Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/fufTwUvBSmAZ747-fj8_Leff7HE.roa
File:                     fufTwUvBSmAZ747-fj8_Leff7HE.roa (raw, json)
Hash identifier:          xcwpkDsJhTiImLWaN241+TGlHgGMg/Hy8GnYLUPN5aw=
Subject key identifier:   7E:E7:D3:C1:4B:C1:4A:60:19:EF:8E:FE:7E:3F:3F:2D:E7:DF:EC:71
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       085F0727
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/fufTwUvBSmAZ747-fj8_Leff7HE.roa
Signing time:             Sat 01 Jan 2022 11:04:53 +0000
ROA not before:           Sat 01 Jan 2022 11:04:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58076
IP address blocks:        2a03:97c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140445479 (0x85f0727)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Jan  1 11:04:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ee7d3c14bc14a6019ef8efe7e3f3f2de7dfec71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:18:f7:fa:95:b2:da:f0:d7:e4:a4:82:e2:3e:
                    53:e4:73:78:15:60:0d:6b:a2:24:5a:12:12:35:c4:
                    dc:51:a4:49:8c:7b:8a:5d:d2:47:5f:fd:85:7e:39:
                    0e:23:c8:1f:3e:23:ff:be:d3:dd:2d:d4:ea:87:5f:
                    57:c6:91:df:69:84:1e:0a:7a:8c:6f:1f:58:fd:dd:
                    01:97:cd:c5:c5:35:1f:c4:0f:69:e2:b6:77:a7:40:
                    d8:0b:1b:63:52:f1:f6:a1:f6:8b:96:f3:6b:dc:22:
                    29:05:85:4a:cb:da:8c:35:09:dd:57:63:a3:42:96:
                    f1:70:c8:b4:19:88:98:63:5e:f8:de:2c:72:e6:f3:
                    7f:af:99:6c:49:53:f2:68:f5:bf:b0:46:b7:a7:c2:
                    25:a0:e7:b5:07:be:5f:d0:37:ff:bf:1e:2f:c8:eb:
                    01:9f:6d:17:f8:a1:37:7c:b4:ce:8a:c9:04:2b:95:
                    1a:7a:c8:f3:0d:f1:3f:32:0d:7e:6c:e8:76:80:78:
                    f4:ee:2a:8e:fb:c0:6a:18:37:ba:42:82:85:ef:3e:
                    e4:0c:6f:ae:99:07:12:0d:d9:21:60:da:31:e9:cb:
                    73:d8:9d:9a:ce:20:bd:8b:5f:34:b0:02:69:ec:23:
                    e0:20:71:4e:87:cd:1c:70:ef:8e:e8:61:9e:aa:3c:
                    43:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:E7:D3:C1:4B:C1:4A:60:19:EF:8E:FE:7E:3F:3F:2D:E7:DF:EC:71
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/fufTwUvBSmAZ747-fj8_Leff7HE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:97c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         ea:b4:97:13:11:93:66:a9:28:e6:cd:25:52:90:73:65:ff:5d:
         a1:f0:32:32:ab:8a:76:eb:7a:a0:90:45:b6:64:bd:31:60:a4:
         a1:ab:de:7b:51:6a:27:48:94:ae:dd:0c:f6:9e:07:85:f0:ea:
         bc:3a:81:d8:02:8a:a8:81:cb:7f:61:cc:22:35:b4:2c:64:b8:
         51:a7:63:38:7c:75:90:82:21:b2:cf:38:fe:f2:0c:df:46:73:
         24:0c:70:f0:b6:08:25:b2:7d:a6:6d:43:b7:f8:e4:1f:20:94:
         c8:ec:21:e4:e7:ae:63:b9:5b:3c:72:88:b2:26:42:48:39:dc:
         58:34:e6:93:a7:0e:66:e7:81:f5:2d:87:16:b7:53:51:1e:e6:
         ce:c3:2d:b8:fe:4f:a9:6a:62:3f:f5:1d:97:95:dd:29:0e:3d:
         f6:bc:11:ff:b7:e0:45:43:bb:d8:ea:f6:ab:36:99:2a:4e:f3:
         10:94:69:14:c7:21:28:79:f3:fb:4d:94:22:1d:a2:97:01:db:
         1d:9c:ac:32:05:f0:fe:b2:b3:c3:14:d7:9a:78:60:4d:10:09:
         33:fe:3a:ad:70:91:e7:9a:a7:97:ce:47:13:13:3d:e3:5d:d1:
         e2:69:3e:24:56:3c:91:c0:6f:2a:01:0e:59:7e:f6:17:f7:e6:
         da:5c:da:0c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECF8HJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGU0ZjZhNzczNjhiN2NlY2ZlNjcyMjBiNDM2NTc2YjFlMDA4YWVjMB4XDTIyMDEw
MTExMDQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VlN2QzYzE0YmMx
NGE2MDE5ZWY4ZWZlN2UzZjNmMmRlN2RmZWM3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEY9/qVstrw1+SkguI+U+RzeBVgDWuiJFoSEjXE3FGkSYx7
il3SR1/9hX45DiPIHz4j/77T3S3U6odfV8aR32mEHgp6jG8fWP3dAZfNxcU1H8QP
aeK2d6dA2AsbY1Lx9qH2i5bza9wiKQWFSsvajDUJ3Vdjo0KW8XDItBmImGNe+N4s
cubzf6+ZbElT8mj1v7BGt6fCJaDntQe+X9A3/78eL8jrAZ9tF/ihN3y0zorJBCuV
GnrI8w3xPzINfmzodoB49O4qjvvAahg3ukKChe8+5AxvrpkHEg3ZIWDaMenLc9id
ms4gvYtfNLACaewj4CBxTofNHHDvjuhhnqo8Q5kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR+59PBS8FKYBnvjv5+Pz8t59/scTAfBgNVHSMEGDAWgBQA5Panc2i3zs/m
ciC0NldrHgCK7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPVDJwM05vdDg3UDVuSWd0RFpYYXg0QWl1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvNjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8x
L2Z1ZlR3VXZCU21BWjc0Ny1majhfTGVmZjdIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
NjUyZGE5LWFmYzQtNGUyMC04MmZjLWIwN2Q4NDE2YWU0YS8xL0FPVDJwM05vdDg3
UDVuSWd0RFpYYXg0QWl1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDl8AAATANBgkqhkiG9w0BAQsF
AAOCAQEA6rSXExGTZqko5s0lUpBzZf9dofAyMquKdut6oJBFtmS9MWCkoavee1Fq
J0iUrt0M9p4HhfDqvDqB2AKKqIHLf2HMIjW0LGS4UadjOHx1kIIhss84/vIM30Zz
JAxw8LYIJbJ9pm1Dt/jkHyCUyOwh5OeuY7lbPHKIsiZCSDncWDTmk6cOZueB9S2H
FrdTUR7mzsMtuP5PqWpiP/Udl5XdKQ499rwR/7fgRUO72Or2qzaZKk7zEJRpFMch
KHnz+02UIh2ilwHbHZysMgXw/rKzwxTXmnhgTRAJM/46rXCR55qnl85HExM9413R
4mk+JFY8kcBvKgEOWX72F/fm2lzaDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:34 2024 by rpki-client on console-fra.rpki-client.org