Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VLqm3WQqiF1oE0axt3zaH4b8Wes.roa
File:                     VLqm3WQqiF1oE0axt3zaH4b8Wes.roa (raw, json)
Hash identifier:          zb6e/vCmz8xhnzxH/VL+1UgauZWQ56ZqTwDjUUFCkUo=
Subject key identifier:   54:BA:A6:DD:64:2A:88:5D:68:13:46:B1:B7:7C:DA:1F:86:FC:59:EB
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0183F428B4C1AA24AEAE819A1AA8FF11C832
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VLqm3WQqiF1oE0axt3zaH4b8Wes.roa
Signing time:             Thu 20 Oct 2022 06:50:51 +0000
ROA not before:           Thu 20 Oct 2022 06:50:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39827
IP address blocks:        2a04:3a40::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:28:b4:c1:aa:24:ae:ae:81:9a:1a:a8:ff:11:c8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Oct 20 06:50:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54baa6dd642a885d681346b1b77cda1f86fc59eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:1c:bf:be:30:b8:75:14:30:1f:15:03:af:f4:
                    c6:ac:d8:0f:da:75:52:ff:d4:11:d7:12:01:96:a4:
                    0c:6d:50:47:50:56:42:4b:9d:43:33:da:df:9d:cd:
                    c0:fc:29:be:66:f6:58:2b:71:8b:bb:3b:20:c5:99:
                    f8:e4:d1:e9:a4:bd:06:79:f2:b9:8e:b5:58:00:87:
                    ad:1b:2d:44:cf:57:54:a1:94:00:d1:b1:87:b2:32:
                    ae:b6:1a:51:ed:ac:6d:3b:d4:6e:77:46:c5:0e:3d:
                    0e:7a:38:7d:c1:b7:1a:6e:cc:d3:e6:9d:c2:f3:94:
                    4b:75:fa:69:c9:7e:9f:18:f7:06:0a:de:08:22:ce:
                    b0:f9:8e:4f:87:83:6f:1f:15:53:63:2d:6c:e5:63:
                    c7:be:57:4d:ef:40:3f:d5:3a:d8:8e:0a:06:05:c1:
                    99:c4:b4:52:c2:c7:4e:32:cb:8f:66:4c:0c:63:e8:
                    34:ad:45:86:76:27:72:1c:51:83:e1:da:12:9f:b0:
                    00:b7:95:48:56:f6:4d:99:f5:ef:a4:bd:d8:6c:af:
                    b8:f4:98:f2:4d:c2:0e:f4:d7:78:a9:a9:8a:12:e3:
                    f3:05:61:a5:c0:d2:5d:59:94:77:af:0e:09:0e:78:
                    b7:7f:31:cb:6b:bc:3f:03:21:78:df:8f:3a:51:37:
                    87:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:BA:A6:DD:64:2A:88:5D:68:13:46:B1:B7:7C:DA:1F:86:FC:59:EB
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VLqm3WQqiF1oE0axt3zaH4b8Wes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:3a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:60:17:34:2e:93:23:38:a0:8f:13:70:a4:e7:48:95:d6:27:
         95:24:50:0f:4b:9a:81:ad:fa:dc:eb:a2:d4:a8:cc:79:c1:fb:
         da:e5:c1:5d:f0:9f:f1:68:df:92:fd:55:04:e8:53:f5:3f:f4:
         90:73:d1:f0:b9:de:1b:90:37:e7:37:51:26:81:91:b3:10:15:
         05:f4:fd:e2:43:53:b2:74:45:bd:75:ee:46:34:1c:f1:23:91:
         47:62:a9:1f:80:5e:52:a1:45:80:e8:c5:00:d5:f4:f1:e8:5d:
         c6:dc:b6:ea:3c:71:b1:ef:c6:e3:41:a4:57:b4:20:76:39:90:
         8e:50:07:49:4e:d6:e6:7d:1d:fc:2c:84:d0:e5:2f:3d:a9:04:
         36:49:65:47:1f:15:02:a0:46:0e:07:c3:d8:d5:91:13:bb:58:
         90:26:7e:dd:c1:ac:4d:c5:96:03:5d:ca:0e:be:69:13:f2:3d:
         aa:c9:b7:2f:b2:55:47:c7:c4:ad:93:e4:d5:40:19:8f:1c:12:
         dd:fe:ca:43:26:48:68:e1:b6:bb:11:c4:1c:7e:80:a0:70:54:
         3f:43:20:3a:6b:9a:d0:42:d0:69:ad:4c:ef:e6:a8:05:6e:c9:
         a2:a4:cb:cd:a6:29:ff:93:96:2f:61:10:3e:93:92:e5:ce:5b:
         ba:44:bf:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYP0KLTBqiSuroGaGqj/EcgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMDIwMDY1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJhYTZkZDY0MmE4ODVkNjgxMzQ2YjFiNzdjZGExZjg2ZmM1OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBy/vjC4dRQwHxUDr/TGrNgP2nVS
/9QR1xIBlqQMbVBHUFZCS51DM9rfnc3A/Cm+ZvZYK3GLuzsgxZn45NHppL0GefK5
jrVYAIetGy1Ez1dUoZQA0bGHsjKuthpR7axtO9Rud0bFDj0Oejh9wbcabszT5p3C
85RLdfppyX6fGPcGCt4IIs6w+Y5Ph4NvHxVTYy1s5WPHvldN70A/1TrYjgoGBcGZ
xLRSwsdOMsuPZkwMY+g0rUWGdidyHFGD4doSn7AAt5VIVvZNmfXvpL3YbK+49Jjy
TcIO9Nd4qamKEuPzBWGlwNJdWZR3rw4JDni3fzHLa7w/AyF43486UTeHtQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFS6pt1kKohdaBNGsbd82h+G/FnrMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVkxxbTNXUXFpRjFvRTBheHQzemFINGI4V2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgQ6QDAN
BgkqhkiG9w0BAQsFAAOCAQEADmAXNC6TIzigjxNwpOdIldYnlSRQD0uaga363Oui
1KjMecH72uXBXfCf8Wjfkv1VBOhT9T/0kHPR8LneG5A35zdRJoGRsxAVBfT94kNT
snRFvXXuRjQc8SORR2KpH4BeUqFFgOjFANX08ehdxty26jxxse/G40GkV7QgdjmQ
jlAHSU7W5n0d/CyE0OUvPakENkllRx8VAqBGDgfD2NWRE7tYkCZ+3cGsTcWWA13K
Dr5pE/I9qsm3L7JVR8fErZPk1UAZjxwS3f7KQyZIaOG2uxHEHH6AoHBUP0MgOmua
0ELQaa1M7+aoBW7JoqTLzaYp/5OWL2EQPpOS5c5bukS/QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org