Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/EitNIzWauEZdYujoghR7bhAwJOo.roa
File:                     EitNIzWauEZdYujoghR7bhAwJOo.roa (raw, json)
Hash identifier:          8FpJIhqp6FMS58Vj03w3AZ3bo9HkB35adhg0p1S+ntQ=
Subject key identifier:   12:2B:4D:23:35:9A:B8:46:5D:62:E8:E8:82:14:7B:6E:10:30:24:EA
Certificate issuer:       /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial:       058F1FF3
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/EitNIzWauEZdYujoghR7bhAwJOo.roa
Signing time:             Sat 01 Jan 2022 04:53:06 +0000
ROA not before:           Sat 01 Jan 2022 04:53:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     54699
IP address blocks:        2a0a:4540:11::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93265907 (0x58f1ff3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
        Validity
            Not Before: Jan  1 04:53:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=122b4d23359ab8465d62e8e882147b6e103024ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:ca:45:91:43:a3:c2:db:1c:22:84:98:a1:
                    b0:5c:cf:2e:19:a5:17:70:7a:c1:a2:43:69:88:c2:
                    02:b5:76:e1:11:4e:58:32:60:f0:18:0c:f7:61:fc:
                    f6:94:a1:07:17:8f:2d:14:9e:82:70:4d:c1:63:9a:
                    59:7a:ef:15:94:83:8e:d8:3c:90:28:71:c1:f1:68:
                    97:a2:12:d9:52:bb:2d:05:da:5c:0d:e6:c0:bd:cd:
                    34:20:a0:79:9d:4c:17:5e:ba:4a:4e:63:4b:3f:85:
                    4a:3f:1a:0d:6b:37:a7:59:7b:12:52:5a:bc:8f:74:
                    44:3a:4c:92:9f:85:c0:fe:32:c6:40:c3:a2:5b:d6:
                    01:7a:9e:45:5b:04:d3:95:b6:74:35:72:34:3e:2e:
                    5f:11:64:db:f8:4e:96:2e:86:94:81:7a:64:c0:58:
                    c9:13:37:28:ce:bf:a1:3d:75:58:2e:df:74:de:ed:
                    bd:89:bd:98:bc:93:32:3c:09:8f:e5:2d:ca:33:53:
                    78:ae:01:0a:c1:c7:e9:bf:6e:6e:ea:ba:de:24:60:
                    b5:49:d4:e2:e2:b3:19:07:3e:c7:19:37:33:84:4d:
                    52:09:3d:e8:90:89:4c:c2:bc:43:46:a6:b4:34:c2:
                    e8:fa:18:1d:be:05:c5:30:8a:24:ee:40:b4:da:3f:
                    dd:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:2B:4D:23:35:9A:B8:46:5D:62:E8:E8:82:14:7B:6E:10:30:24:EA
            X509v3 Authority Key Identifier:
                keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/EitNIzWauEZdYujoghR7bhAwJOo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:4540:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:9d:36:1a:db:5b:34:d6:4a:b1:61:f8:5e:74:41:84:58:a4:
         14:d8:6b:7b:40:75:1d:39:8a:d2:2c:da:d3:b8:9e:33:73:0d:
         14:69:be:c1:45:9c:56:05:11:91:18:80:ee:60:2e:9a:dd:eb:
         84:eb:3c:78:4f:17:46:cc:8a:a6:b8:a6:9f:70:e5:b7:f9:eb:
         bc:d8:31:a8:73:a3:d1:52:6e:64:79:87:43:99:00:8a:e3:aa:
         6b:c6:9e:1e:34:71:99:5f:92:22:ef:fc:4d:79:54:52:9c:f5:
         d5:19:c0:63:5b:0f:a4:46:d3:08:84:35:c6:48:1b:05:b2:6e:
         e2:06:62:8b:68:14:d5:c3:78:ce:e5:9a:df:b1:e7:1f:15:c9:
         f2:c9:dd:cb:57:51:54:62:5c:7e:00:f7:c8:b2:3c:f6:26:9d:
         45:db:95:55:2c:0c:1f:65:e0:72:3d:c1:56:1b:0f:ba:3c:49:
         a2:5d:9c:06:de:48:37:8b:3d:7f:c6:a3:37:12:d2:ad:c5:57:
         80:b9:f2:f1:c7:6f:03:53:46:c9:57:e7:b0:bc:1d:b1:65:ea:
         f3:f4:b8:64:24:0c:2d:83:f9:7c:27:04:e6:2c:dd:a8:62:e2:
         22:96:e4:50:0e:1e:1c:c8:9e:75:04:34:aa:c1:7a:dd:1f:7a:
         a3:79:05:c8
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEBY8f8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmFjNTBmMTlkOTkzMGFlZWMwOWNkMjdmNTA4ZmM1MDJlYTE0ZDFmMB4XDTIyMDEw
MTA0NTMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIyYjRkMjMzNTlh
Yjg0NjVkNjJlOGU4ODIxNDdiNmUxMDMwMjRlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFdykWRQ6PC2xwihJihsFzPLhmlF3B6waJDaYjCArV24RFO
WDJg8BgM92H89pShBxePLRSegnBNwWOaWXrvFZSDjtg8kChxwfFol6IS2VK7LQXa
XA3mwL3NNCCgeZ1MF166Sk5jSz+FSj8aDWs3p1l7ElJavI90RDpMkp+FwP4yxkDD
olvWAXqeRVsE05W2dDVyND4uXxFk2/hOli6GlIF6ZMBYyRM3KM6/oT11WC7fdN7t
vYm9mLyTMjwJj+UtyjNTeK4BCsHH6b9ubuq63iRgtUnU4uKzGQc+xxk3M4RNUgk9
6JCJTMK8Q0amtDTC6PoYHb4FxTCKJO5AtNo/3ZECAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQSK00jNZq4Rl1i6OiCFHtuEDAk6jAfBgNVHSMEGDAWgBT7rFDxnZkwruwJ
zSf1CPxQLqFNHzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2Yv
MS9FaXROSXpXYXVFWmRZdWpvZ2hSN2JoQXdKT28ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2YvMS8xLTZ4UThaMlpN
SzdzQ2MwbjlRajhVQzZoVFI4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpFQAARMA0GCSqGSIb3DQEB
CwUAA4IBAQCOnTYa21s01kqxYfhedEGEWKQU2Gt7QHUdOYrSLNrTuJ4zcw0Uab7B
RZxWBRGRGIDuYC6a3euE6zx4TxdGzIqmuKafcOW3+eu82DGoc6PRUm5keYdDmQCK
46prxp4eNHGZX5Ii7/xNeVRSnPXVGcBjWw+kRtMIhDXGSBsFsm7iBmKLaBTVw3jO
5ZrfsecfFcnyyd3LV1FUYlx+APfIsjz2Jp1F25VVLAwfZeByPcFWGw+6PEmiXZwG
3kg3iz1/xqM3EtKtxVeAufLxx28DU0bJV+ewvB2xZerz9LhkJAwtg/l8JwTmLN2o
YuIiluRQDh4cyJ51BDSqwXrdH3qjeQXI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org