR0H5YVHss/P
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org