Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jLZxIE14E6eS8KmRQn4nEumBnT4.roa
File:                     jLZxIE14E6eS8KmRQn4nEumBnT4.roa (raw, json)
Hash identifier:          sNSq4JyWLaPbQmhz+uxOa93iKMnI20I3ClzLYxlD8vw=
Subject key identifier:   8C:B6:71:20:4D:78:13:A7:92:F0:A9:91:42:7E:27:12:E9:81:9D:3E
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08C64E94
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jLZxIE14E6eS8KmRQn4nEumBnT4.roa
Signing time:             Sat 01 Jan 2022 14:01:59 +0000
ROA not before:           Sat 01 Jan 2022 14:01:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212360
IP address blocks:        2a0e:8f02:f00d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147213972 (0x8c64e94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:01:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8cb671204d7813a792f0a991427e2712e9819d3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d6:82:8b:dd:e8:b8:15:dc:b4:73:7d:8a:ba:
                    b9:8b:2d:1b:99:ca:37:3d:d9:39:c0:a6:d3:b5:fa:
                    61:51:f1:9f:74:82:d3:5c:9e:06:48:f8:31:5c:3a:
                    db:a7:78:a6:d6:56:c8:ff:84:fb:05:47:a6:f2:96:
                    86:4a:48:6a:d7:e7:84:39:ef:ca:ca:59:33:84:34:
                    d0:a7:24:3a:cc:78:76:9a:93:78:40:45:9d:94:a1:
                    3d:01:1d:52:24:6f:bc:4e:18:ff:01:0a:fd:ca:92:
                    02:e1:b9:9c:b7:f0:8f:ba:43:b9:27:90:53:72:31:
                    1e:0d:41:99:14:d3:42:9f:60:b1:13:85:47:88:71:
                    71:af:77:f0:73:54:66:85:65:57:c7:94:02:4a:cb:
                    eb:f1:aa:19:a8:39:73:26:55:c8:9b:0e:93:2f:91:
                    1d:6f:81:ab:c9:b5:b0:57:f5:36:46:77:d8:a1:29:
                    ca:00:37:90:a0:c6:25:04:21:99:81:07:c5:7f:f6:
                    96:e4:e9:d9:1d:c6:ca:5f:77:4e:0d:60:f5:b2:12:
                    c3:16:1f:20:26:c2:ed:1d:79:2c:0e:0c:72:82:72:
                    06:fd:1b:09:ee:54:9c:d7:5e:a9:df:7b:8d:c9:c3:
                    38:a4:ca:9e:8f:b2:c4:1f:e3:7d:e5:97:15:99:bb:
                    67:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:B6:71:20:4D:78:13:A7:92:F0:A9:91:42:7E:27:12:E9:81:9D:3E
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jLZxIE14E6eS8KmRQn4nEumBnT4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f00d::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:f7:2a:b5:19:99:77:77:71:40:a5:8b:47:b8:62:19:be:2a:
         74:32:38:76:e1:e2:a8:db:8d:38:44:0b:d9:af:1d:e1:71:4b:
         3d:f0:b7:4e:19:d0:b7:87:7b:4e:a1:03:65:c5:b3:ec:a6:c0:
         8f:90:87:3b:38:28:cc:bf:f0:00:91:96:05:f8:df:a0:d9:6c:
         39:d7:29:f3:55:8f:45:b9:f5:93:d0:d5:d2:12:08:4b:1b:7c:
         68:d4:96:98:c0:fd:e1:43:91:db:7d:89:d1:30:f4:af:91:4e:
         7a:d1:3b:35:25:8d:10:2b:3a:d5:6e:d2:55:3b:a8:ee:cf:83:
         f2:ab:36:d4:39:51:7a:76:a4:e2:fc:a0:9a:d3:8e:59:4b:50:
         77:b6:bc:c5:0c:48:d3:d3:f9:c9:da:8f:fe:51:f7:1e:b5:d5:
         d7:ec:47:d6:7a:00:18:fc:a0:d7:b4:d5:cb:b3:f8:f8:dc:a1:
         9b:69:0d:6f:6d:35:11:4c:c4:18:f2:14:ad:a4:8d:98:c5:d5:
         5a:75:64:b4:e9:48:38:1a:55:be:1f:f6:da:b8:3c:08:35:f0:
         b9:a0:ee:92:2c:68:47:97:87:9a:d3:03:6a:a8:f7:78:38:3d:
         60:74:79:65:7b:9f:d6:ba:9f:7a:1a:ab:3e:df:d2:fa:21:8e:
         73:75:c5:73
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECMZOlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNiNjcxMjA0ZDc4
MTNhNzkyZjBhOTkxNDI3ZTI3MTJlOTgxOWQzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/Wgovd6LgV3LRzfYq6uYstG5nKNz3ZOcCm07X6YVHxn3SC
01yeBkj4MVw626d4ptZWyP+E+wVHpvKWhkpIatfnhDnvyspZM4Q00KckOsx4dpqT
eEBFnZShPQEdUiRvvE4Y/wEK/cqSAuG5nLfwj7pDuSeQU3IxHg1BmRTTQp9gsROF
R4hxca938HNUZoVlV8eUAkrL6/GqGag5cyZVyJsOky+RHW+Bq8m1sFf1NkZ32KEp
ygA3kKDGJQQhmYEHxX/2luTp2R3Gyl93Tg1g9bISwxYfICbC7R15LA4McoJyBv0b
Ce5UnNdeqd97jcnDOKTKno+yxB/jfeWXFZm7ZzMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSMtnEgTXgTp5LwqZFCficS6YGdPjAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L2pMWnhJRTE0RTZlUzhLbVJRbjRuRXVtQm5UNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwDTANBgkqhkiG9w0BAQsF
AAOCAQEAIvcqtRmZd3dxQKWLR7hiGb4qdDI4duHiqNuNOEQL2a8d4XFLPfC3ThnQ
t4d7TqEDZcWz7KbAj5CHOzgozL/wAJGWBfjfoNlsOdcp81WPRbn1k9DV0hIISxt8
aNSWmMD94UOR232J0TD0r5FOetE7NSWNECs61W7SVTuo7s+D8qs21DlRenak4vyg
mtOOWUtQd7a8xQxI09P5ydqP/lH3HrXV1+xH1noAGPyg17TVy7P4+Nyhm2kNb201
EUzEGPIUraSNmMXVWnVktOlIOBpVvh/22rg8CDXwuaDukixoR5eHmtMDaqj3eDg9
YHR5ZXuf1rqfehqrPt/S+iGOc3XFcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org