Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/c67c3e-45c6-4c81-9738-c44ddffa69ab/1/b5lxJ_G2SwwFvOeeYiKcZdYtVpM.roa
File:                     b5lxJ_G2SwwFvOeeYiKcZdYtVpM.roa (raw, json)
Hash identifier:          PkbgyU/rsyJ0T1NWsrBC3Cn+AMviKYQ3zcWE9SUSM2M=
Subject key identifier:   6F:99:71:27:F1:B6:4B:0C:05:BC:E7:9E:62:22:9C:65:D6:2D:56:93
Certificate issuer:       /CN=0caa8840e53bb965be5192c85b740345e7a0652c
Certificate serial:       018249B09706C1FDB530E472A75518608C78
Authority key identifier: 0C:AA:88:40:E5:3B:B9:65:BE:51:92:C8:5B:74:03:45:E7:A0:65:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DKqIQOU7uWW-UZLIW3QDReegZSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/c67c3e-45c6-4c81-9738-c44ddffa69ab/1/b5lxJ_G2SwwFvOeeYiKcZdYtVpM.roa
Signing time:             Fri 29 Jul 2022 11:21:25 +0000
ROA not before:           Fri 29 Jul 2022 11:21:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a13:7f00::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:49:b0:97:06:c1:fd:b5:30:e4:72:a7:55:18:60:8c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0caa8840e53bb965be5192c85b740345e7a0652c
        Validity
            Not Before: Jul 29 11:21:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f997127f1b64b0c05bce79e62229c65d62d5693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:08:e4:5b:59:42:03:f2:a9:77:c0:4f:d4:0c:
                    92:5d:74:62:62:7a:e4:f0:19:c7:ee:87:86:f2:8a:
                    b5:a6:76:2a:30:b0:89:8c:88:a5:ea:8e:35:32:7e:
                    82:74:45:cf:9b:dc:d2:c3:d4:38:81:ed:dd:80:0e:
                    c5:f8:31:72:7e:ad:84:70:7b:44:4a:55:38:06:95:
                    14:b6:a1:7a:11:e2:96:8a:73:ae:d2:e2:8c:f6:01:
                    8b:ff:b2:ff:9b:ad:b7:06:3e:66:f0:e8:db:0b:41:
                    20:2d:3b:65:47:9d:7a:22:43:0a:c6:df:12:c6:2b:
                    a1:85:b3:08:51:f5:cd:b0:e1:e5:13:38:4e:0e:f2:
                    6d:32:c0:b0:80:03:64:fb:c4:21:7d:bd:62:ba:d0:
                    58:bb:c7:fb:cd:9d:07:92:28:8c:88:14:12:4d:58:
                    4f:c2:3b:a7:d4:24:7b:72:4a:99:4e:8f:f6:5b:12:
                    2d:7a:e7:ec:45:58:32:99:21:80:a7:b4:88:ac:7b:
                    ad:76:57:12:98:fd:e2:cb:0a:3b:66:ca:89:21:76:
                    d1:7a:f7:b2:07:c0:5d:97:95:e4:6f:46:00:b3:5c:
                    2b:ce:e7:29:05:05:82:ac:43:95:45:23:2a:71:96:
                    88:a0:5d:ed:d3:3f:43:3f:88:b0:13:41:ec:3e:3c:
                    e3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:99:71:27:F1:B6:4B:0C:05:BC:E7:9E:62:22:9C:65:D6:2D:56:93
            X509v3 Authority Key Identifier:
                keyid:0C:AA:88:40:E5:3B:B9:65:BE:51:92:C8:5B:74:03:45:E7:A0:65:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DKqIQOU7uWW-UZLIW3QDReegZSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c67c3e-45c6-4c81-9738-c44ddffa69ab/1/b5lxJ_G2SwwFvOeeYiKcZdYtVpM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c67c3e-45c6-4c81-9738-c44ddffa69ab/1/DKqIQOU7uWW-UZLIW3QDReegZSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7f00::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:e4:0d:bb:64:5c:84:bd:01:10:94:ac:1f:07:03:0f:55:e1:
         52:31:dc:e4:cd:18:e6:18:19:bf:3d:fb:b8:03:41:b8:b9:a7:
         74:44:75:c0:1f:84:0e:83:4a:e5:31:4d:9a:52:a9:56:f9:48:
         d4:87:91:a8:0e:eb:09:dc:84:78:16:b9:c2:c3:93:af:eb:90:
         e0:c1:1c:d2:1c:17:0f:bd:e9:de:58:35:0e:f3:9b:48:6e:5f:
         2a:51:4f:e3:f4:23:fc:20:5a:93:10:fc:2d:9e:34:52:a2:f3:
         10:1f:a6:00:26:e0:73:c1:e2:cf:c4:d0:a7:b2:76:c6:96:b7:
         5a:8c:01:c1:40:f3:5c:24:bc:b3:c7:f5:e7:bf:73:d2:f4:9b:
         58:ee:1e:41:1d:9d:db:5c:c6:61:0d:20:e1:09:4f:85:d8:61:
         3c:5c:93:8b:5f:43:2b:62:f7:7b:fa:d9:77:42:8e:57:3c:d1:
         06:49:5f:34:09:92:88:a4:69:d2:0f:34:52:c2:80:60:44:1f:
         80:c2:fd:6b:bf:ce:57:af:9b:e0:24:7f:c7:f4:67:54:08:e6:
         ac:b9:2d:cc:d9:6f:43:25:c2:3c:7f:3a:e3:57:a4:08:4b:87:
         58:ae:c4:b8:b2:70:b6:35:9f:ee:2a:64:0d:8e:a7:53:c4:e5:
         56:d5:6f:a1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYJJsJcGwf21MORyp1UYYIx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYWE4ODQwZTUzYmI5NjViZTUxOTJjODViNzQwMzQ1ZTdh
MDY1MmMwHhcNMjIwNzI5MTEyMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk5NzEyN2YxYjY0YjBjMDViY2U3OWU2MjIyOWM2NWQ2MmQ1NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwjkW1lCA/Kpd8BP1AySXXRiYnrk
8BnH7oeG8oq1pnYqMLCJjIil6o41Mn6CdEXPm9zSw9Q4ge3dgA7F+DFyfq2EcHtE
SlU4BpUUtqF6EeKWinOu0uKM9gGL/7L/m623Bj5m8OjbC0EgLTtlR516IkMKxt8S
xiuhhbMIUfXNsOHlEzhODvJtMsCwgANk+8Qhfb1iutBYu8f7zZ0HkiiMiBQSTVhP
wjun1CR7ckqZTo/2WxIteufsRVgymSGAp7SIrHutdlcSmP3iywo7ZsqJIXbRevey
B8Bdl5Xkb0YAs1wrzucpBQWCrEOVRSMqcZaIoF3t0z9DP4iwE0HsPjzjWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG+ZcSfxtksMBbznnmIinGXWLVaTMB8GA1UdIwQY
MBaAFAyqiEDlO7llvlGSyFt0A0XnoGUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREtxSVFPVTd1V1ctVVpMSVczUURSZWVnWlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jNjdjM2UtNDVjNi00YzgxLTk3Mzgt
YzQ0ZGRmZmE2OWFiLzEvYjVseEpfRzJTd3dGdk9lZVlpS2NaZFl0VnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jNjdjM2UtNDVjNi00YzgxLTk3MzgtYzQ0ZGRmZmE2OWFi
LzEvREtxSVFPVTd1V1ctVVpMSVczUURSZWVnWlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhN/ADAN
BgkqhkiG9w0BAQsFAAOCAQEARuQNu2RchL0BEJSsHwcDD1XhUjHc5M0Y5hgZvz37
uANBuLmndER1wB+EDoNK5TFNmlKpVvlI1IeRqA7rCdyEeBa5wsOTr+uQ4MEc0hwX
D73p3lg1DvObSG5fKlFP4/Qj/CBakxD8LZ40UqLzEB+mACbgc8Hiz8TQp7J2xpa3
WowBwUDzXCS8s8f1579z0vSbWO4eQR2d21zGYQ0g4QlPhdhhPFyTi19DK2L3e/rZ
d0KOVzzRBklfNAmSiKRp0g80UsKAYEQfgML9a7/OV6+b4CR/x/RnVAjmrLktzNlv
QyXCPH8641ekCEuHWK7EuLJwtjWf7ipkDY6nU8TlVtVvoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:27 2024 by rpki-client on console-fra.rpki-client.org