Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oV_p-wSejcRSoOY07AySFaoMRlc.roa
File:                     oV_p-wSejcRSoOY07AySFaoMRlc.roa (raw, json)
Hash identifier:          g3yAvtnzb4sscdMSppAI8fPmYaIYM+/l6mbwCWFiHdQ=
Subject key identifier:   A1:5F:E9:FB:04:9E:8D:C4:52:A0:E6:34:EC:0C:92:15:AA:0C:46:57
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08A89F7A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oV_p-wSejcRSoOY07AySFaoMRlc.roa
Signing time:             Sat 01 Jan 2022 14:01:43 +0000
ROA not before:           Sat 01 Jan 2022 14:01:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49933
IP address blocks:        2a0e:8f00:f100::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145268602 (0x8a89f7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:01:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a15fe9fb049e8dc452a0e634ec0c9215aa0c4657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:35:40:43:1f:eb:2a:c9:f7:c0:6f:f1:2c:e8:
                    5e:75:43:1a:1d:ae:a6:b2:16:36:93:c4:9e:e5:dd:
                    dc:f5:f8:d0:7d:79:3a:d4:ee:b2:96:0c:2e:6e:70:
                    5f:c4:5b:1c:1b:15:23:f9:94:0b:36:b8:15:21:e5:
                    0f:83:63:9e:b4:6b:34:bc:7e:e6:d3:db:3c:76:cc:
                    26:da:ff:98:00:f3:47:e4:35:e4:fd:03:59:8a:ad:
                    0d:fb:1d:d8:dd:97:dd:59:8c:3b:d2:e0:52:30:c7:
                    8c:df:46:d9:be:6f:27:ff:32:d6:0e:68:70:02:50:
                    5f:ad:26:45:06:18:d5:3c:c2:49:4e:4e:7c:f4:10:
                    c4:6a:17:af:89:0e:0e:47:5f:ac:e9:c0:c4:ea:ee:
                    0a:1e:72:d7:23:f1:ba:fc:d8:80:c2:e2:c8:39:c5:
                    52:14:aa:ae:50:76:3f:22:15:61:04:17:9b:4b:ef:
                    e4:72:3f:7c:e7:1c:e7:cc:2c:16:ef:5d:2c:f5:dd:
                    d4:50:b9:f3:b8:b4:58:c4:82:72:62:af:fe:a1:77:
                    9f:ab:3f:41:7e:26:34:9d:64:99:6c:72:d0:b7:ed:
                    08:92:7b:73:94:3e:5a:d9:a0:10:ff:ac:90:73:9d:
                    73:f8:68:2f:31:0d:43:77:5e:b0:f0:4b:2d:5b:4a:
                    8b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:5F:E9:FB:04:9E:8D:C4:52:A0:E6:34:EC:0C:92:15:AA:0C:46:57
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/oV_p-wSejcRSoOY07AySFaoMRlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f00:f100::/40

    Signature Algorithm: sha256WithRSAEncryption
         13:5e:3a:7b:1f:a7:22:44:65:d7:be:94:7f:16:08:24:36:d7:
         50:c6:fb:36:66:01:f3:60:dd:79:45:85:21:5e:97:be:de:d7:
         ef:61:05:cd:f8:7c:0f:1c:2d:42:4e:7b:29:dc:10:fe:49:14:
         9f:cb:22:aa:26:a7:73:77:5b:2e:85:ff:c5:aa:03:48:60:02:
         13:15:98:a8:85:34:78:10:27:de:16:d7:d8:dc:21:13:17:91:
         e4:e2:1c:4f:31:ba:cd:ae:33:1a:db:aa:0a:f6:81:2b:9f:86:
         a5:4e:14:94:fb:fe:a5:22:6f:56:97:d9:08:70:4c:ac:a5:1a:
         a1:f0:ce:77:59:23:1b:da:3e:7b:ab:61:29:3d:45:e2:68:92:
         6a:eb:15:db:a3:85:d6:13:45:4a:af:0f:b5:bc:3b:c8:c9:c5:
         61:fa:7e:6f:71:1d:aa:b7:bc:fa:ba:f7:0a:99:f8:96:29:bf:
         7b:85:be:e8:07:12:bf:41:50:98:2f:2f:1c:7d:a8:7f:89:bd:
         88:a0:e1:59:4b:8d:b3:63:d0:31:44:5d:33:c7:e0:12:e1:13:
         48:59:4a:37:6a:15:cd:a1:50:98:35:79:db:74:6b:27:fa:44:
         20:51:fc:65:d4:3c:14:e9:0e:3e:eb:42:a5:3f:10:cd:8a:d6:
         17:82:b1:21
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECKifejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE1ZmU5ZmIwNDll
OGRjNDUyYTBlNjM0ZWMwYzkyMTVhYTBjNDY1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ41QEMf6yrJ98Bv8SzoXnVDGh2uprIWNpPEnuXd3PX40H15
OtTuspYMLm5wX8RbHBsVI/mUCza4FSHlD4NjnrRrNLx+5tPbPHbMJtr/mADzR+Q1
5P0DWYqtDfsd2N2X3VmMO9LgUjDHjN9G2b5vJ/8y1g5ocAJQX60mRQYY1TzCSU5O
fPQQxGoXr4kODkdfrOnAxOruCh5y1yPxuvzYgMLiyDnFUhSqrlB2PyIVYQQXm0vv
5HI/fOcc58wsFu9dLPXd1FC587i0WMSCcmKv/qF3n6s/QX4mNJ1kmWxy0LftCJJ7
c5Q+WtmgEP+skHOdc/hoLzENQ3desPBLLVtKi/0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBShX+n7BJ6NxFKg5jTsDJIVqgxGVzAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L29WX3Atd1NlamNSU29PWTA3QXlTRmFvTVJsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoOjwDxMA0GCSqGSIb3DQEBCwUA
A4IBAQATXjp7H6ciRGXXvpR/FggkNtdQxvs2ZgHzYN15RYUhXpe+3tfvYQXN+HwP
HC1CTnsp3BD+SRSfyyKqJqdzd1suhf/FqgNIYAITFZiohTR4ECfeFtfY3CETF5Hk
4hxPMbrNrjMa26oK9oErn4alThSU+/6lIm9Wl9kIcEyspRqh8M53WSMb2j57q2Ep
PUXiaJJq6xXbo4XWE0VKrw+1vDvIycVh+n5vcR2qt7z6uvcKmfiWKb97hb7oBxK/
QVCYLy8cfah/ib2IoOFZS42zY9AxRF0zx+AS4RNIWUo3ahXNoVCYNXnbdGsn+kQg
Ufxl1DwU6Q4+60KlPxDNitYXgrEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org