Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/G-1ExNuycHCj2PNxRfUU-sS0kmY.roa
File:                     G-1ExNuycHCj2PNxRfUU-sS0kmY.roa (raw, json)
Hash identifier:          P5pyUSYBW0nZ7NSEawYprK7dyh/sOl4/8JfFm7omh9s=
Subject key identifier:   1B:ED:44:C4:DB:B2:70:70:A3:D8:F3:71:45:F5:14:FA:C4:B4:92:66
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       0A07F312
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/G-1ExNuycHCj2PNxRfUU-sS0kmY.roa
Signing time:             Sat 01 Jan 2022 05:03:27 +0000
ROA not before:           Sat 01 Jan 2022 05:03:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56796
IP address blocks:        2a0d:2146:8460::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 168293138 (0xa07f312)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: Jan  1 05:03:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bed44c4dbb27070a3d8f37145f514fac4b49266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:90:7c:24:96:8a:51:64:0f:7e:93:7c:77:4f:
                    62:b4:77:c8:22:ea:af:15:b7:06:66:81:69:58:e8:
                    e3:b0:d0:a4:87:71:af:a1:10:07:b6:35:d4:c4:e9:
                    87:09:e6:67:7e:f7:e4:79:34:fa:0e:c0:51:45:af:
                    ea:b4:7c:c1:ed:1c:4d:c5:2f:d5:6a:98:fd:ed:66:
                    0e:31:7e:1e:33:72:28:dd:5c:d9:8b:2a:c1:bc:30:
                    cd:d7:b7:41:3c:f1:d3:f3:76:99:e0:21:ed:2c:4e:
                    52:88:cc:8e:79:4c:79:53:6e:a5:0d:43:4a:1b:6e:
                    43:ce:2c:90:44:e8:66:78:ca:31:8d:4f:9f:de:37:
                    83:66:93:0b:67:b7:ab:3a:66:af:29:f3:f3:94:97:
                    f1:d1:8c:58:9d:06:5b:9b:27:fb:a5:71:ab:6d:ab:
                    14:6c:a2:a5:52:1e:66:c7:50:19:f6:3f:e9:fa:06:
                    3a:d6:c7:ed:17:a8:ca:8a:7b:00:12:39:7a:5f:4f:
                    24:91:f8:79:d7:c2:19:0b:1b:9c:68:d3:e1:e5:87:
                    99:34:8e:37:58:24:fd:9b:0c:de:fe:4e:11:0e:01:
                    54:1f:34:95:0b:ae:e3:e5:be:61:43:81:7f:94:d8:
                    10:e5:43:11:fb:c1:8a:42:f7:83:df:39:b2:58:70:
                    59:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:ED:44:C4:DB:B2:70:70:A3:D8:F3:71:45:F5:14:FA:C4:B4:92:66
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/G-1ExNuycHCj2PNxRfUU-sS0kmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2146:8460::/44

    Signature Algorithm: sha256WithRSAEncryption
         1c:4f:41:72:ce:cd:58:d8:91:39:d6:77:5f:d4:39:c9:fc:d0:
         fb:79:72:48:05:52:cd:25:eb:49:f4:98:34:3d:c9:40:3d:05:
         87:a4:e3:6f:92:cf:a6:65:d4:3e:aa:cc:f4:36:0a:db:dd:20:
         fe:18:f0:fd:69:b3:63:e6:49:ee:8e:45:24:a5:64:16:74:09:
         9e:27:f8:08:90:a9:3d:7b:51:15:d1:20:ea:26:bf:04:81:73:
         06:44:8a:45:a6:ac:b9:94:7b:b3:e5:50:39:f2:75:16:47:16:
         24:0f:45:67:68:47:5c:c1:23:7e:4c:3c:f7:07:dd:63:29:2e:
         d8:ff:52:66:aa:5e:98:52:54:87:a4:a4:5f:3f:a8:9a:78:25:
         2b:68:69:71:e6:53:cc:d4:5d:51:6f:e4:95:7c:1b:4c:ba:66:
         3b:d4:2a:17:78:d2:a8:65:2b:17:18:ff:f9:6f:8f:9f:a0:f5:
         7f:3c:d2:0b:b3:6e:f4:13:3b:f5:76:ac:f7:51:f8:44:49:a3:
         82:b7:fb:19:e9:6d:8c:78:25:6d:5c:2c:d8:b2:10:62:d6:c5:
         89:f9:a7:a0:e3:1b:6a:79:6f:32:c7:73:90:97:f1:8b:c3:dc:
         10:70:54:95:f3:61:fd:0e:95:c2:e0:1d:2f:97:22:e6:b4:ca:
         e4:c6:a3:e6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECgfzEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTRhYzYxMTYxNGRkMTY1ZDk0NTU3Mjk2ZWQ3ZWQ0NmM4ZmMwMjVmMB4XDTIyMDEw
MTA1MDMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJlZDQ0YzRkYmIy
NzA3MGEzZDhmMzcxNDVmNTE0ZmFjNGI0OTI2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWQfCSWilFkD36TfHdPYrR3yCLqrxW3BmaBaVjo47DQpIdx
r6EQB7Y11MTphwnmZ3735Hk0+g7AUUWv6rR8we0cTcUv1WqY/e1mDjF+HjNyKN1c
2Ysqwbwwzde3QTzx0/N2meAh7SxOUojMjnlMeVNupQ1DShtuQ84skEToZnjKMY1P
n943g2aTC2e3qzpmrynz85SX8dGMWJ0GW5sn+6Vxq22rFGyipVIeZsdQGfY/6foG
OtbH7Reoyop7ABI5el9PJJH4edfCGQsbnGjT4eWHmTSON1gk/ZsM3v5OEQ4BVB80
lQuu4+W+YUOBf5TYEOVDEfvBikL3g985slhwWQMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQb7UTE27JwcKPY83FF9RT6xLSSZjAfBgNVHSMEGDAWgBThSsYRYU3RZdlF
Vylu1+1GyPwCXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRVckdFV0ZOMFdYWlJWY3BidGZ0UnNqOEFsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNmU3OWI4LTJiOGYtNGVjYy05YTZlLTcwZTg5OGJiMzhkZC8x
L0ctMUV4TnV5Y0hDajJQTnhSZlVVLXNTMGttWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NmU3OWI4LTJiOGYtNGVjYy05YTZlLTcwZTg5OGJiMzhkZC8xLzRVckdFV0ZOMFdY
WlJWY3BidGZ0UnNqOEFsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoNIUaEYDANBgkqhkiG9w0BAQsF
AAOCAQEAHE9Bcs7NWNiROdZ3X9Q5yfzQ+3lySAVSzSXrSfSYND3JQD0Fh6Tjb5LP
pmXUPqrM9DYK290g/hjw/WmzY+ZJ7o5FJKVkFnQJnif4CJCpPXtRFdEg6ia/BIFz
BkSKRaasuZR7s+VQOfJ1FkcWJA9FZ2hHXMEjfkw89wfdYyku2P9SZqpemFJUh6Sk
Xz+omnglK2hpceZTzNRdUW/klXwbTLpmO9QqF3jSqGUrFxj/+W+Pn6D1fzzSC7Nu
9BM79Xas91H4REmjgrf7GeltjHglbVws2LIQYtbFifmnoOMbanlvMsdzkJfxi8Pc
EHBUlfNh/Q6VwuAdL5ci5rTK5Maj5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org