Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/L7hJbRNdYCQPFYiAVriQaChTA0c.roa
File:                     L7hJbRNdYCQPFYiAVriQaChTA0c.roa (raw, json)
Hash identifier:          KX3G/6Lqy18JdIB4Pb9f4CMm9flXoOjCF0K9lkVhVlo=
Subject key identifier:   2F:B8:49:6D:13:5D:60:24:0F:15:88:80:56:B8:90:68:28:53:03:47
Certificate issuer:       /CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
Certificate serial:       0181EF87E6C1D2A2962998D648BC83B62D7E
Authority key identifier: B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/L7hJbRNdYCQPFYiAVriQaChTA0c.roa
Signing time:             Mon 11 Jul 2022 23:11:09 +0000
ROA not before:           Mon 11 Jul 2022 23:11:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204186
IP address blocks:        2001:67c:a38::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ef:87:e6:c1:d2:a2:96:29:98:d6:48:bc:83:b6:2d:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51
        Validity
            Not Before: Jul 11 23:11:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2fb8496d135d60240f15888056b8906828530347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5f:5d:50:2e:3b:0e:77:cc:99:3d:30:16:dc:
                    70:c9:a3:fb:8d:32:41:8e:a4:73:29:98:4f:54:63:
                    73:84:81:c4:46:7a:9c:9a:87:ef:03:fa:3a:f3:f1:
                    f6:89:04:20:bd:5a:70:71:6c:8c:22:46:64:4c:d1:
                    82:2a:e4:0f:54:fa:5c:79:2b:c3:be:5b:36:0d:1a:
                    ca:54:f0:48:09:6b:c2:3f:70:f0:4b:45:ee:46:51:
                    8e:80:1e:8b:c8:37:15:0f:d7:c9:68:50:95:20:1b:
                    89:db:73:9e:8f:af:2b:37:66:0d:2c:63:0b:be:8c:
                    ff:b0:57:97:92:1c:24:ba:81:72:b7:b5:ed:7b:20:
                    7a:be:07:30:cf:d3:8a:9e:2a:9c:6f:48:1c:48:c4:
                    c1:f8:70:76:92:62:f5:c9:53:24:a2:8a:67:41:e6:
                    95:34:fb:f2:c2:57:97:15:a8:c3:8c:2f:25:dc:9f:
                    a3:ef:01:09:aa:fa:da:65:d0:96:3f:8a:ff:f9:6e:
                    9a:ce:15:9f:21:de:0c:0a:1d:77:db:51:f6:80:9b:
                    65:86:dc:b7:00:ec:01:f4:c2:7d:fd:70:d7:da:11:
                    9c:7a:37:4b:78:bb:a4:96:57:88:c0:cf:58:9a:64:
                    08:61:61:64:a8:5b:1c:29:d5:56:fd:98:d2:d8:aa:
                    4d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:B8:49:6D:13:5D:60:24:0F:15:88:80:56:B8:90:68:28:53:03:47
            X509v3 Authority Key Identifier:
                keyid:B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/L7hJbRNdYCQPFYiAVriQaChTA0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:a38::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:0f:a7:01:f8:79:43:f9:1a:30:cf:6d:64:ce:11:39:28:c6:
         76:a6:5d:20:eb:e7:68:6e:54:ca:33:58:7c:b7:7c:ae:b5:3b:
         ae:d4:dc:3e:b5:d4:85:36:6f:60:f2:d4:d8:a9:b3:35:45:82:
         e2:f5:d2:a7:84:4c:76:b1:1f:61:57:9d:5e:3f:b9:99:30:01:
         50:68:a3:89:a1:85:64:a3:f8:35:01:73:45:0d:a8:be:b0:4c:
         ee:7c:49:0a:d1:5f:cf:4b:c8:bc:30:48:9a:37:4d:8d:1d:ab:
         53:1a:ec:47:f9:e0:f5:e0:f2:83:b6:ac:b3:2b:9f:5c:c2:a8:
         85:75:0d:69:3f:3b:73:ca:86:e1:ac:b3:8d:28:4b:13:e0:ac:
         92:79:52:48:01:01:e1:70:60:e4:e6:b8:24:69:c0:66:7a:ab:
         59:98:81:07:a6:e6:3d:73:f1:6e:9e:e3:3f:32:10:09:a1:8d:
         72:07:85:c7:82:43:95:cc:e1:a1:15:ec:98:ee:bf:c5:6a:e6:
         23:c6:30:74:88:2a:f9:9e:98:dd:51:08:40:19:c9:b2:a3:0f:
         71:2e:00:0f:f8:10:52:42:a9:d8:b2:97:ea:4f:c6:cf:ae:52:
         59:25:22:11:1d:39:83:ff:1f:5e:d7:11:7e:e1:46:a2:27:83:
         b3:1d:ff:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYHvh+bB0qKWKZjWSLyDti1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2NkYTFjNTQ4N2NiOTM4ZDU3ZWE2MWNjMmQ2MmQzMTA3
MGRiNTEwHhcNMjIwNzExMjMxMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI4NDk2ZDEzNWQ2MDI0MGYxNTg4ODA1NmI4OTA2ODI4NTMwMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu19dUC47DnfMmT0wFtxwyaP7jTJB
jqRzKZhPVGNzhIHERnqcmofvA/o68/H2iQQgvVpwcWyMIkZkTNGCKuQPVPpceSvD
vls2DRrKVPBICWvCP3DwS0XuRlGOgB6LyDcVD9fJaFCVIBuJ23Oej68rN2YNLGML
voz/sFeXkhwkuoFyt7XteyB6vgcwz9OKniqcb0gcSMTB+HB2kmL1yVMkoopnQeaV
NPvywleXFajDjC8l3J+j7wEJqvraZdCWP4r/+W6azhWfId4MCh1321H2gJtlhty3
AOwB9MJ9/XDX2hGcejdLeLuklleIwM9YmmQIYWFkqFscKdVW/ZjS2KpNOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC+4SW0TXWAkDxWIgFa4kGgoUwNHMB8GA1UdIwQY
MBaAFLLM2hxUh8uTjVfqYcwtYtMQcNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzIt
M2RiOTYxNzAzZWE5LzEvTDdoSmJSTmRZQ1FQRllpQVZyaVFhQ2hUQTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzItM2RiOTYxNzAzZWE5
LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAo4
MA0GCSqGSIb3DQEBCwUAA4IBAQAfD6cB+HlD+Rowz21kzhE5KMZ2pl0g6+doblTK
M1h8t3yutTuu1Nw+tdSFNm9g8tTYqbM1RYLi9dKnhEx2sR9hV51eP7mZMAFQaKOJ
oYVko/g1AXNFDai+sEzufEkK0V/PS8i8MEiaN02NHatTGuxH+eD14PKDtqyzK59c
wqiFdQ1pPztzyobhrLONKEsT4KySeVJIAQHhcGDk5rgkacBmeqtZmIEHpuY9c/Fu
nuM/MhAJoY1yB4XHgkOVzOGhFeyY7r/FauYjxjB0iCr5npjdUQhAGcmyow9xLgAP
+BBSQqnYspfqT8bPrlJZJSIRHTmD/x9e1xF+4UaiJ4OzHf/F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org