Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/O-s1LEukMszZjOYEYRQF5snpcP0.roa
File:                     O-s1LEukMszZjOYEYRQF5snpcP0.roa (raw, json)
Hash identifier:          PZ+F6TM6L3ad2Nq56JYNSFjKMy6FFkpvMgz/fYMo+1I=
Subject key identifier:   3B:EB:35:2C:4B:A4:32:CC:D9:8C:E6:04:61:14:05:E6:C9:E9:70:FD
Certificate issuer:       /CN=edb926f8c603aab79cb46a883bf632564a3faabf
Certificate serial:       0182A1A3608CD6EC5982525B34529183399A
Authority key identifier: ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/O-s1LEukMszZjOYEYRQF5snpcP0.roa
Signing time:             Mon 15 Aug 2022 13:13:35 +0000
ROA not before:           Mon 15 Aug 2022 13:13:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25369
IP address blocks:        2a03:b000:a00::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a1:a3:60:8c:d6:ec:59:82:52:5b:34:52:91:83:39:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb926f8c603aab79cb46a883bf632564a3faabf
        Validity
            Not Before: Aug 15 13:13:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3beb352c4ba432ccd98ce604611405e6c9e970fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:84:61:c5:9f:bd:73:62:c4:b4:55:07:49:4d:
                    97:31:fe:0f:0c:1a:c9:96:b8:06:5e:ac:48:3b:95:
                    4f:8d:f2:79:5b:8c:26:c5:48:0b:4c:10:ca:a9:43:
                    06:99:59:ea:1b:cc:a1:4f:46:45:c7:b1:4a:52:c2:
                    57:58:45:4e:f7:15:60:e1:85:85:b7:9a:23:bc:d3:
                    6a:33:2b:84:da:19:c0:c7:2c:b5:9b:a9:b5:e4:5c:
                    0d:67:1e:5c:e1:57:8c:08:b4:19:37:0d:a9:d2:5a:
                    45:6e:bb:af:81:af:b2:f7:24:c0:37:87:1b:1c:21:
                    c5:18:e4:38:9d:7d:04:ad:d8:fc:e3:28:15:b4:f3:
                    b4:a6:1b:4a:1e:6b:28:d6:6b:7a:ea:69:b0:0e:a6:
                    cc:03:97:15:dd:85:3c:8f:f5:0e:c0:ba:33:85:3d:
                    48:32:4a:e3:33:7d:7d:74:af:9f:58:06:bf:87:c6:
                    04:4f:73:ae:9f:9f:d1:c8:bb:a6:f8:ff:c5:a0:0f:
                    b9:d0:25:03:04:da:f1:3c:95:74:e0:60:8e:7f:d5:
                    3d:06:6d:7e:fb:be:96:1d:5c:29:65:6d:d4:41:10:
                    ca:b5:e6:07:59:a8:8c:72:16:57:0e:ef:b0:c9:8b:
                    de:9c:3a:69:f7:e6:0b:a9:67:b4:8e:9a:0b:6a:48:
                    ab:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:EB:35:2C:4B:A4:32:CC:D9:8C:E6:04:61:14:05:E6:C9:E9:70:FD
            X509v3 Authority Key Identifier:
                keyid:ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/O-s1LEukMszZjOYEYRQF5snpcP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:b000:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         53:66:59:1a:40:cf:8a:d0:1e:9e:81:78:3a:a8:99:25:2a:68:
         9d:a7:5e:58:c6:bf:4d:a2:36:5a:f7:cd:74:2a:bf:89:77:b9:
         98:45:d7:49:d6:8d:c6:73:ca:65:71:3d:0e:c7:b0:b7:96:ed:
         75:5d:96:07:7c:28:6d:dc:7a:1e:9f:52:25:bc:64:a2:9d:a1:
         2a:e7:55:88:11:e5:cb:c2:e1:94:ef:a4:22:c5:e9:77:b7:ff:
         01:4b:e8:a6:19:77:06:b2:05:2a:85:a4:38:44:c9:40:a8:0a:
         8a:26:30:42:58:a9:75:5b:79:13:f4:52:cc:0e:0d:88:da:52:
         b9:91:bb:09:f5:4a:b3:ab:20:af:22:3b:29:02:75:b9:9a:6e:
         c8:ca:ab:1a:29:1a:a5:b3:f6:75:9b:d7:73:96:0e:0b:9d:95:
         7e:b1:26:68:57:04:85:b7:8b:0e:98:5d:6a:d6:d4:10:98:3f:
         e7:a8:25:75:1f:23:30:cd:64:7c:a0:b9:2d:1b:3f:43:c3:ea:
         b2:ea:30:7a:29:d7:41:d3:6c:d3:cf:04:e8:cb:da:55:71:e8:
         4e:f0:cc:6d:40:dc:53:43:31:b8:cb:4e:bd:cb:2a:4e:c0:63:
         98:ec:f6:21:0c:c0:a1:71:47:55:15:e2:82:bc:cd:69:91:2f:
         f5:4a:a7:75
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYKho2CM1uxZglJbNFKRgzmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjkyNmY4YzYwM2FhYjc5Y2I0NmE4ODNiZjYzMjU2NGEz
ZmFhYmYwHhcNMjIwODE1MTMxMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmViMzUyYzRiYTQzMmNjZDk4Y2U2MDQ2MTE0MDVlNmM5ZTk3MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYRhxZ+9c2LEtFUHSU2XMf4PDBrJ
lrgGXqxIO5VPjfJ5W4wmxUgLTBDKqUMGmVnqG8yhT0ZFx7FKUsJXWEVO9xVg4YWF
t5ojvNNqMyuE2hnAxyy1m6m15FwNZx5c4VeMCLQZNw2p0lpFbruvga+y9yTAN4cb
HCHFGOQ4nX0Erdj84ygVtPO0phtKHmso1mt66mmwDqbMA5cV3YU8j/UOwLozhT1I
MkrjM319dK+fWAa/h8YET3Oun5/RyLum+P/FoA+50CUDBNrxPJV04GCOf9U9Bm1+
+76WHVwpZW3UQRDKteYHWaiMchZXDu+wyYvenDpp9+YLqWe0jpoLakirCwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDvrNSxLpDLM2YzmBGEUBebJ6XD9MB8GA1UdIwQY
MBaAFO25JvjGA6q3nLRqiDv2MlZKP6q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2Mt
M2JkMTk3OGJmMmY2LzEvTy1zMUxFdWtNc3paak9ZRVlSUUY1c25wY1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2MtM2JkMTk3OGJmMmY2
LzEvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgOwAAow
DQYJKoZIhvcNAQELBQADggEBAFNmWRpAz4rQHp6BeDqomSUqaJ2nXljGv02iNlr3
zXQqv4l3uZhF10nWjcZzymVxPQ7HsLeW7XVdlgd8KG3ceh6fUiW8ZKKdoSrnVYgR
5cvC4ZTvpCLF6Xe3/wFL6KYZdwayBSqFpDhEyUCoCoomMEJYqXVbeRP0UswODYja
UrmRuwn1SrOrIK8iOykCdbmabsjKqxopGqWz9nWb13OWDgudlX6xJmhXBIW3iw6Y
XWrW1BCYP+eoJXUfIzDNZHyguS0bP0PD6rLqMHop10HTbNPPBOjL2lVx6E7wzG1A
3FNDMbjLTr3LKk7AY5js9iEMwKFxR1UV4oK8zWmRL/VKp3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:37 2024 by rpki-client on console-fra.rpki-client.org