Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4L0ZLF9EKqi4u58xdyIBFEkL8S0.roa
File:                     4L0ZLF9EKqi4u58xdyIBFEkL8S0.roa (raw, json)
Hash identifier:          KEBd0UOX39HSCWKrNj5aLdPRkQduFQHSq2QEHGLKudc=
Subject key identifier:   E0:BD:19:2C:5F:44:2A:A8:B8:BB:9F:31:77:22:01:14:49:0B:F1:2D
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       0B6606B4
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4L0ZLF9EKqi4u58xdyIBFEkL8S0.roa
Signing time:             Sat 28 May 2022 19:19:13 +0000
ROA not before:           Sat 28 May 2022 19:19:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0d:2146:848a::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191235764 (0xb6606b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: May 28 19:19:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e0bd192c5f442aa8b8bb9f3177220114490bf12d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0d:cf:d9:b7:b5:e9:0a:4a:d9:3d:05:90:4d:
                    23:43:fb:31:98:12:04:4a:39:05:6d:ca:f1:07:47:
                    22:08:5c:cd:1a:9e:58:a6:23:74:d8:82:1a:3b:ec:
                    99:a7:03:a6:1d:5c:d0:35:6d:c2:7f:3d:9f:b7:09:
                    fe:b8:fa:57:50:8d:dc:71:54:eb:f8:3c:71:70:ea:
                    09:29:d4:01:df:46:20:57:a3:33:c5:14:1c:c3:b6:
                    01:6e:08:fa:a8:ae:cb:98:56:13:66:5f:e2:47:95:
                    2d:50:23:b1:52:b7:dc:60:23:86:09:43:ea:29:01:
                    40:94:c4:d4:c8:f6:40:21:9c:be:c8:7e:4d:d2:5f:
                    d3:2c:95:bf:28:3e:46:57:23:a8:ad:b3:c5:d3:4b:
                    83:a7:59:b7:b3:7b:54:84:77:28:5f:40:b3:5d:85:
                    33:a8:8e:1d:b9:14:e2:19:df:7e:49:41:55:11:eb:
                    5c:66:7d:c2:a6:a9:93:62:9e:ca:d1:0a:1c:54:25:
                    23:af:2f:ff:1f:aa:9e:e4:d2:6c:28:b7:19:d3:33:
                    11:b8:7d:8b:da:ba:be:8f:b8:97:16:be:26:3a:53:
                    09:9d:9f:39:e4:79:f5:1c:96:26:1a:9e:e8:05:84:
                    29:ce:1d:09:93:8f:c9:ef:45:4b:64:7d:67:62:3b:
                    90:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BD:19:2C:5F:44:2A:A8:B8:BB:9F:31:77:22:01:14:49:0B:F1:2D
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4L0ZLF9EKqi4u58xdyIBFEkL8S0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2146:848a::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:73:1d:54:ae:dd:c9:6a:90:be:ba:24:0e:65:5b:47:4f:c2:
         b8:5c:7c:d2:46:fa:45:d4:94:22:b5:3a:e5:6d:0a:af:f2:ca:
         59:df:6b:8a:5a:49:dc:94:a3:7e:e3:83:73:ba:49:b3:aa:fa:
         10:64:c0:63:6a:77:da:b4:e0:25:c3:0f:4e:c9:b2:71:7a:c8:
         5b:a3:03:2f:dc:81:ac:35:5a:f2:71:fa:d4:ba:ce:df:84:38:
         5e:a7:91:a1:81:d3:63:af:a0:53:51:db:63:93:29:21:99:46:
         4d:99:d7:ad:84:f2:72:aa:37:8b:25:67:8f:ff:04:f2:1b:ce:
         c4:81:35:eb:26:52:24:2b:98:39:4d:b6:52:8b:67:85:9d:84:
         d6:4e:8b:e2:6f:63:ba:49:5d:a4:83:6f:5e:ce:e3:52:2e:35:
         9b:3f:20:cf:49:37:69:22:de:8e:4d:49:78:65:32:e4:b7:d8:
         2e:65:a0:56:2c:e2:b6:47:f6:7a:2d:39:e2:11:f2:af:65:61:
         3c:1a:a9:a5:73:ca:b1:34:83:a1:58:fa:02:0a:cd:b9:3d:7d:
         3f:9c:97:a5:fd:e0:a2:98:3b:89:0a:de:91:e1:f6:77:80:c9:
         8d:e5:ac:db:0b:ab:1d:18:30:2a:e7:e6:85:35:25:79:df:57:
         0f:20:e7:f6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC2YGtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTRhYzYxMTYxNGRkMTY1ZDk0NTU3Mjk2ZWQ3ZWQ0NmM4ZmMwMjVmMB4XDTIyMDUy
ODE5MTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBiZDE5MmM1ZjQ0
MmFhOGI4YmI5ZjMxNzcyMjAxMTQ0OTBiZjEyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALENz9m3tekKStk9BZBNI0P7MZgSBEo5BW3K8QdHIghczRqe
WKYjdNiCGjvsmacDph1c0DVtwn89n7cJ/rj6V1CN3HFU6/g8cXDqCSnUAd9GIFej
M8UUHMO2AW4I+qiuy5hWE2Zf4keVLVAjsVK33GAjhglD6ikBQJTE1Mj2QCGcvsh+
TdJf0yyVvyg+RlcjqK2zxdNLg6dZt7N7VIR3KF9As12FM6iOHbkU4hnffklBVRHr
XGZ9wqapk2KeytEKHFQlI68v/x+qnuTSbCi3GdMzEbh9i9q6vo+4lxa+JjpTCZ2f
OeR59RyWJhqe6AWEKc4dCZOPye9FS2R9Z2I7kA8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTgvRksX0QqqLi7nzF3IgEUSQvxLTAfBgNVHSMEGDAWgBThSsYRYU3RZdlF
Vylu1+1GyPwCXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRVckdFV0ZOMFdYWlJWY3BidGZ0UnNqOEFsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNmU3OWI4LTJiOGYtNGVjYy05YTZlLTcwZTg5OGJiMzhkZC8x
LzRMMFpMRjlFS3FpNHU1OHhkeUlCRkVrTDhTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NmU3OWI4LTJiOGYtNGVjYy05YTZlLTcwZTg5OGJiMzhkZC8xLzRVckdFV0ZOMFdY
WlJWY3BidGZ0UnNqOEFsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoNIUaEijANBgkqhkiG9w0BAQsF
AAOCAQEAS3MdVK7dyWqQvrokDmVbR0/CuFx80kb6RdSUIrU65W0Kr/LKWd9rilpJ
3JSjfuODc7pJs6r6EGTAY2p32rTgJcMPTsmycXrIW6MDL9yBrDVa8nH61LrO34Q4
XqeRoYHTY6+gU1HbY5MpIZlGTZnXrYTycqo3iyVnj/8E8hvOxIE16yZSJCuYOU22
UotnhZ2E1k6L4m9jukldpINvXs7jUi41mz8gz0k3aSLejk1JeGUy5LfYLmWgVizi
tkf2ei054hHyr2VhPBqppXPKsTSDoVj6AgrNuT19P5yXpf3gopg7iQrekeH2d4DJ
jeWs2wurHRgwKufmhTUled9XDyDn9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org