Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/405d9b-1073-4cd7-90eb-e8f60cab1866/1/4ttcGlT_1mtACevep7LhQDjBbro.roa
File:                     4ttcGlT_1mtACevep7LhQDjBbro.roa (raw, json)
Hash identifier:          NoG/gesEF3MU8KhLr2NM0GFyCfOKHEeggOZMEDa7ZrM=
Subject key identifier:   E2:DB:5C:1A:54:FF:D6:6B:40:09:EB:DE:A7:B2:E1:40:38:C1:6E:BA
Certificate issuer:       /CN=fbb0301ef6ff5897b5be2c941ddb51978fd489ff
Certificate serial:       022CCD58
Authority key identifier: FB:B0:30:1E:F6:FF:58:97:B5:BE:2C:94:1D:DB:51:97:8F:D4:89:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-7AwHvb_WJe1viyUHdtRl4_Uif8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/405d9b-1073-4cd7-90eb-e8f60cab1866/1/4ttcGlT_1mtACevep7LhQDjBbro.roa
Signing time:             Sat 01 Jan 2022 04:55:45 +0000
ROA not before:           Sat 01 Jan 2022 04:55:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211479
IP address blocks:        2001:67c:109c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36490584 (0x22ccd58)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbb0301ef6ff5897b5be2c941ddb51978fd489ff
        Validity
            Not Before: Jan  1 04:55:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2db5c1a54ffd66b4009ebdea7b2e14038c16eba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:d8:85:ce:90:12:1e:d2:e9:fa:3a:0a:94:45:
                    1e:7f:b2:79:ad:ed:6f:9a:fa:89:25:49:94:fa:52:
                    43:7a:58:c4:2c:0b:0b:b8:fb:33:cd:b2:cc:19:60:
                    c6:a4:9a:34:ce:a3:30:1e:e0:91:47:74:10:c3:12:
                    1d:33:4d:55:49:d6:37:e2:d8:f8:b9:a9:b0:59:97:
                    73:fa:52:61:97:88:b2:a7:f5:19:4c:74:2c:fb:27:
                    65:e7:84:88:d7:c3:42:ce:ca:13:05:38:a3:c3:5b:
                    d4:81:83:31:72:b0:d8:52:f7:2c:45:bd:b4:eb:17:
                    08:6a:e3:c3:ac:95:8d:22:73:4d:ba:6e:29:32:f9:
                    d2:fd:5d:f3:50:86:3f:59:5e:33:28:99:eb:7d:58:
                    82:a9:d3:e0:79:54:fb:86:ef:58:88:2f:f8:90:ae:
                    45:84:6b:db:ff:e6:24:24:1e:c1:be:ea:9e:fc:4b:
                    c9:cb:dd:1f:6c:36:5d:a2:ff:a2:dc:69:76:f7:2c:
                    31:c0:d5:01:08:d0:06:bf:71:9d:e8:fd:47:b6:9a:
                    bc:bc:62:18:86:b6:da:50:50:8f:91:c3:0b:f9:43:
                    e1:be:00:7f:ce:fb:eb:3d:8a:46:f7:fd:50:b8:89:
                    b6:b0:92:c6:a3:ce:76:9b:6f:62:b4:cc:3b:6d:14:
                    d4:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:DB:5C:1A:54:FF:D6:6B:40:09:EB:DE:A7:B2:E1:40:38:C1:6E:BA
            X509v3 Authority Key Identifier:
                keyid:FB:B0:30:1E:F6:FF:58:97:B5:BE:2C:94:1D:DB:51:97:8F:D4:89:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-7AwHvb_WJe1viyUHdtRl4_Uif8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/405d9b-1073-4cd7-90eb-e8f60cab1866/1/4ttcGlT_1mtACevep7LhQDjBbro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/405d9b-1073-4cd7-90eb-e8f60cab1866/1/1-7AwHvb_WJe1viyUHdtRl4_Uif8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:109c::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:a9:54:2b:ee:57:a8:fa:3e:55:67:09:ab:e1:07:c1:cf:e5:
         a6:3a:87:ea:be:09:ac:8b:ee:3a:b2:f7:a5:34:ce:46:4c:2c:
         92:fa:7e:02:ec:5e:32:01:66:a3:60:6d:3e:fc:0b:e8:eb:5e:
         66:3a:a3:19:04:cc:95:85:b5:71:7a:e8:8b:14:bb:fd:1b:c1:
         39:2f:92:58:ed:ab:c2:0c:da:08:f5:ce:68:3e:f3:1a:c6:5e:
         4c:d6:c1:d0:c5:d2:83:c5:ab:76:a2:a7:40:86:54:43:57:bf:
         cf:bf:ca:ec:dd:be:e7:a5:fd:76:3c:c5:5c:90:45:14:8d:4e:
         e1:11:a4:92:05:9d:7f:c7:8c:fd:00:49:d3:60:e4:57:8e:0f:
         f4:f7:20:c3:07:aa:5c:a6:0b:a1:82:ef:f0:51:b3:87:ca:c7:
         c3:c9:14:81:0a:e1:3e:cd:38:6f:04:8d:2c:82:6e:fb:12:58:
         79:37:a8:a6:8f:13:6d:24:91:ed:3e:ca:3e:1c:a3:aa:c3:c5:
         ef:da:b6:b0:fc:98:a2:f3:b9:14:8c:2f:02:be:3f:3c:4c:dd:
         79:50:1d:25:80:2c:21:8a:23:7c:81:a8:79:e4:0e:d7:22:91:
         a2:57:09:83:1d:e6:4c:1f:f6:18:f2:72:07:b8:1a:02:5d:f8:
         23:ac:af:94
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEAizNWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmIwMzAxZWY2ZmY1ODk3YjViZTJjOTQxZGRiNTE5NzhmZDQ4OWZmMB4XDTIyMDEw
MTA0NTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkYjVjMWE1NGZm
ZDY2YjQwMDllYmRlYTdiMmUxNDAzOGMxNmViYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzYhc6QEh7S6fo6CpRFHn+yea3tb5r6iSVJlPpSQ3pYxCwL
C7j7M82yzBlgxqSaNM6jMB7gkUd0EMMSHTNNVUnWN+LY+LmpsFmXc/pSYZeIsqf1
GUx0LPsnZeeEiNfDQs7KEwU4o8Nb1IGDMXKw2FL3LEW9tOsXCGrjw6yVjSJzTbpu
KTL50v1d81CGP1leMyiZ631YgqnT4HlU+4bvWIgv+JCuRYRr2//mJCQewb7qnvxL
ycvdH2w2XaL/otxpdvcsMcDVAQjQBr9xnej9R7aavLxiGIa22lBQj5HDC/lD4b4A
f8776z2KRvf9ULiJtrCSxqPOdptvYrTMO20U1L0CAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBTi21waVP/Wa0AJ696nsuFAOMFuujAfBgNVHSMEGDAWgBT7sDAe9v9Yl7W+
LJQd21GXj9SJ/zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtN0F3SHZiX1dKZTF2aXlVSGR0Umw0X1VpZjguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzUwLzQwNWQ5Yi0xMDczLTRjZDctOTBlYi1lOGY2MGNhYjE4NjYv
MS80dHRjR2xUXzFtdEFDZXZlcDdMaFFEakJicm8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUw
LzQwNWQ5Yi0xMDczLTRjZDctOTBlYi1lOGY2MGNhYjE4NjYvMS8xLTdBd0h2Yl9X
SmUxdml5VUhkdFJsNF9VaWY4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBCcMA0GCSqGSIb3DQEB
CwUAA4IBAQAZqVQr7leo+j5VZwmr4QfBz+WmOofqvgmsi+46svelNM5GTCyS+n4C
7F4yAWajYG0+/Avo615mOqMZBMyVhbVxeuiLFLv9G8E5L5JY7avCDNoI9c5oPvMa
xl5M1sHQxdKDxat2oqdAhlRDV7/Pv8rs3b7npf12PMVckEUUjU7hEaSSBZ1/x4z9
AEnTYORXjg/09yDDB6pcpguhgu/wUbOHysfDyRSBCuE+zThvBI0sgm77Elh5N6im
jxNtJJHtPso+HKOqw8Xv2raw/Jii87kUjC8Cvj88TN15UB0lgCwhiiN8gah55A7X
IpGiVwmDHeZMH/YY8nIHuBoCXfgjrK+U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:13 2024 by rpki-client on console-fra.rpki-client.org