Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2uqcw7hfFXrDAGAT6SpDSzQSEog.roa
File:                     2uqcw7hfFXrDAGAT6SpDSzQSEog.roa (raw, json)
Hash identifier:          F98s8VA5F3Lwb5j4/r4fumiO4m5KH43EWpmFqg5HPjk=
Subject key identifier:   DA:EA:9C:C3:B8:5F:15:7A:C3:00:60:13:E9:2A:43:4B:34:12:12:88
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0183F4CF54D519254828EC5E67FC595D0B59
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2uqcw7hfFXrDAGAT6SpDSzQSEog.roa
Signing time:             Thu 20 Oct 2022 09:52:51 +0000
ROA not before:           Thu 20 Oct 2022 09:52:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43419
IP address blocks:        2a04:3a40:8000::/33 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:cf:54:d5:19:25:48:28:ec:5e:67:fc:59:5d:0b:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Oct 20 09:52:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=daea9cc3b85f157ac3006013e92a434b34121288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:17:ae:25:56:cc:f1:04:77:a0:e5:8f:05:53:
                    2d:bc:a4:38:b3:b3:ee:a3:ed:5f:78:fd:ad:39:87:
                    b5:47:28:4b:bc:36:f9:e1:8e:ec:a1:5b:9c:6d:9f:
                    23:e9:eb:91:d1:a4:86:af:38:62:d6:3e:7b:d1:9a:
                    e5:00:87:bc:41:7d:6f:3c:d9:e4:fb:3a:4e:a6:72:
                    a0:53:d8:9d:6a:72:a1:95:d7:98:79:cb:cb:17:00:
                    e3:04:3f:57:bd:f1:e8:85:b1:b7:5a:aa:21:e7:b1:
                    bc:1b:21:2d:de:f6:37:92:bf:34:1c:2e:97:9b:32:
                    71:7b:a5:79:d4:17:ae:2f:9c:7c:6a:e0:44:a4:4c:
                    09:89:ad:a4:07:9a:84:26:84:a7:42:ee:c5:1e:1c:
                    10:05:cc:92:e6:a6:df:80:cd:34:5b:d7:5f:ea:7c:
                    0a:d1:f5:de:26:73:ba:8e:e9:82:44:42:e9:db:95:
                    7b:77:22:13:f6:d4:68:0e:0a:80:27:a0:0d:40:b3:
                    25:30:60:57:1b:b0:36:e7:92:a2:4f:94:ec:bd:e1:
                    cc:68:8f:e8:0d:56:00:94:dd:f7:be:84:03:4b:0e:
                    64:e0:34:e3:7f:b1:85:6d:da:19:ec:63:fb:5e:b8:
                    a1:c8:94:bb:e5:00:b8:78:5a:ff:57:29:05:18:ba:
                    56:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:EA:9C:C3:B8:5F:15:7A:C3:00:60:13:E9:2A:43:4B:34:12:12:88
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2uqcw7hfFXrDAGAT6SpDSzQSEog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:3a40:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         31:a8:13:75:77:d8:e8:f6:7b:d2:fb:ec:bc:33:62:17:ae:00:
         54:ac:40:e4:6b:8e:81:e2:be:dc:9e:04:a2:54:d9:51:62:21:
         e3:50:90:bf:a0:9e:50:24:2f:7d:e0:a8:82:79:50:49:8e:d1:
         31:64:fd:02:48:f0:1b:6b:c6:46:57:73:bb:93:1d:88:b0:e8:
         17:2a:af:81:d4:f8:6b:af:34:f6:be:3f:d9:55:99:e5:45:6f:
         45:70:4a:14:65:c6:2d:68:c7:4d:e1:bc:ac:03:32:d4:f2:f6:
         ff:1a:a3:a4:a9:db:9a:da:bb:1a:9f:fd:b8:79:c4:95:5d:df:
         8c:d9:4c:57:60:dc:36:d5:12:76:39:53:01:1a:f0:92:eb:b7:
         e5:60:c8:d1:42:a4:9d:be:be:e1:11:c9:3c:cc:35:b8:e1:3c:
         b8:84:6d:ad:40:9a:f3:55:bd:08:aa:1b:33:2a:01:85:0b:c4:
         21:cd:d9:85:71:ef:de:dd:bb:4c:b1:01:a7:ec:2c:2c:9e:58:
         e2:d2:12:78:11:ed:58:e2:a6:0d:95:c5:03:d1:2e:83:1d:e0:
         b0:fc:05:7d:8e:1f:9e:25:36:a9:2e:40:a4:c2:75:7e:c1:4d:
         47:c0:14:cc:8c:05:da:41:af:7c:de:59:cd:80:c8:d6:5e:0d:
         5f:32:87:9c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYP0z1TVGSVIKOxeZ/xZXQtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMDIwMDk1MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWVhOWNjM2I4NWYxNTdhYzMwMDYwMTNlOTJhNDM0YjM0MTIxMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxReuJVbM8QR3oOWPBVMtvKQ4s7Pu
o+1feP2tOYe1RyhLvDb54Y7soVucbZ8j6euR0aSGrzhi1j570ZrlAIe8QX1vPNnk
+zpOpnKgU9idanKhldeYecvLFwDjBD9XvfHohbG3Wqoh57G8GyEt3vY3kr80HC6X
mzJxe6V51BeuL5x8auBEpEwJia2kB5qEJoSnQu7FHhwQBcyS5qbfgM00W9df6nwK
0fXeJnO6jumCRELp25V7dyIT9tRoDgqAJ6ANQLMlMGBXG7A255KiT5TsveHMaI/o
DVYAlN33voQDSw5k4DTjf7GFbdoZ7GP7XrihyJS75QC4eFr/VykFGLpWmwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNrqnMO4XxV6wwBgE+kqQ0s0EhKIMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMnVxY3c3aGZGWHJEQUdBVDZTcERTelFTRW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKgQ6QIAw
DQYJKoZIhvcNAQELBQADggEBADGoE3V32Oj2e9L77LwzYheuAFSsQORrjoHivtye
BKJU2VFiIeNQkL+gnlAkL33gqIJ5UEmO0TFk/QJI8BtrxkZXc7uTHYiw6Bcqr4HU
+GuvNPa+P9lVmeVFb0VwShRlxi1ox03hvKwDMtTy9v8ao6Sp25rauxqf/bh5xJVd
34zZTFdg3DbVEnY5UwEa8JLrt+VgyNFCpJ2+vuERyTzMNbjhPLiEba1AmvNVvQiq
GzMqAYULxCHN2YVx797du0yxAafsLCyeWOLSEngR7Vjipg2VxQPRLoMd4LD8BX2O
H54lNqkuQKTCdX7BTUfAFMyMBdpBr3zeWc2AyNZeDV8yh5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org