Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/UxNE2DBRQSq6z-kbEz1X8ZvowJw.roa
File:                     UxNE2DBRQSq6z-kbEz1X8ZvowJw.roa (raw, json)
Hash identifier:          3//1KDQ7JhExcRjTC8t9qiU3emP6egSoW8MX14h+yOY=
Subject key identifier:   53:13:44:D8:30:51:41:2A:BA:CF:E9:1B:13:3D:57:F1:9B:E8:C0:9C
Certificate issuer:       /CN=553f4c4631a3385c5e395ee1d9daa076b0bccff1
Certificate serial:       021989CC
Authority key identifier: 55:3F:4C:46:31:A3:38:5C:5E:39:5E:E1:D9:DA:A0:76:B0:BC:CF:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VT9MRjGjOFxeOV7h2dqgdrC8z_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/UxNE2DBRQSq6z-kbEz1X8ZvowJw.roa
Signing time:             Sat 01 Jan 2022 07:57:39 +0000
ROA not before:           Sat 01 Jan 2022 07:57:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212467
IP address blocks:        2001:67c:2fbc::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35228108 (0x21989cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=553f4c4631a3385c5e395ee1d9daa076b0bccff1
        Validity
            Not Before: Jan  1 07:57:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=531344d83051412abacfe91b133d57f19be8c09c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4c:c8:3d:32:e5:a6:52:05:87:8e:5c:09:55:
                    74:0a:76:8c:b6:81:b3:c8:c2:04:ab:d2:98:1a:bd:
                    07:28:25:95:12:e0:71:41:fd:84:8d:43:e5:09:1e:
                    8c:9b:e4:14:79:f4:b5:57:79:08:df:95:40:7d:ae:
                    37:69:75:28:64:57:6f:c0:af:b2:5a:29:88:d8:6c:
                    60:a7:22:22:c0:4d:39:38:b9:3d:51:c2:21:b8:1e:
                    cb:dc:6c:5f:22:be:8f:42:f5:42:d8:ee:ac:a7:55:
                    47:4f:29:fc:6f:d2:22:f8:64:12:8a:77:bf:7f:43:
                    c6:b7:9c:f4:4d:06:e6:b1:58:17:c2:e3:67:95:f1:
                    8f:18:df:fc:2f:3c:6d:c5:60:0f:08:d3:31:60:54:
                    35:7a:ca:93:ee:91:14:63:1c:05:e6:e9:6a:ee:21:
                    21:85:a5:c1:4d:22:a7:94:02:5e:4c:c2:00:4a:be:
                    2b:30:f8:13:2c:aa:33:ad:42:6c:09:5a:e2:f2:e0:
                    02:d3:47:e3:6f:85:75:c2:da:85:ff:34:29:40:13:
                    f3:a1:a5:81:ad:1d:48:28:f8:b6:e8:62:55:b7:ec:
                    a7:6a:06:d0:fa:73:78:e0:28:27:66:e7:a1:47:06:
                    a2:66:88:37:32:37:24:66:2a:51:00:e6:fa:c0:4e:
                    7c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:13:44:D8:30:51:41:2A:BA:CF:E9:1B:13:3D:57:F1:9B:E8:C0:9C
            X509v3 Authority Key Identifier:
                keyid:55:3F:4C:46:31:A3:38:5C:5E:39:5E:E1:D9:DA:A0:76:B0:BC:CF:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VT9MRjGjOFxeOV7h2dqgdrC8z_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/UxNE2DBRQSq6z-kbEz1X8ZvowJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/9a8d08-e4bb-492f-9863-454f99c74f11/1/VT9MRjGjOFxeOV7h2dqgdrC8z_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2fbc::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:24:8d:c1:f4:93:82:ab:c8:56:38:c6:00:f6:28:09:e9:cb:
         24:eb:45:c0:8d:3b:6b:85:ec:07:14:e1:f3:f0:38:63:e5:6d:
         4b:8a:93:ad:4f:7c:cf:45:69:e1:59:2b:74:20:c0:f7:6a:01:
         0d:39:e2:77:5d:0f:b5:a5:9b:2f:77:92:35:be:b1:e6:2a:9a:
         6c:20:1b:69:57:e0:ca:22:f8:52:82:74:da:de:d1:3d:83:da:
         8b:93:a9:c6:ca:00:09:77:1d:56:17:19:98:d6:60:b6:da:73:
         06:ae:7c:7e:7b:6f:d4:6e:5c:9e:27:a4:04:63:ff:ed:fc:bc:
         89:9d:a9:17:41:28:df:34:54:5f:a7:4f:cb:76:35:55:ac:10:
         3c:df:7f:17:af:42:29:b7:b1:84:4c:ff:22:c9:40:00:0f:74:
         a1:fe:e9:d0:a8:34:f2:6d:32:74:fc:6f:02:28:1e:d6:f8:2a:
         34:60:cc:fe:c7:41:c2:9d:11:2c:76:23:d8:ce:3c:54:74:47:
         0f:6d:cf:6d:bb:73:b2:7e:5f:86:05:15:c1:e9:94:a0:ae:41:
         e2:bd:ad:be:93:86:10:f2:fe:ec:26:9f:d1:14:dd:08:30:98:
         a7:c2:48:74:dc:72:f4:bc:96:25:3e:46:9a:4c:81:8f:d6:db:
         4d:35:d5:62
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAhmJzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTNmNGM0NjMxYTMzODVjNWUzOTVlZTFkOWRhYTA3NmIwYmNjZmYxMB4XDTIyMDEw
MTA3NTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTMxMzQ0ZDgzMDUx
NDEyYWJhY2ZlOTFiMTMzZDU3ZjE5YmU4YzA5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIZMyD0y5aZSBYeOXAlVdAp2jLaBs8jCBKvSmBq9BygllRLg
cUH9hI1D5QkejJvkFHn0tVd5CN+VQH2uN2l1KGRXb8CvslopiNhsYKciIsBNOTi5
PVHCIbgey9xsXyK+j0L1QtjurKdVR08p/G/SIvhkEop3v39Dxrec9E0G5rFYF8Lj
Z5Xxjxjf/C88bcVgDwjTMWBUNXrKk+6RFGMcBebpau4hIYWlwU0ip5QCXkzCAEq+
KzD4EyyqM61CbAla4vLgAtNH42+FdcLahf80KUAT86Glga0dSCj4tuhiVbfsp2oG
0PpzeOAoJ2bnoUcGomaINzI3JGYqUQDm+sBOfDcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRTE0TYMFFBKrrP6RsTPVfxm+jAnDAfBgNVHSMEGDAWgBRVP0xGMaM4XF45
XuHZ2qB2sLzP8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZUOU1SakdqT0Z4ZU9WN2gyZHFnZHJDOHpfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvOWE4ZDA4LWU0YmItNDkyZi05ODYzLTQ1NGY5OWM3NGYxMS8x
L1V4TkUyREJSUVNxNnota2JFejFYOFp2b3dKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
OWE4ZDA4LWU0YmItNDkyZi05ODYzLTQ1NGY5OWM3NGYxMS8xL1ZUOU1SakdqT0Z4
ZU9WN2gyZHFnZHJDOHpfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwvvDANBgkqhkiG9w0BAQsF
AAOCAQEAFySNwfSTgqvIVjjGAPYoCenLJOtFwI07a4XsBxTh8/A4Y+VtS4qTrU98
z0Vp4VkrdCDA92oBDTnid10PtaWbL3eSNb6x5iqabCAbaVfgyiL4UoJ02t7RPYPa
i5OpxsoACXcdVhcZmNZgttpzBq58fntv1G5cniekBGP/7fy8iZ2pF0Eo3zRUX6dP
y3Y1VawQPN9/F69CKbexhEz/IslAAA90of7p0Kg08m0ydPxvAige1vgqNGDM/sdB
wp0RLHYj2M48VHRHD23Pbbtzsn5fhgUVwemUoK5B4r2tvpOGEPL+7Caf0RTdCDCY
p8JIdNxy9LyWJT5GmkyBj9bbTTXVYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:00 2024 by rpki-client on console-fra.rpki-client.org