Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/eXSuptWd_K6TxH5Pcwqulv2n0NI.roa
File:                     eXSuptWd_K6TxH5Pcwqulv2n0NI.roa (raw, json)
Hash identifier:          4HAf/GFSLcImbfkqtJunCYWbS7ksEJOiY8HWIONle+s=
Subject key identifier:   79:74:AE:A6:D5:9D:FC:AE:93:C4:7E:4F:73:0A:AE:96:FD:A7:D0:D2
Certificate issuer:       /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial:       03F91829
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/eXSuptWd_K6TxH5Pcwqulv2n0NI.roa
Signing time:             Sat 01 Jan 2022 06:00:52 +0000
ROA not before:           Sat 01 Jan 2022 06:00:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213109
IP address blocks:        2a07:22c1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66656297 (0x3f91829)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
        Validity
            Not Before: Jan  1 06:00:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7974aea6d59dfcae93c47e4f730aae96fda7d0d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:52:33:2e:01:87:64:66:31:f0:bd:3f:c4:23:
                    de:23:8a:c0:41:e2:f9:de:d4:07:d5:c6:e6:00:e3:
                    d4:ef:55:e6:6e:5c:df:c9:1d:48:5d:f2:0a:f5:0a:
                    34:98:af:fa:23:7c:ee:b7:a8:83:56:cb:e5:fb:c6:
                    b0:34:36:ee:55:3c:be:ca:29:8f:8c:7f:7b:a4:40:
                    b1:97:9d:e2:3d:e6:7b:b3:de:00:df:6b:b7:c9:cb:
                    ec:03:f3:e7:58:94:68:ef:10:d0:f4:76:86:dc:25:
                    cb:8f:75:db:59:34:54:2f:26:e7:3a:dc:39:03:44:
                    ad:25:4e:13:42:4a:33:79:ec:53:ac:4d:9b:92:ed:
                    be:97:fd:76:b2:47:5f:94:df:39:21:28:1b:e4:ae:
                    8b:98:79:64:f8:3b:23:60:c4:4e:0d:f9:dd:1b:71:
                    c8:76:cb:f8:d9:20:51:e7:16:b4:c4:65:55:ba:7c:
                    18:dc:13:c9:2e:fd:fe:17:62:b3:b3:b0:c5:01:de:
                    8e:ff:6e:d1:9b:4a:1c:92:25:a9:5a:e0:7a:4a:44:
                    c7:de:6b:bb:13:62:43:a0:40:d1:9e:71:5d:e1:18:
                    f7:f0:50:eb:cb:e2:8a:51:d1:7f:37:53:88:43:4a:
                    ce:68:cd:af:3b:87:c3:e2:75:00:49:af:1d:06:00:
                    2d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:74:AE:A6:D5:9D:FC:AE:93:C4:7E:4F:73:0A:AE:96:FD:A7:D0:D2
            X509v3 Authority Key Identifier:
                keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/eXSuptWd_K6TxH5Pcwqulv2n0NI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:22c1::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:0e:8e:ce:e3:90:4f:bf:1d:39:60:73:7a:9e:25:6a:6d:30:
         38:1f:26:67:f3:51:d7:99:de:d3:4a:1d:d8:fd:fa:d3:38:0c:
         3c:22:4a:9f:20:2c:3d:9e:8e:2d:e0:e7:5f:4a:c1:1c:4c:44:
         79:1a:83:b0:f8:01:8a:07:4e:86:5b:47:cb:c9:45:c6:9b:21:
         be:27:99:4a:3f:3f:84:a9:9a:80:9d:d7:f8:d8:a2:ed:c3:5d:
         22:db:ae:e6:a5:e0:03:d8:1d:6f:6c:13:d8:0c:a0:32:20:71:
         10:ba:4a:d7:48:bc:ff:87:44:22:73:40:b8:7c:53:d8:a7:2e:
         a6:e1:16:b0:c1:40:27:f5:eb:bb:9d:e1:f3:a4:25:1a:53:b2:
         02:ab:0f:d5:fc:03:41:c5:55:2a:7b:85:b2:1f:9c:c6:c9:af:
         08:84:3a:bb:63:c5:bc:de:3a:8d:80:61:18:df:78:28:be:3d:
         e3:3b:8d:c0:07:c0:69:39:d2:24:ef:ac:49:79:14:98:38:ec:
         62:0a:e0:00:ae:53:1e:5f:7e:91:8a:9d:7b:eb:69:2d:ec:a6:
         63:02:31:5b:69:8b:23:4e:2b:b1:7c:6b:fb:ff:04:0f:19:e6:
         c3:e9:60:e9:74:d9:92:c4:26:45:3c:61:e4:d7:dc:cd:da:cd:
         4b:30:ab:9c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA/kYKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmFiNmMxMWQ0MTE2MmRiMDMwNjg1OGY4M2U1ZTY1MTIxMTMyYTZiMB4XDTIyMDEw
MTA2MDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk3NGFlYTZkNTlk
ZmNhZTkzYzQ3ZTRmNzMwYWFlOTZmZGE3ZDBkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1SMy4Bh2RmMfC9P8Qj3iOKwEHi+d7UB9XG5gDj1O9V5m5c
38kdSF3yCvUKNJiv+iN87reog1bL5fvGsDQ27lU8vsopj4x/e6RAsZed4j3me7Pe
AN9rt8nL7APz51iUaO8Q0PR2htwly49121k0VC8m5zrcOQNErSVOE0JKM3nsU6xN
m5Ltvpf9drJHX5TfOSEoG+Sui5h5ZPg7I2DETg353RtxyHbL+NkgUecWtMRlVbp8
GNwTyS79/hdis7OwxQHejv9u0ZtKHJIlqVrgekpEx95ruxNiQ6BA0Z5xXeEY9/BQ
68viilHRfzdTiENKzmjNrzuHw+J1AEmvHQYALbECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR5dK6m1Z38rpPEfk9zCq6W/afQ0jAfBgNVHSMEGDAWgBR7q2wR1BFi2wMG
hY+D5eZRIRMqazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2dHNFZFFSWXRzREJvV1BnLVhtVVNFVEttcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8x
L2VYU3VwdFdkX0s2VHhINVBjd3F1bHYybjBOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
ZDMzNGFkLTUyNDAtNGRhYS1hMDUwLTlmNWJmNzM2NzIwZS8xL2U2dHNFZFFSWXRz
REJvV1BnLVhtVVNFVEttcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoHIsEAADANBgkqhkiG9w0BAQsF
AAOCAQEAKA6OzuOQT78dOWBzep4lam0wOB8mZ/NR15ne00od2P360zgMPCJKnyAs
PZ6OLeDnX0rBHExEeRqDsPgBigdOhltHy8lFxpshvieZSj8/hKmagJ3X+Nii7cNd
Ituu5qXgA9gdb2wT2AygMiBxELpK10i8/4dEInNAuHxT2KcupuEWsMFAJ/Xru53h
86QlGlOyAqsP1fwDQcVVKnuFsh+cxsmvCIQ6u2PFvN46jYBhGN94KL494zuNwAfA
aTnSJO+sSXkUmDjsYgrgAK5THl9+kYqde+tpLeymYwIxW2mLI04rsXxr+/8EDxnm
w+lg6XTZksQmRTxh5NfczdrNSzCrnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:35 2024 by rpki-client on console-ams.rpki-client.org