Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-lgxbN-b--MHDP4mlkhaOvx969w.roa
File:                     1-lgxbN-b--MHDP4mlkhaOvx969w.roa (raw, json)
Hash identifier:          Xm5dvtxsIyQWNzpD1PDPEybhibbX4glE4I0I/ZWafNc=
Subject key identifier:   FA:58:31:6C:DF:9B:FB:E3:07:0C:FE:26:96:48:5A:3A:FC:7D:EB:DC
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08BF3659
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-lgxbN-b--MHDP4mlkhaOvx969w.roa
Signing time:             Sat 01 Jan 2022 14:01:56 +0000
ROA not before:           Sat 01 Jan 2022 14:01:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212057
IP address blocks:        2a0e:8f02:f018::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146749017 (0x8bf3659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:01:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fa58316cdf9bfbe3070cfe2696485a3afc7debdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:85:50:36:8f:8e:c2:14:e2:9f:0e:bc:80:fd:
                    43:fa:81:66:9d:86:c6:38:76:23:91:b5:69:ba:40:
                    31:eb:62:fc:34:6a:69:b1:07:47:bc:39:6d:10:e2:
                    d9:e8:a5:20:a1:53:b8:20:98:68:11:c2:4f:df:a9:
                    1f:30:9f:1f:49:6f:bf:fd:94:aa:2c:24:31:6d:64:
                    13:80:17:c0:6a:d3:79:a5:9f:f4:a3:fa:d7:31:3d:
                    ab:e3:25:7a:df:aa:f1:33:f9:9f:82:3c:8a:9b:0c:
                    c0:c5:2e:fa:0a:50:9c:f5:95:b6:67:f6:e6:c9:40:
                    c0:c3:26:50:5a:90:f6:f9:bb:68:a2:3c:75:f6:68:
                    50:88:16:61:80:54:26:39:fd:78:ca:12:32:8e:05:
                    ae:41:5f:cb:0c:44:35:53:ab:5a:f7:7e:9e:3b:d6:
                    f6:cc:74:4a:f6:6e:49:ae:cb:8a:d4:f5:ff:03:b4:
                    3e:62:29:e1:03:d2:9b:94:d9:0b:ec:17:be:64:4d:
                    d7:d6:1b:12:9a:86:63:87:3e:da:29:fa:30:0a:ba:
                    94:ae:63:62:61:dd:4f:de:75:aa:60:9f:6a:9e:44:
                    d3:81:4d:1a:31:e9:dc:49:d6:da:fc:0a:4e:8a:73:
                    b8:cf:37:be:81:6a:c2:d0:dd:71:7e:e8:1c:f2:ab:
                    12:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:58:31:6C:DF:9B:FB:E3:07:0C:FE:26:96:48:5A:3A:FC:7D:EB:DC
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1-lgxbN-b--MHDP4mlkhaOvx969w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f018::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:b5:1d:11:47:65:01:53:d4:a2:4d:6f:4c:49:43:78:14:4e:
         cc:af:21:de:f0:37:ab:1c:43:6f:ac:71:18:0d:e1:05:71:9b:
         0b:5e:20:6a:46:d5:28:e2:e6:72:d6:5d:af:da:5f:cb:be:09:
         e5:bc:3a:81:dd:23:c6:77:5a:80:3d:f0:e9:22:97:16:da:47:
         33:3d:fd:2b:10:65:45:b9:74:5d:58:f9:d9:84:98:a0:57:13:
         70:e7:26:a5:ca:7b:ea:41:94:bd:4e:49:e0:df:0f:e8:e9:be:
         59:6d:e6:27:bc:20:31:39:66:5d:7d:a4:c0:c7:72:45:d8:9c:
         05:b0:2c:a5:5c:fc:a5:93:5f:c4:ba:77:85:1f:1a:2c:83:cd:
         17:0b:b0:82:28:54:ec:da:47:1d:9b:a8:33:06:8f:4a:65:42:
         e5:80:c5:f0:10:4b:f8:e4:91:2c:51:13:99:ae:e7:f9:9f:86:
         26:84:8a:83:14:2c:26:49:41:5b:e8:bd:3f:7d:16:9f:bd:ed:
         9e:5f:89:8e:38:f8:36:9a:9d:0b:92:1b:6d:48:ba:cd:b7:64:
         18:6f:c7:28:05:0c:1b:4f:7a:80:a4:5c:bb:1e:03:c6:6e:54:
         b4:bc:34:07:3a:eb:6b:a5:81:6e:57:4b:16:14:0b:2a:24:c5:
         6c:bb:b3:dc
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIECL82WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE1ODMxNmNkZjli
ZmJlMzA3MGNmZTI2OTY0ODVhM2FmYzdkZWJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6FUDaPjsIU4p8OvID9Q/qBZp2Gxjh2I5G1abpAMeti/DRq
abEHR7w5bRDi2eilIKFTuCCYaBHCT9+pHzCfH0lvv/2UqiwkMW1kE4AXwGrTeaWf
9KP61zE9q+Mlet+q8TP5n4I8ipsMwMUu+gpQnPWVtmf25slAwMMmUFqQ9vm7aKI8
dfZoUIgWYYBUJjn9eMoSMo4FrkFfywxENVOrWvd+njvW9sx0SvZuSa7LitT1/wO0
PmIp4QPSm5TZC+wXvmRN19YbEpqGY4c+2in6MAq6lK5jYmHdT951qmCfap5E04FN
GjHp3EnW2vwKTopzuM83voFqwtDdcX7oHPKrEqkCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT6WDFs35v74wcM/iaWSFo6/H3r3DAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
LzEtbGd4Yk4tYi0tTUhEUDRtbGtoYU92eDk2OXcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1
LzU4ZmY1NC0zNDEwLTRlNDItYWFiOC1kMmQ3ZjJiYjY0ZGYvMS8xVzcwanRZVlhk
ZUVQdTAyTWthYXVxTVFDX00uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqDo8C8BgwDQYJKoZIhvcNAQEL
BQADggEBAJy1HRFHZQFT1KJNb0xJQ3gUTsyvId7wN6scQ2+scRgN4QVxmwteIGpG
1Sji5nLWXa/aX8u+CeW8OoHdI8Z3WoA98OkilxbaRzM9/SsQZUW5dF1Y+dmEmKBX
E3DnJqXKe+pBlL1OSeDfD+jpvllt5ie8IDE5Zl19pMDHckXYnAWwLKVc/KWTX8S6
d4UfGiyDzRcLsIIoVOzaRx2bqDMGj0plQuWAxfAQS/jkkSxRE5mu5/mfhiaEioMU
LCZJQVvovT99Fp+97Z5fiY44+DaanQuSG21Ius23ZBhvxygFDBtPeoCkXLseA8Zu
VLS8NAc662ulgW5XSxYUCyokxWy7s9w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org