Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Pe9DfX9vY_j-tUWjTDdx4kTDR4s.roa
File:                     Pe9DfX9vY_j-tUWjTDdx4kTDR4s.roa (raw, json)
Hash identifier:          k3t3kTrCkf/pOKWuasR7o6thO9kR8ucjCi0hDqa4BL4=
Subject key identifier:   3D:EF:43:7D:7F:6F:63:F8:FE:B5:45:A3:4C:37:71:E2:44:C3:47:8B
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       0182CB62F31C077DE6C088D878113F5527A8
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Pe9DfX9vY_j-tUWjTDdx4kTDR4s.roa
Signing time:             Tue 23 Aug 2022 15:47:15 +0000
ROA not before:           Tue 23 Aug 2022 15:47:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203472
IP address blocks:        2a0e:8f02:f046::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:cb:62:f3:1c:07:7d:e6:c0:88:d8:78:11:3f:55:27:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Aug 23 15:47:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3def437d7f6f63f8feb545a34c3771e244c3478b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1e:78:97:10:b0:da:ba:23:be:f8:95:ec:85:
                    38:a0:d9:f0:42:75:a5:e3:ff:72:15:a9:93:7b:06:
                    de:cb:6d:37:59:4c:03:bb:79:f4:1e:24:fc:e3:f0:
                    60:2d:bf:40:a9:9f:b3:9e:fa:bb:1e:2e:8c:16:30:
                    35:53:2a:f5:4a:1c:51:c2:13:ba:e9:30:20:29:ac:
                    82:01:33:72:9f:fb:fd:05:38:0d:f6:b7:2f:fb:aa:
                    c5:61:d8:ab:1b:3e:10:9d:0d:0e:5d:19:15:ae:25:
                    b4:c1:87:17:a5:88:cc:7b:6e:7a:44:66:d1:4b:34:
                    52:d2:f8:23:79:d8:e8:a2:71:17:a1:61:f6:ea:c4:
                    14:b5:ca:46:77:45:2e:ef:96:c5:8c:de:fa:9f:a3:
                    ae:a2:2d:76:1e:12:27:b2:e9:25:e1:4e:87:f9:e3:
                    ad:45:54:68:b6:56:54:53:d1:02:15:1d:ee:38:9c:
                    83:14:1a:7c:1e:bd:e7:7b:46:02:19:9e:35:a0:a2:
                    66:65:c9:1e:48:cf:01:d0:f1:bc:42:9e:09:d7:a4:
                    2a:51:bd:5d:c7:9d:d7:30:bf:3e:94:51:c1:39:86:
                    c5:46:1f:21:78:bf:42:f4:1c:31:c8:74:a9:f6:84:
                    5f:ed:a0:21:bd:53:d2:68:c4:85:0f:d1:60:c0:3f:
                    a1:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:EF:43:7D:7F:6F:63:F8:FE:B5:45:A3:4C:37:71:E2:44:C3:47:8B
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Pe9DfX9vY_j-tUWjTDdx4kTDR4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f046::/48

    Signature Algorithm: sha256WithRSAEncryption
         10:a9:24:06:cb:1b:53:9f:91:78:e0:65:7f:4d:ef:08:bd:c5:
         02:fb:b4:e8:0a:30:bc:81:7e:be:34:5e:9b:cd:8a:ff:f1:99:
         f2:f4:af:ab:6f:57:21:ff:3d:d0:fd:38:1f:34:a7:4a:f8:9b:
         c1:33:36:35:31:a9:01:1d:1e:ff:6e:ca:f9:9d:01:b1:0d:8e:
         d8:5c:10:fa:4b:93:8b:d8:f5:c0:47:5b:93:6a:2e:7a:25:be:
         98:78:c6:6c:2f:40:0a:ee:16:8f:25:53:65:39:8e:a4:b8:3f:
         c5:f4:68:57:68:ed:84:8e:ca:26:31:88:ac:d7:93:69:e1:bc:
         fb:8c:20:4a:2e:a0:f1:c4:f1:a6:6a:79:ac:e7:f8:b4:fa:ca:
         ab:45:3c:31:bd:09:b6:e4:d7:d3:18:ca:c6:f9:23:88:51:28:
         87:56:0d:a1:41:2a:90:43:c5:1d:86:00:f6:7e:04:c3:f6:3c:
         40:e1:38:3b:52:5a:d0:fa:28:43:73:a7:9f:6f:44:1d:f2:5a:
         25:d1:93:5a:e7:57:f2:6f:fb:77:20:7c:01:f0:59:42:29:df:
         e8:6b:f1:f9:17:70:d4:ce:e8:f8:08:96:03:06:77:17:c1:15:
         e3:32:e2:40:c8:6e:e0:2f:ef:09:6b:02:ab:06:b2:6b:28:c7:
         1d:ac:f6:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLLYvMcB33mwIjYeBE/VSeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjIwODIzMTU0NzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVmNDM3ZDdmNmY2M2Y4ZmViNTQ1YTM0YzM3NzFlMjQ0YzM0NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR54lxCw2rojvviV7IU4oNnwQnWl
4/9yFamTewbey203WUwDu3n0HiT84/BgLb9AqZ+znvq7Hi6MFjA1Uyr1ShxRwhO6
6TAgKayCATNyn/v9BTgN9rcv+6rFYdirGz4QnQ0OXRkVriW0wYcXpYjMe256RGbR
SzRS0vgjedjoonEXoWH26sQUtcpGd0Uu75bFjN76n6Ouoi12HhInsukl4U6H+eOt
RVRotlZUU9ECFR3uOJyDFBp8Hr3ne0YCGZ41oKJmZckeSM8B0PG8Qp4J16QqUb1d
x53XML8+lFHBOYbFRh8heL9C9BwxyHSp9oRf7aAhvVPSaMSFD9FgwD+hpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD3vQ31/b2P4/rVFo0w3ceJEw0eLMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUGU5RGZYOXZZX2otdFVXalREZHg0a1REUjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBG
MA0GCSqGSIb3DQEBCwUAA4IBAQAQqSQGyxtTn5F44GV/Te8IvcUC+7ToCjC8gX6+
NF6bzYr/8Zny9K+rb1ch/z3Q/TgfNKdK+JvBMzY1MakBHR7/bsr5nQGxDY7YXBD6
S5OL2PXAR1uTai56Jb6YeMZsL0AK7haPJVNlOY6kuD/F9GhXaO2EjsomMYis15Np
4bz7jCBKLqDxxPGmanms5/i0+sqrRTwxvQm25NfTGMrG+SOIUSiHVg2hQSqQQ8Ud
hgD2fgTD9jxA4Tg7UlrQ+ihDc6efb0Qd8lol0ZNa51fyb/t3IHwB8FlCKd/oa/H5
F3DUzuj4CJYDBncXwRXjMuJAyG7gL+8JawKrBrJrKMcdrPYf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org