Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/A5AFblPAv0BexNikKShobl2fV6M.roa
File:                     A5AFblPAv0BexNikKShobl2fV6M.roa (raw, json)
Hash identifier:          0/oszNuWX6WEgp+OXoQ+Jtw0yVBdlhgv1Fw+PUP5UPc=
Subject key identifier:   03:90:05:6E:53:C0:BF:40:5E:C4:D8:A4:29:28:68:6E:5D:9F:57:A3
Certificate issuer:       /CN=fad949f66253543ee89b9196390736b5a6ed7cb8
Certificate serial:       01AB19AA
Authority key identifier: FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/A5AFblPAv0BexNikKShobl2fV6M.roa
Signing time:             Fri 07 Jan 2022 10:36:56 +0000
ROA not before:           Fri 07 Jan 2022 10:36:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14445
IP address blocks:        2a11:2800:4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27990442 (0x1ab19aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fad949f66253543ee89b9196390736b5a6ed7cb8
        Validity
            Not Before: Jan  7 10:36:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0390056e53c0bf405ec4d8a42928686e5d9f57a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:95:2e:84:09:49:dd:13:93:c7:83:34:04:81:
                    1d:01:13:b1:d2:eb:b6:28:eb:de:2e:a3:22:31:5d:
                    6b:9a:cf:42:40:29:af:30:89:71:b7:c8:ca:cb:2e:
                    16:dd:b7:c0:94:91:f0:a6:49:ea:9c:ef:cb:7f:4b:
                    46:55:aa:c0:70:39:47:05:e3:0a:7d:73:0a:85:70:
                    31:25:a1:1f:7d:fa:f5:a1:29:8a:f3:bc:31:22:b1:
                    a9:c5:76:98:f7:a0:f2:ec:93:f8:d0:f1:9d:98:e7:
                    00:e6:16:86:0d:92:bf:5f:b0:ac:02:32:5d:80:52:
                    49:6d:74:65:c1:2a:60:36:0e:29:13:ee:6d:d9:f1:
                    28:ca:d9:5c:e3:61:51:3c:d9:9e:c1:38:59:02:7a:
                    f1:8a:83:f7:9b:11:76:36:6c:3b:e2:eb:9d:eb:7e:
                    d1:84:a1:77:e1:0a:43:c2:51:8a:2f:9e:08:a0:3c:
                    0e:4c:b9:69:cf:15:08:7e:e7:e7:59:a8:47:06:16:
                    c8:39:a0:0b:b2:63:de:8d:ce:45:31:25:e9:cb:a8:
                    06:70:85:b7:54:e3:5c:1c:73:5b:4e:82:08:90:78:
                    09:4e:15:ba:41:6c:2a:1d:2f:12:14:af:1d:48:96:
                    07:15:21:01:72:1d:a5:85:a4:32:9c:c4:5f:ac:0e:
                    62:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:90:05:6E:53:C0:BF:40:5E:C4:D8:A4:29:28:68:6E:5D:9F:57:A3
            X509v3 Authority Key Identifier:
                keyid:FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/A5AFblPAv0BexNikKShobl2fV6M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/1-tlJ9mJTVD7om5GWOQc2tabtfLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:2800:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:e1:c5:88:ab:90:fb:91:7a:55:94:3f:56:49:97:30:48:8a:
         71:c3:88:04:00:10:de:15:76:1d:70:36:c9:45:da:43:7a:39:
         52:e7:52:52:39:d2:a8:d1:14:df:03:3f:e0:f7:9f:b3:98:59:
         09:97:b7:ac:95:2a:27:55:58:58:8c:9d:72:5c:1d:16:fb:42:
         61:65:a3:3b:74:01:13:a5:b5:09:56:1f:7e:81:c1:f1:f6:dd:
         df:67:1a:40:b2:6f:d0:6e:3b:58:5f:b4:c1:a7:f5:ff:7a:b5:
         01:52:a2:0a:d0:db:79:66:d3:16:c3:bd:a0:b4:93:74:8e:3b:
         ee:fc:40:82:24:1f:47:f4:5e:44:8c:6d:f7:d7:78:ca:e8:68:
         42:4a:1c:94:b7:cc:b5:42:2d:2f:2e:ce:2b:74:61:21:82:1e:
         fa:a3:f4:5b:9d:3b:0c:0c:99:d8:29:c1:d2:a1:31:09:07:02:
         65:ca:c0:be:37:fd:62:23:e2:7b:e1:a1:46:9b:b3:5c:78:3c:
         bc:79:8d:ab:f8:d1:6f:d0:a7:a0:60:08:97:d8:3c:c4:75:aa:
         97:19:88:1e:7e:ca:eb:a6:42:ac:25:74:96:ef:8d:2f:cb:1d:
         2e:d1:08:7b:c2:93:04:14:12:c8:0f:f3:b5:0d:19:32:de:07:
         80:b9:5d:77
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEAasZqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQ5NDlmNjYyNTM1NDNlZTg5YjkxOTYzOTA3MzZiNWE2ZWQ3Y2I4MB4XDTIyMDEw
NzEwMzY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM5MDA1NmU1M2Mw
YmY0MDVlYzRkOGE0MjkyODY4NmU1ZDlmNTdhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqVLoQJSd0Tk8eDNASBHQETsdLrtijr3i6jIjFda5rPQkAp
rzCJcbfIyssuFt23wJSR8KZJ6pzvy39LRlWqwHA5RwXjCn1zCoVwMSWhH3369aEp
ivO8MSKxqcV2mPeg8uyT+NDxnZjnAOYWhg2Sv1+wrAIyXYBSSW10ZcEqYDYOKRPu
bdnxKMrZXONhUTzZnsE4WQJ68YqD95sRdjZsO+Lrnet+0YShd+EKQ8JRii+eCKA8
Dky5ac8VCH7n51moRwYWyDmgC7Jj3o3ORTEl6cuoBnCFt1TjXBxzW06CCJB4CU4V
ukFsKh0vEhSvHUiWBxUhAXIdpYWkMpzEX6wOYvECAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQDkAVuU8C/QF7E2KQpKGhuXZ9XozAfBgNVHSMEGDAWgBT62Un2YlNUPuib
kZY5Bza1pu18uDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdGxKOW1KVFZEN29tNUdXT1FjMnRhYnRmTGcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzY5LzNjY2UyMi1jMzAxLTRiYmMtYjAyNy02NGVlY2FlZDExZGMv
MS9BNUFGYmxQQXYwQmV4TmlrS1Nob2JsMmZWNk0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5
LzNjY2UyMi1jMzAxLTRiYmMtYjAyNy02NGVlY2FlZDExZGMvMS8xLXRsSjltSlRW
RDdvbTVHV09RYzJ0YWJ0ZkxnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEoAAAEMA0GCSqGSIb3DQEB
CwUAA4IBAQBt4cWIq5D7kXpVlD9WSZcwSIpxw4gEABDeFXYdcDbJRdpDejlS51JS
OdKo0RTfAz/g95+zmFkJl7eslSonVVhYjJ1yXB0W+0JhZaM7dAETpbUJVh9+gcHx
9t3fZxpAsm/QbjtYX7TBp/X/erUBUqIK0Nt5ZtMWw72gtJN0jjvu/ECCJB9H9F5E
jG3313jK6GhCShyUt8y1Qi0vLs4rdGEhgh76o/RbnTsMDJnYKcHSoTEJBwJlysC+
N/1iI+J74aFGm7NceDy8eY2r+NFv0KegYAiX2DzEdaqXGYgefsrrpkKsJXSW740v
yx0u0Qh7wpMEFBLID/O1DRky3geAuV13
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:49 2024 by rpki-client on console-ams.rpki-client.org