Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/vduY_mANTFqrU2deNHJevUleaXM.roa
File:                     vduY_mANTFqrU2deNHJevUleaXM.roa (raw, json)
Hash identifier:          JIZdhHtFp/LRisiNTXmA4hVTHsSD3vQYeuT/NrYxcfk=
Subject key identifier:   BD:DB:98:FE:60:0D:4C:5A:AB:53:67:5E:34:72:5E:BD:49:5E:69:73
Certificate issuer:       /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial:       06E7758F
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/vduY_mANTFqrU2deNHJevUleaXM.roa
Signing time:             Wed 25 May 2022 12:04:14 +0000
ROA not before:           Wed 25 May 2022 12:04:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213396
IP address blocks:        2a0a:4540:3000::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115832207 (0x6e7758f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
        Validity
            Not Before: May 25 12:04:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bddb98fe600d4c5aab53675e34725ebd495e6973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f1:cc:3e:96:55:95:b2:a8:b2:e5:6a:54:26:
                    59:f2:9e:00:c9:f9:92:6b:da:18:a5:c6:f2:f8:79:
                    d4:82:e9:39:3a:4b:c5:71:96:5d:35:bc:de:29:ac:
                    47:be:a9:37:a2:80:d7:69:fc:12:69:66:b4:9e:9d:
                    e8:90:d9:b9:0b:7d:0b:00:88:d1:25:c9:1f:8f:5d:
                    be:b8:fc:52:13:5c:05:7d:2f:ff:97:93:8a:32:16:
                    c0:94:54:17:ce:4c:93:9e:33:77:f6:de:a5:6a:77:
                    d4:a6:63:3f:56:05:e5:b5:8a:5f:0f:71:17:b0:9e:
                    7c:35:bf:7b:d8:0a:7b:09:9b:af:64:c1:41:59:54:
                    86:7f:e0:e9:1b:91:6f:4b:c0:97:bd:26:cd:69:6f:
                    bd:89:51:7b:bf:de:c1:9d:38:60:09:18:0a:94:de:
                    0b:da:85:bb:5f:80:a9:25:36:a8:df:15:d2:6e:a2:
                    57:2e:69:56:78:df:c5:4a:fa:9e:3d:1a:8f:02:18:
                    2a:b7:81:bd:42:c2:8a:83:d9:f6:c7:e7:f7:48:d6:
                    74:70:40:8a:ba:76:65:03:5f:f3:d8:d3:a3:33:35:
                    9b:09:f3:d6:55:38:b9:80:7d:71:d0:f0:c3:24:4b:
                    87:ec:59:d6:67:a0:bd:63:23:5c:dd:f7:45:db:70:
                    4e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:DB:98:FE:60:0D:4C:5A:AB:53:67:5E:34:72:5E:BD:49:5E:69:73
            X509v3 Authority Key Identifier:
                keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/vduY_mANTFqrU2deNHJevUleaXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:4540:3000::/48

    Signature Algorithm: sha256WithRSAEncryption
         3e:78:88:e8:e3:62:c9:2d:3e:82:5e:1f:96:06:c5:e9:c4:3b:
         6c:c7:d5:29:a5:a6:8a:be:a2:2c:0c:98:4d:21:f3:7f:75:a2:
         d2:17:30:42:d2:07:2c:3e:61:8e:54:b0:04:1e:53:2c:e3:ac:
         50:4b:6c:4f:45:5b:f8:8d:a4:5e:5e:36:0e:fc:85:ec:88:06:
         0b:db:72:58:76:8d:f6:4a:1f:b9:f9:6c:5c:d0:b9:be:9a:c3:
         4f:c9:2b:78:09:24:3e:17:02:0a:64:a0:81:fa:a3:62:28:18:
         fd:39:f2:16:f8:da:00:eb:6d:d5:e6:bd:fd:35:16:86:1f:cc:
         c5:8e:0e:20:74:e5:48:1b:87:6d:f2:df:5c:e8:23:ca:9c:52:
         83:9b:35:6e:42:09:a3:94:00:48:f3:01:07:b4:db:0c:52:87:
         33:57:24:89:9f:76:d6:42:f9:c4:d8:fb:8a:48:cf:ca:0f:6e:
         08:96:e6:26:9f:c7:b1:74:e3:62:b9:14:ab:81:f0:ee:dc:9c:
         bb:b0:1a:d3:86:d9:33:da:22:81:54:b5:2b:87:1e:0c:0e:a3:
         6e:ae:3b:20:e3:e4:a2:f3:b1:9e:dc:7a:7c:0d:b6:bc:81:44:
         a3:23:81:b9:41:f8:a2:cf:ec:a5:b9:8c:e9:76:cd:19:c4:79:
         73:c6:0f:82
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEBud1jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmFjNTBmMTlkOTkzMGFlZWMwOWNkMjdmNTA4ZmM1MDJlYTE0ZDFmMB4XDTIyMDUy
NTEyMDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRkYjk4ZmU2MDBk
NGM1YWFiNTM2NzVlMzQ3MjVlYmQ0OTVlNjk3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrxzD6WVZWyqLLlalQmWfKeAMn5kmvaGKXG8vh51ILpOTpL
xXGWXTW83imsR76pN6KA12n8EmlmtJ6d6JDZuQt9CwCI0SXJH49dvrj8UhNcBX0v
/5eTijIWwJRUF85Mk54zd/bepWp31KZjP1YF5bWKXw9xF7CefDW/e9gKewmbr2TB
QVlUhn/g6RuRb0vAl70mzWlvvYlRe7/ewZ04YAkYCpTeC9qFu1+AqSU2qN8V0m6i
Vy5pVnjfxUr6nj0ajwIYKreBvULCioPZ9sfn90jWdHBAirp2ZQNf89jTozM1mwnz
1lU4uYB9cdDwwyRLh+xZ1megvWMjXN33RdtwTtcCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBS925j+YA1MWqtTZ140cl69SV5pczAfBgNVHSMEGDAWgBT7rFDxnZkwruwJ
zSf1CPxQLqFNHzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2Yv
MS92ZHVZX21BTlRGcXJVMmRlTkhKZXZVbGVhWE0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2YvMS8xLTZ4UThaMlpN
SzdzQ2MwbjlRajhVQzZoVFI4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpFQDAAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+eIjo42LJLT6CXh+WBsXpxDtsx9UppaaKvqIsDJhNIfN/daLSFzBC
0gcsPmGOVLAEHlMs46xQS2xPRVv4jaReXjYO/IXsiAYL23JYdo32Sh+5+Wxc0Lm+
msNPySt4CSQ+FwIKZKCB+qNiKBj9OfIW+NoA623V5r39NRaGH8zFjg4gdOVIG4dt
8t9c6CPKnFKDmzVuQgmjlABI8wEHtNsMUoczVySJn3bWQvnE2PuKSM/KD24IluYm
n8exdONiuRSrgfDu3Jy7sBrThtkz2iKBVLUrhx4MDqNurjsg4+Si87Ge3Hp8Dba8
gUSjI4G5Qfiiz+yluYzpds0ZxHlzxg+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org