Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tVOBNBpoGEO5pmDIKEtiAtZOURw.roa
File:                     tVOBNBpoGEO5pmDIKEtiAtZOURw.roa (raw, json)
Hash identifier:          awcCTwWyiQw5snC1KVhEmLEMtjXYYqsJSGK/kB6kJbY=
Subject key identifier:   B5:53:81:34:1A:68:18:43:B9:A6:60:C8:28:4B:62:02:D6:4E:51:1C
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08B29598
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tVOBNBpoGEO5pmDIKEtiAtZOURw.roa
Signing time:             Sat 01 Jan 2022 14:01:49 +0000
ROA not before:           Sat 01 Jan 2022 14:01:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211414
IP address blocks:        2a0e:8f02:2140::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145921432 (0x8b29598)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:01:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b55381341a681843b9a660c8284b6202d64e511c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e1:82:72:fa:1d:a8:b4:6f:d9:36:7d:63:bf:
                    f4:3a:1f:3f:88:43:5f:71:a9:9f:7b:06:fd:43:db:
                    65:85:f8:33:d9:41:ac:23:74:f6:4d:05:64:3e:e8:
                    7d:5f:93:43:36:6e:b5:67:fe:df:ae:66:a3:89:80:
                    f3:9a:09:92:dc:6b:61:6a:07:39:08:06:b1:44:49:
                    f5:4c:b3:da:04:d9:9b:03:65:13:b0:5e:16:8b:5e:
                    41:c0:36:fc:46:9a:da:56:b5:98:42:ff:64:33:87:
                    8d:86:32:17:75:ea:f4:8a:9d:c1:fc:98:79:0c:e5:
                    b1:14:41:65:3e:72:b2:9c:10:81:f8:d2:ed:df:2f:
                    91:e7:df:b8:c2:b1:04:68:e3:d7:35:ad:22:a7:9e:
                    38:b7:4a:2f:f0:8d:2e:18:1a:85:90:6a:c4:26:e8:
                    b9:6c:62:17:13:5e:0d:38:46:fa:c8:cd:7a:2f:58:
                    40:90:b0:ef:ba:5f:0e:de:7b:ec:f0:bd:7c:0e:3d:
                    1b:ba:79:87:6e:d4:0f:d0:ff:eb:a7:03:ef:d2:39:
                    0c:f1:3e:21:b1:f0:84:e4:e1:b2:76:c4:95:1f:a0:
                    d5:f5:51:f6:43:b4:e5:db:d0:5b:9d:05:37:e0:52:
                    83:96:1d:a7:84:5c:04:85:bd:cb:97:dc:88:a5:fb:
                    34:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:53:81:34:1A:68:18:43:B9:A6:60:C8:28:4B:62:02:D6:4E:51:1C
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tVOBNBpoGEO5pmDIKEtiAtZOURw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:2140::/44

    Signature Algorithm: sha256WithRSAEncryption
         1d:10:94:ef:61:e8:fd:84:8f:e3:56:30:f3:bb:a7:89:00:a0:
         04:4a:cf:98:b3:8b:00:b8:04:79:80:e8:77:3f:f8:4c:53:be:
         c1:d7:89:00:46:1d:b9:11:80:11:55:69:b7:a2:aa:b0:24:5c:
         63:17:37:04:db:3a:fa:df:c0:03:20:5b:3f:77:1e:13:15:d0:
         69:ff:12:aa:a8:b4:38:74:3a:ae:16:88:86:93:df:f8:22:70:
         f3:b7:cf:20:3c:23:5a:6c:52:e2:a4:09:97:cb:18:1f:6c:d4:
         51:89:3b:62:9f:03:05:ca:c9:3e:e1:ea:e6:f2:d2:a0:98:29:
         44:4b:17:cf:ba:23:7f:c4:d5:c5:a4:e6:db:0b:be:82:55:76:
         5b:b8:01:8f:ad:52:f7:25:77:8b:65:a6:9d:dd:ee:13:b2:ec:
         3e:f8:83:18:6e:44:f9:94:65:af:89:12:94:49:65:a5:08:b0:
         ff:5d:20:27:46:00:74:df:39:aa:77:09:d8:c6:7e:dc:32:72:
         31:9e:20:34:73:3d:f2:57:87:12:f0:5f:f7:ea:3a:b7:2c:56:
         70:2c:a3:23:e8:4e:7b:f7:a8:b6:ce:8f:f2:3f:b2:56:de:4e:
         ed:8c:d5:a5:c4:e0:09:b9:62:c0:42:d9:00:8a:61:18:82:a5:
         f9:d7:24:6c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECLKVmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU1MzgxMzQxYTY4
MTg0M2I5YTY2MGM4Mjg0YjYyMDJkNjRlNTExYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMThgnL6Hai0b9k2fWO/9DofP4hDX3Gpn3sG/UPbZYX4M9lB
rCN09k0FZD7ofV+TQzZutWf+365mo4mA85oJktxrYWoHOQgGsURJ9Uyz2gTZmwNl
E7BeFoteQcA2/Eaa2la1mEL/ZDOHjYYyF3Xq9IqdwfyYeQzlsRRBZT5yspwQgfjS
7d8vkeffuMKxBGjj1zWtIqeeOLdKL/CNLhgahZBqxCbouWxiFxNeDThG+sjNei9Y
QJCw77pfDt577PC9fA49G7p5h27UD9D/66cD79I5DPE+IbHwhOThsnbElR+g1fVR
9kO05dvQW50FN+BSg5Ydp4RcBIW9y5fciKX7NAsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS1U4E0GmgYQ7mmYMgoS2IC1k5RHDAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L3RWT0JOQnBvR0VPNXBtRElLRXRpQXRaT1VSdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOjwIhQDANBgkqhkiG9w0BAQsF
AAOCAQEAHRCU72Ho/YSP41Yw87uniQCgBErPmLOLALgEeYDodz/4TFO+wdeJAEYd
uRGAEVVpt6KqsCRcYxc3BNs6+t/AAyBbP3ceExXQaf8Sqqi0OHQ6rhaIhpPf+CJw
87fPIDwjWmxS4qQJl8sYH2zUUYk7Yp8DBcrJPuHq5vLSoJgpREsXz7ojf8TVxaTm
2wu+glV2W7gBj61S9yV3i2Wmnd3uE7LsPviDGG5E+ZRlr4kSlEllpQiw/10gJ0YA
dN85qncJ2MZ+3DJyMZ4gNHM98leHEvBf9+o6tyxWcCyjI+hOe/eots6P8j+yVt5O
7YzVpcTgCbliwELZAIphGIKl+dckbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org