Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0akxF2-nAiiQMyDfJFH3fWl3DdI.roa
File:                     0akxF2-nAiiQMyDfJFH3fWl3DdI.roa (raw, json)
Hash identifier:          HuAueHbhTKCN2QRbeo8mv2E508b0jL9JtSjaKt3KrMg=
Subject key identifier:   D1:A9:31:17:6F:A7:02:28:90:33:20:DF:24:51:F7:7D:69:77:0D:D2
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08C72DF5
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0akxF2-nAiiQMyDfJFH3fWl3DdI.roa
Signing time:             Sat 01 Jan 2022 14:02:01 +0000
ROA not before:           Sat 01 Jan 2022 14:02:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212577
IP address blocks:        2a0e:8f02:f02a::/48 maxlen: 48
                          2a0e:8f02:2070::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147271157 (0x8c72df5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:02:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1a931176fa70228903320df2451f77d69770dd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3d:b0:3a:c7:a4:ef:7a:01:ea:82:a9:fc:86:
                    92:36:1b:4d:d5:bb:c2:2c:e1:9d:2a:01:8b:91:54:
                    12:e9:86:42:ea:c6:8d:b8:77:57:76:6a:f1:dc:33:
                    2c:7f:44:50:4c:ee:38:9c:96:cf:f2:e8:08:6b:11:
                    97:06:be:e6:2e:b9:37:c7:d5:17:e7:2c:8d:a9:ae:
                    4e:40:58:e5:68:ca:f0:fa:32:e1:dc:76:67:39:d6:
                    0b:f9:97:ad:c6:08:16:1d:1b:5a:5b:01:6c:30:27:
                    77:bc:74:20:52:27:21:33:5f:43:3a:ea:8e:7d:c0:
                    73:12:c6:9c:0b:9c:08:82:59:4e:43:bd:c8:6f:e9:
                    c7:b0:84:00:4e:19:ab:aa:48:0b:f4:21:62:ab:7c:
                    08:dc:44:4c:06:8c:df:b0:53:9b:ae:e4:c1:10:e0:
                    fc:9f:f4:c8:5d:dc:5c:48:69:3c:32:6e:ae:e5:c2:
                    be:31:77:48:69:44:91:81:64:44:fb:c4:a9:05:0d:
                    b0:84:4d:c7:d4:43:db:51:bc:0d:cc:0b:80:83:9f:
                    cd:19:49:08:8c:b4:06:bf:3b:91:af:34:9e:21:ab:
                    89:1f:9c:47:f4:47:c4:aa:c4:a5:d3:28:de:9c:3d:
                    1f:d0:97:6c:34:23:94:4e:3d:0d:19:d6:45:5e:f0:
                    81:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A9:31:17:6F:A7:02:28:90:33:20:DF:24:51:F7:7D:69:77:0D:D2
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0akxF2-nAiiQMyDfJFH3fWl3DdI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:2070::/44
                  2a0e:8f02:f02a::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:80:b8:4c:57:55:d1:73:27:30:32:2d:cc:a1:82:20:7d:7b:
         28:8d:ee:88:ad:2f:83:81:ce:8c:18:c5:3a:a6:b6:c6:42:c3:
         18:27:c8:8d:3a:24:ec:2f:ba:f5:73:2f:59:6d:f4:7e:3a:e7:
         ca:15:51:77:a4:bc:e3:76:08:d4:18:0d:6f:98:7e:c0:5c:0b:
         46:a0:51:36:38:a3:34:dc:de:ba:5d:a6:df:d3:3b:41:a5:f7:
         03:53:be:66:ab:37:3f:92:78:95:11:52:cb:05:a1:4b:35:8a:
         e6:40:e6:d4:2b:42:46:62:0f:f4:0b:a3:a3:67:e8:1d:08:cc:
         c1:fd:46:3e:9d:2d:28:eb:c0:bb:1b:4b:74:84:2d:ba:3e:f0:
         ce:35:35:8b:38:06:db:ef:b1:fe:06:6a:c7:65:e0:7a:13:08:
         c3:ef:ea:f0:b7:94:51:26:da:7b:ae:ac:6b:5f:7b:c6:dc:5e:
         5e:93:59:8b:ea:0a:8c:61:68:87:5f:89:6c:ae:17:11:08:16:
         5b:a4:12:a6:d5:99:5d:96:87:c7:5f:b6:d0:05:e3:a3:a1:1d:
         87:d2:5d:d1:10:73:f9:94:20:56:a5:4a:e2:6e:d4:5b:c0:01:
         5a:42:c0:85:f6:97:a3:fc:3c:54:17:43:fd:4d:df:1d:5b:d6:
         d3:3b:f2:79
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECMct9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFhOTMxMTc2ZmE3
MDIyODkwMzMyMGRmMjQ1MWY3N2Q2OTc3MGRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQ9sDrHpO96AeqCqfyGkjYbTdW7wizhnSoBi5FUEumGQurG
jbh3V3Zq8dwzLH9EUEzuOJyWz/LoCGsRlwa+5i65N8fVF+csjamuTkBY5WjK8Poy
4dx2ZznWC/mXrcYIFh0bWlsBbDAnd7x0IFInITNfQzrqjn3AcxLGnAucCIJZTkO9
yG/px7CEAE4Zq6pIC/QhYqt8CNxETAaM37BTm67kwRDg/J/0yF3cXEhpPDJuruXC
vjF3SGlEkYFkRPvEqQUNsIRNx9RD21G8DcwLgIOfzRlJCIy0Br87ka80niGriR+c
R/RHxKrEpdMo3pw9H9CXbDQjlE49DRnWRV7wgSUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTRqTEXb6cCKJAzIN8kUfd9aXcN0jAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzBha3hGMi1uQWlpUU15RGZKRkgzZldsM0RkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOjwIgcAMHACoOjwLwKjANBgkq
hkiG9w0BAQsFAAOCAQEAUYC4TFdV0XMnMDItzKGCIH17KI3uiK0vg4HOjBjFOqa2
xkLDGCfIjTok7C+69XMvWW30fjrnyhVRd6S843YI1BgNb5h+wFwLRqBRNjijNNze
ul2m39M7QaX3A1O+Zqs3P5J4lRFSywWhSzWK5kDm1CtCRmIP9Aujo2foHQjMwf1G
Pp0tKOvAuxtLdIQtuj7wzjU1izgG2++x/gZqx2XgehMIw+/q8LeUUSbae66sa197
xtxeXpNZi+oKjGFoh1+JbK4XEQgWW6QSptWZXZaHx1+20AXjo6Edh9Jd0RBz+ZQg
VqVK4m7UW8ABWkLAhfaXo/w8VBdD/U3fHVvW0zvyeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org