Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_sCpoUGelCUodI2Zen-Hi9jzO7I.roa
File:                     _sCpoUGelCUodI2Zen-Hi9jzO7I.roa (raw, json)
Hash identifier:          fkmrpFXLOJvXmSgO6RHra8/WrQzm+wR9qx/rzEH4CVo=
Subject key identifier:   FE:C0:A9:A1:41:9E:94:25:28:74:8D:99:7A:7F:87:8B:D8:F3:3B:B2
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       32FC69F2
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_sCpoUGelCUodI2Zen-Hi9jzO7I.roa
Signing time:             Sat 01 Jan 2022 06:53:16 +0000
ROA not before:           Sat 01 Jan 2022 06:53:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12581
IP address blocks:        2a01:b1c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855402994 (0x32fc69f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 06:53:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fec0a9a1419e942528748d997a7f878bd8f33bb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:52:04:1c:88:f1:d6:03:fa:44:7e:0d:d6:18:
                    e5:11:ec:5c:3a:2c:2a:ce:90:de:5e:34:45:96:e9:
                    0b:2f:aa:fc:ac:a7:18:ac:5a:17:c3:bb:c0:63:0c:
                    a6:e0:01:86:11:67:27:6e:f7:f2:38:ed:e5:25:2b:
                    ba:f6:b5:ac:62:c2:95:9d:e9:5a:b7:44:63:70:cf:
                    a1:da:39:a6:1d:3d:3e:76:f8:4a:86:a1:88:52:a2:
                    ac:35:64:14:3a:eb:c1:24:dd:53:93:ad:b4:79:5b:
                    51:7a:b1:d7:c3:d2:66:88:7c:87:fb:d1:06:30:e9:
                    1c:a8:4a:88:4d:4f:8c:52:e8:e2:38:92:cd:e4:dd:
                    2a:08:a5:ff:c7:f3:5b:bf:a4:d8:e3:a0:a8:2a:22:
                    e6:85:77:ab:fd:23:a5:9e:a2:c4:67:44:06:0f:b5:
                    96:e5:1b:02:75:2f:a1:b2:52:34:a0:07:43:87:2f:
                    a9:65:6d:14:fe:3f:16:e7:d4:57:5a:38:f0:c1:60:
                    5f:99:2f:33:fa:f5:ea:82:e3:62:3c:83:ca:28:ad:
                    27:2e:35:c3:29:bf:ba:46:4e:b5:c0:ba:d8:dc:af:
                    15:37:a9:ad:4e:a7:76:7c:47:0b:83:d5:3d:19:0e:
                    f1:f6:44:ce:40:31:b1:bc:74:15:35:82:80:0b:c3:
                    a8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:C0:A9:A1:41:9E:94:25:28:74:8D:99:7A:7F:87:8B:D8:F3:3B:B2
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/_sCpoUGelCUodI2Zen-Hi9jzO7I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:b1c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:51:5f:36:cc:cd:92:15:ae:6c:ab:fd:23:d6:93:3e:00:bb:
         51:b3:28:c5:05:4b:b3:25:7a:ba:75:b1:9b:5d:fb:ef:d5:f0:
         98:28:e3:bf:51:d2:4d:3c:52:ba:6b:fc:3d:38:15:e7:b2:3b:
         85:41:b4:ea:8d:2e:98:03:b7:fa:b5:de:48:f2:d2:5e:97:ca:
         97:c7:7e:e9:87:d5:c6:6b:6e:fe:c2:c2:08:f3:cc:ff:52:90:
         14:ae:29:a9:95:c3:ef:3f:e1:2b:9f:6f:83:15:1e:5c:5c:10:
         b3:b6:b0:e6:d4:a0:f2:b0:e3:f6:a5:63:d0:68:eb:31:d2:15:
         41:bc:a7:b6:2b:1f:0c:76:f7:64:24:4b:ab:00:0e:d7:b0:e6:
         99:da:d8:1d:4d:c3:12:05:d3:db:10:3e:02:c6:b5:0d:db:e9:
         e9:32:5c:a4:3e:d9:04:cb:7b:25:1b:6b:46:2f:1b:e1:a4:44:
         0e:99:3d:8e:9d:ed:14:b0:99:47:1b:e6:cf:31:38:a4:c4:26:
         be:ed:20:00:70:60:c5:1e:fd:43:28:4d:fe:75:a5:f5:9b:55:
         90:6f:a3:77:8e:43:30:87:82:73:e1:ff:87:f0:af:28:2d:e9:
         a2:b4:cd:4c:d1:ab:ea:0a:ff:16:c5:68:ab:f7:50:e3:34:d6:
         90:2d:4a:b1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEMvxp8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjA3NDMzOWJiMjE2Yjg1YmRjODNkNjE3Nzg4MjFhZGY5MTQ5ZDU2MB4XDTIyMDEw
MTA2NTMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmVjMGE5YTE0MTll
OTQyNTI4NzQ4ZDk5N2E3Zjg3OGJkOGYzM2JiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRSBByI8dYD+kR+DdYY5RHsXDosKs6Q3l40RZbpCy+q/Kyn
GKxaF8O7wGMMpuABhhFnJ2738jjt5SUruva1rGLClZ3pWrdEY3DPodo5ph09Pnb4
SoahiFKirDVkFDrrwSTdU5OttHlbUXqx18PSZoh8h/vRBjDpHKhKiE1PjFLo4jiS
zeTdKgil/8fzW7+k2OOgqCoi5oV3q/0jpZ6ixGdEBg+1luUbAnUvobJSNKAHQ4cv
qWVtFP4/FufUV1o48MFgX5kvM/r16oLjYjyDyiitJy41wym/ukZOtcC62NyvFTep
rU6ndnxHC4PVPRkO8fZEzkAxsbx0FTWCgAvDqPkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT+wKmhQZ6UJSh0jZl6f4eL2PM7sjAfBgNVHSMEGDAWgBSiB0M5uyFrhb3I
PWF3iCGt+RSdVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29nZERPYnNoYTRXOXlEMWhkNGdocmZrVW5WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8x
L19zQ3BvVUdlbENVb2RJMlplbi1IaTlqek83SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8xL29nZERPYnNoYTRX
OXlEMWhkNGdocmZrVW5WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBsccwDQYJKoZIhvcNAQELBQAD
ggEBAAhRXzbMzZIVrmyr/SPWkz4Au1GzKMUFS7Mlerp1sZtd++/V8Jgo479R0k08
Urpr/D04FeeyO4VBtOqNLpgDt/q13kjy0l6XypfHfumH1cZrbv7CwgjzzP9SkBSu
KamVw+8/4Sufb4MVHlxcELO2sObUoPKw4/alY9Bo6zHSFUG8p7YrHwx292QkS6sA
Dtew5pna2B1NwxIF09sQPgLGtQ3b6ekyXKQ+2QTLeyUba0YvG+GkRA6ZPY6d7RSw
mUcb5s8xOKTEJr7tIABwYMUe/UMoTf51pfWbVZBvo3eOQzCHgnPh/4fwrygt6aK0
zUzRq+oK/xbFaKv3UOM01pAtSrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:13 2024 by rpki-client on console-fra.rpki-client.org