Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fdaZXu6IkFmc7D0TWkmUrLtZHiA.roa
File:                     fdaZXu6IkFmc7D0TWkmUrLtZHiA.roa (raw, json)
Hash identifier:          yiUgdiMZSRgfkuREMXZDoCto7Qv5YQtIn1rrqz+4J4o=
Subject key identifier:   7D:D6:99:5E:EE:88:90:59:9C:EC:3D:13:5A:49:94:AC:BB:59:1E:20
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08C6D578
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fdaZXu6IkFmc7D0TWkmUrLtZHiA.roa
Signing time:             Sat 01 Jan 2022 14:02:00 +0000
ROA not before:           Sat 01 Jan 2022 14:02:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212514
IP address blocks:        2a0e:8f02:f00b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147248504 (0x8c6d578)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:02:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7dd6995eee8890599cec3d135a4994acbb591e20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8c:e2:ec:6e:dd:db:b3:f0:a4:50:06:61:1b:
                    14:be:22:df:e3:3b:63:8a:74:c2:1a:d9:97:22:8b:
                    17:68:31:79:21:34:c8:68:e7:0c:12:14:a4:6b:90:
                    ba:3f:f6:d3:ae:80:88:3a:65:41:92:1e:fe:9a:2f:
                    f6:67:35:e8:1f:3b:4b:a2:13:dd:2b:f9:4e:8e:25:
                    80:b8:2e:78:aa:ef:42:19:e5:09:43:48:65:21:9c:
                    04:22:c2:18:60:60:f3:8c:67:fa:d7:7a:01:92:b5:
                    91:ac:34:95:af:8e:57:31:c1:d2:cd:4c:4d:0a:eb:
                    11:44:a0:7d:31:41:27:ab:c9:56:76:c2:b0:9a:3d:
                    69:03:1e:b1:19:3e:5c:36:ce:35:d8:96:54:5c:ba:
                    03:9b:05:34:00:c4:84:1f:d3:ba:9e:ab:8f:6a:44:
                    83:d6:eb:03:7d:f1:f7:e2:53:1a:12:a0:7f:4b:ae:
                    3c:a2:c3:81:b5:62:97:a2:06:7e:9c:0c:29:6f:61:
                    e2:66:69:80:58:47:9f:3c:33:38:2e:f0:66:1d:2c:
                    8e:9e:3b:92:8f:70:b1:8b:94:db:dd:63:09:9c:9e:
                    97:0c:1e:f6:85:b1:82:d8:34:f4:f1:32:88:3b:da:
                    78:24:5e:64:fa:16:a9:28:8e:12:d3:be:6a:6c:65:
                    d7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D6:99:5E:EE:88:90:59:9C:EC:3D:13:5A:49:94:AC:BB:59:1E:20
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/fdaZXu6IkFmc7D0TWkmUrLtZHiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         63:6e:eb:d3:f9:72:22:72:cc:a8:7e:b3:6d:8b:b2:ce:db:0e:
         8e:d7:7c:49:b3:b5:50:07:5f:6e:3f:c1:6a:04:84:16:bf:07:
         95:ca:09:10:0e:d8:69:d0:22:89:8c:b9:f9:1d:0c:04:69:b2:
         5a:9f:a1:3f:f4:c6:8e:75:11:e8:d2:87:08:82:ad:3b:24:b5:
         b0:35:85:0a:9c:39:31:d3:f1:63:a7:7e:6c:31:44:53:a5:9c:
         d5:df:84:59:2f:bf:f8:1a:df:e9:db:ac:17:5b:7b:7d:b3:4b:
         29:33:ba:89:c8:b9:d9:65:1c:65:98:ec:78:e3:2f:ef:0c:1e:
         78:21:90:71:6d:13:0d:f2:b5:b4:06:8d:5f:40:67:cb:56:f7:
         33:05:ba:ea:e7:ad:80:ba:30:e3:81:6d:de:f6:0a:05:ab:ec:
         4e:3e:10:43:44:21:d0:35:93:11:72:62:5a:a5:d9:8a:6d:4b:
         b1:0e:a9:03:5f:9c:7c:ea:25:fc:32:3e:f7:fb:e3:d4:a0:ee:
         a5:8b:b6:63:22:76:51:55:b6:18:c3:42:ef:15:f0:7d:1a:31:
         1a:0f:6c:f4:06:b0:96:69:d3:f7:ae:1c:b4:6b:1d:ce:4b:52:
         de:7a:d9:d4:ca:5c:fb:dd:67:d9:5c:e8:76:f4:40:54:89:8e:
         3b:94:15:43
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECMbVeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RkNjk5NWVlZTg4
OTA1OTljZWMzZDEzNWE0OTk0YWNiYjU5MWUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGM4uxu3duz8KRQBmEbFL4i3+M7Y4p0whrZlyKLF2gxeSE0
yGjnDBIUpGuQuj/2066AiDplQZIe/pov9mc16B87S6IT3Sv5To4lgLgueKrvQhnl
CUNIZSGcBCLCGGBg84xn+td6AZK1kaw0la+OVzHB0s1MTQrrEUSgfTFBJ6vJVnbC
sJo9aQMesRk+XDbONdiWVFy6A5sFNADEhB/Tup6rj2pEg9brA33x9+JTGhKgf0uu
PKLDgbVil6IGfpwMKW9h4mZpgFhHnzwzOC7wZh0sjp47ko9wsYuU291jCZyelwwe
9oWxgtg09PEyiDvaeCReZPoWqSiOEtO+amxl1/ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR91ple7oiQWZzsPRNaSZSsu1keIDAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L2ZkYVpYdTZJa0ZtYzdEMFRXa21Vckx0WkhpQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwCzANBgkqhkiG9w0BAQsF
AAOCAQEAY27r0/lyInLMqH6zbYuyztsOjtd8SbO1UAdfbj/BagSEFr8HlcoJEA7Y
adAiiYy5+R0MBGmyWp+hP/TGjnUR6NKHCIKtOyS1sDWFCpw5MdPxY6d+bDFEU6Wc
1d+EWS+/+Brf6dusF1t7fbNLKTO6ici52WUcZZjseOMv7wweeCGQcW0TDfK1tAaN
X0Bny1b3MwW66uetgLow44Ft3vYKBavsTj4QQ0Qh0DWTEXJiWqXZim1LsQ6pA1+c
fOol/DI+9/vj1KDupYu2YyJ2UVW2GMNC7xXwfRoxGg9s9AawlmnT964ctGsdzktS
3nrZ1Mpc+91n2VzodvRAVImOO5QVQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org