Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/7ddChuP_gNypTCgznUCMSZP05GY.roa
File:                     7ddChuP_gNypTCgznUCMSZP05GY.roa (raw, json)
Hash identifier:          voHxO5GoWt/8JQnUpVJyauVjxZzUkjKOcU9YdG1pFqc=
Subject key identifier:   ED:D7:42:86:E3:FF:80:DC:A9:4C:28:33:9D:40:8C:49:93:F4:E4:66
Certificate issuer:       /CN=fad949f66253543ee89b9196390736b5a6ed7cb8
Certificate serial:       01998F6A
Authority key identifier: FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/7ddChuP_gNypTCgznUCMSZP05GY.roa
Signing time:             Sat 01 Jan 2022 05:57:50 +0000
ROA not before:           Sat 01 Jan 2022 05:57:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        2a11:2800:3::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26840938 (0x1998f6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fad949f66253543ee89b9196390736b5a6ed7cb8
        Validity
            Not Before: Jan  1 05:57:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=edd74286e3ff80dca94c28339d408c4993f4e466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d2:cf:26:17:5a:5b:86:6f:8b:61:5f:23:5b:
                    a7:20:8a:8a:91:76:0e:b6:bb:51:f5:fc:99:02:3f:
                    17:c9:7c:00:66:b3:e9:d8:fd:d4:b8:6f:5d:98:f2:
                    af:73:94:80:ed:ca:00:94:3e:d4:9d:68:b1:b6:d4:
                    17:d1:af:29:3c:2e:01:6c:9e:6f:bf:4f:35:70:51:
                    86:fd:f9:fa:a9:ea:1b:49:c1:aa:11:50:53:0e:c6:
                    e3:69:38:53:2e:ee:10:ab:fd:e8:43:6b:f4:83:4d:
                    12:a9:d3:18:d6:bd:9a:ca:6e:79:d8:de:50:df:ee:
                    c9:7e:f1:6d:59:d0:24:23:dc:f9:d1:e8:fe:de:4b:
                    a3:5a:04:62:1e:24:c0:29:76:cd:39:8b:a6:0d:61:
                    a9:a1:6e:e8:ba:87:03:6a:14:98:f6:48:7a:1e:35:
                    32:d9:e5:17:b4:f8:f9:0a:c7:25:85:b8:10:66:77:
                    19:30:20:8f:7b:ac:69:db:a3:02:4b:d4:77:87:7b:
                    a0:5b:7a:97:d0:10:83:62:53:7f:cb:9c:3d:16:9f:
                    d0:ff:d8:a3:8e:a3:7d:51:35:c5:32:5c:7e:b4:fb:
                    db:81:d5:3b:29:ed:9b:22:f2:2b:06:ae:02:19:d7:
                    d7:7c:55:07:88:68:12:ef:93:21:2e:5d:bb:33:65:
                    35:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D7:42:86:E3:FF:80:DC:A9:4C:28:33:9D:40:8C:49:93:F4:E4:66
            X509v3 Authority Key Identifier:
                keyid:FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/7ddChuP_gNypTCgznUCMSZP05GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/1-tlJ9mJTVD7om5GWOQc2tabtfLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:2800:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:79:fb:1c:af:14:84:87:d6:7a:85:cf:a5:ea:a0:5d:5f:92:
         72:57:35:df:45:61:e7:98:3c:7c:84:84:cd:05:3f:63:e9:70:
         74:29:b7:0a:4e:01:71:05:d5:21:28:bf:e1:7a:7f:ab:2f:1f:
         c4:c1:ac:85:10:db:9c:2d:f3:0d:40:9f:95:b1:0b:b6:63:f9:
         33:fb:c0:5c:81:08:68:8c:1a:44:68:3e:21:b5:37:91:49:37:
         cf:d7:94:02:52:9b:32:7a:d3:70:6b:9c:82:bb:fe:ad:6b:d1:
         2f:cb:3c:b0:ab:61:58:a7:1e:6b:94:f2:de:7b:af:7a:eb:fe:
         7a:7d:c2:da:96:df:f4:3e:67:16:64:73:72:d3:db:ac:20:ef:
         20:a5:a5:b5:65:3f:c4:c2:ed:cf:b4:f5:55:95:de:40:f8:3e:
         ab:d0:99:7f:39:b3:9b:2b:fc:74:4a:aa:b3:09:d4:00:d7:60:
         16:31:fd:db:ea:87:cf:76:dc:0a:47:58:aa:4d:12:59:8c:5f:
         bf:98:ac:1c:b9:ae:b3:dd:d5:2c:8b:e7:09:ce:cb:5b:ca:bd:
         bd:18:90:f6:c8:30:f8:ab:ed:5e:5b:9b:e0:f8:e3:11:0d:7d:
         74:60:5f:0e:c6:fd:e1:bc:f9:17:aa:f4:a1:af:0d:54:a6:1e:
         ba:6e:ba:15
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEAZmPajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQ5NDlmNjYyNTM1NDNlZTg5YjkxOTYzOTA3MzZiNWE2ZWQ3Y2I4MB4XDTIyMDEw
MTA1NTc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRkNzQyODZlM2Zm
ODBkY2E5NGMyODMzOWQ0MDhjNDk5M2Y0ZTQ2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDSzyYXWluGb4thXyNbpyCKipF2Dra7UfX8mQI/F8l8AGaz
6dj91LhvXZjyr3OUgO3KAJQ+1J1osbbUF9GvKTwuAWyeb79PNXBRhv35+qnqG0nB
qhFQUw7G42k4Uy7uEKv96ENr9INNEqnTGNa9mspuedjeUN/uyX7xbVnQJCPc+dHo
/t5Lo1oEYh4kwCl2zTmLpg1hqaFu6LqHA2oUmPZIeh41MtnlF7T4+QrHJYW4EGZ3
GTAgj3usadujAkvUd4d7oFt6l9AQg2JTf8ucPRaf0P/Yo46jfVE1xTJcfrT724HV
OyntmyLyKwauAhnX13xVB4hoEu+TIS5duzNlNf0CAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBTt10KG4/+A3KlMKDOdQIxJk/TkZjAfBgNVHSMEGDAWgBT62Un2YlNUPuib
kZY5Bza1pu18uDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdGxKOW1KVFZEN29tNUdXT1FjMnRhYnRmTGcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzY5LzNjY2UyMi1jMzAxLTRiYmMtYjAyNy02NGVlY2FlZDExZGMv
MS83ZGRDaHVQX2dOeXBUQ2d6blVDTVNaUDA1R1kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5
LzNjY2UyMi1jMzAxLTRiYmMtYjAyNy02NGVlY2FlZDExZGMvMS8xLXRsSjltSlRW
RDdvbTVHV09RYzJ0YWJ0ZkxnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEoAAADMA0GCSqGSIb3DQEB
CwUAA4IBAQCPefscrxSEh9Z6hc+l6qBdX5JyVzXfRWHnmDx8hITNBT9j6XB0KbcK
TgFxBdUhKL/hen+rLx/EwayFENucLfMNQJ+VsQu2Y/kz+8BcgQhojBpEaD4htTeR
STfP15QCUpsyetNwa5yCu/6ta9Evyzywq2FYpx5rlPLee6966/56fcLalt/0PmcW
ZHNy09usIO8gpaW1ZT/Ewu3PtPVVld5A+D6r0Jl/ObObK/x0SqqzCdQA12AWMf3b
6ofPdtwKR1iqTRJZjF+/mKwcua6z3dUsi+cJzstbyr29GJD2yDD4q+1eW5vg+OMR
DX10YF8Oxv3hvPkXqvShrw1Uph66broV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:49 2024 by rpki-client on console-ams.rpki-client.org