Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FWQ-H5ImYcNEVgZuO9yohuSf0UA.roa
File:                     FWQ-H5ImYcNEVgZuO9yohuSf0UA.roa (raw, json)
Hash identifier:          D366VVywvkYGoj8CDwH74lzhgYbOafM8cRunTOZ34p4=
Subject key identifier:   15:64:3E:1F:92:26:61:C3:44:56:06:6E:3B:DC:A8:86:E4:9F:D1:40
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0183C6BF1B098603F16B8BCDE8C36D33D1B8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FWQ-H5ImYcNEVgZuO9yohuSf0UA.roa
Signing time:             Tue 11 Oct 2022 11:12:36 +0000
ROA not before:           Tue 11 Oct 2022 11:12:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204628
IP address blocks:        2001:4030::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c6:bf:1b:09:86:03:f1:6b:8b:cd:e8:c3:6d:33:d1:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Oct 11 11:12:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=15643e1f922661c34456066e3bdca886e49fd140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:de:80:50:a4:a1:03:9f:7c:6a:a3:82:a4:96:
                    14:36:14:6f:85:aa:0a:b6:f2:81:7d:8a:5f:a3:d7:
                    27:85:67:12:3d:77:0a:15:f4:51:43:7c:7b:70:3c:
                    0c:67:a1:5c:db:b6:bf:94:44:fe:e2:e2:b9:f2:9a:
                    82:1e:1c:0d:e0:f5:2c:90:f1:e9:40:67:f2:73:84:
                    d0:ca:42:7d:dd:ac:e4:92:9d:57:e8:1d:ed:33:4d:
                    b9:4d:49:cd:db:5d:51:98:82:56:9e:73:e1:12:5e:
                    71:50:fe:55:b5:65:df:57:f6:7f:ae:f8:5d:be:44:
                    00:3f:47:bf:0b:ce:c0:c6:bc:08:cb:8f:63:87:27:
                    d5:4c:19:06:1e:35:31:e8:36:f5:fd:ef:8f:23:9e:
                    7a:4f:14:05:10:ec:dc:8f:05:74:44:8c:a1:c3:52:
                    f7:08:64:1d:f4:51:6c:fa:cf:c6:f0:09:b2:c0:c4:
                    7c:49:a7:6e:1c:23:5e:4b:fa:ca:4f:f5:64:de:90:
                    46:95:c5:64:3d:6e:4c:cd:53:43:d8:3e:19:51:d7:
                    2d:b1:3f:91:ca:71:3e:ef:c4:a6:f2:b9:66:3b:53:
                    d3:a5:04:d7:ef:fd:94:de:6e:1c:7e:8b:f4:84:fd:
                    38:85:93:ca:60:db:c5:4f:a0:3b:b5:69:c0:dc:95:
                    e5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:64:3E:1F:92:26:61:C3:44:56:06:6E:3B:DC:A8:86:E4:9F:D1:40
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FWQ-H5ImYcNEVgZuO9yohuSf0UA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4030::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:e1:08:af:d5:67:83:8d:4e:e4:ec:e9:10:ff:d7:15:2c:eb:
         4d:3b:3d:f1:ff:3e:c1:0a:63:c4:6f:02:c0:ef:6e:02:86:61:
         9a:34:c5:4f:f7:4e:34:fa:a7:bb:52:b6:8e:a4:99:a2:fb:4b:
         01:af:75:68:26:98:ca:9d:78:2b:14:35:a8:65:68:de:58:68:
         5d:40:f5:3d:6e:90:5d:1a:bb:cf:9e:85:1c:80:60:c4:c5:f3:
         e4:5c:53:21:37:a3:76:8d:2c:50:98:3c:62:09:3e:31:16:ac:
         92:04:98:29:c2:e8:94:4b:c7:7a:c0:bc:9f:69:a1:6a:7e:ec:
         3d:6e:52:55:4b:22:8e:d3:fa:05:e9:0f:bc:e2:b6:9f:c8:6f:
         28:df:f2:a4:07:90:9d:72:8f:b4:d6:70:a5:ad:0c:f2:f9:6f:
         27:36:d5:9f:13:86:21:2a:37:ad:8b:b5:44:bd:e4:2b:2e:0e:
         e7:e2:c6:20:8b:0e:8c:f7:c6:22:4b:6c:da:d1:be:00:83:42:
         6e:be:a8:c4:6c:23:b4:2c:a7:e0:51:16:00:d4:66:74:c7:af:
         5e:ce:ca:57:74:00:bb:39:b4:fe:aa:12:42:61:60:e5:36:74:
         16:f2:ee:a8:ab:a1:6b:76:cf:8c:93:10:ac:e2:e5:96:cb:83:
         c8:a5:e1:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPGvxsJhgPxa4vN6MNtM9G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMDExMTExMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTY0M2UxZjkyMjY2MWMzNDQ1NjA2NmUzYmRjYTg4NmU0OWZkMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt6AUKShA598aqOCpJYUNhRvhaoK
tvKBfYpfo9cnhWcSPXcKFfRRQ3x7cDwMZ6Fc27a/lET+4uK58pqCHhwN4PUskPHp
QGfyc4TQykJ93azkkp1X6B3tM025TUnN211RmIJWnnPhEl5xUP5VtWXfV/Z/rvhd
vkQAP0e/C87AxrwIy49jhyfVTBkGHjUx6Db1/e+PI556TxQFEOzcjwV0RIyhw1L3
CGQd9FFs+s/G8AmywMR8SaduHCNeS/rKT/Vk3pBGlcVkPW5MzVND2D4ZUdctsT+R
ynE+78Sm8rlmO1PTpQTX7/2U3m4cfov0hP04hZPKYNvFT6A7tWnA3JXlbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBVkPh+SJmHDRFYGbjvcqIbkn9FAMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRldRLUg1SW1ZY05FVmdadU85eW9odVNmMFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAFAMDAN
BgkqhkiG9w0BAQsFAAOCAQEAN+EIr9Vng41O5OzpEP/XFSzrTTs98f8+wQpjxG8C
wO9uAoZhmjTFT/dONPqnu1K2jqSZovtLAa91aCaYyp14KxQ1qGVo3lhoXUD1PW6Q
XRq7z56FHIBgxMXz5FxTITejdo0sUJg8Ygk+MRaskgSYKcLolEvHesC8n2mhan7s
PW5SVUsijtP6BekPvOK2n8hvKN/ypAeQnXKPtNZwpa0M8vlvJzbVnxOGISo3rYu1
RL3kKy4O5+LGIIsOjPfGIkts2tG+AINCbr6oxGwjtCyn4FEWANRmdMevXs7KV3QA
uzm0/qoSQmFg5TZ0FvLuqKuha3bPjJMQrOLllsuDyKXhMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org