Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/JNijdCJUuKSG-yswh-wHjEOh1L4.roa
File:                     JNijdCJUuKSG-yswh-wHjEOh1L4.roa (raw, json)
Hash identifier:          bsDSFx5ITfOOMS0l5xsXziUEtOvFny/iDQOpot3QC/A=
Subject key identifier:   24:D8:A3:74:22:54:B8:A4:86:FB:2B:30:87:EC:07:8C:43:A1:D4:BE
Certificate issuer:       /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial:       0F28A713
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/JNijdCJUuKSG-yswh-wHjEOh1L4.roa
Signing time:             Sat 01 Jan 2022 04:52:28 +0000
ROA not before:           Sat 01 Jan 2022 04:52:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397568
IP address blocks:        2a06:6540:2003::/48 maxlen: 48
                          2a06:6541:2003::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 254322451 (0xf28a713)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
        Validity
            Not Before: Jan  1 04:52:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24d8a3742254b8a486fb2b3087ec078c43a1d4be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:8f:d7:bf:d7:f3:ec:5a:b0:53:24:45:fc:43:
                    74:85:bc:e8:e9:86:8b:28:a5:7a:db:a0:95:e5:d5:
                    07:93:52:15:0f:f5:bd:ac:ea:f4:7f:c4:67:02:be:
                    0a:04:e1:33:a7:c3:20:6f:05:cd:64:47:66:33:a8:
                    77:aa:03:c4:68:1b:b3:ca:27:26:65:b2:7a:db:73:
                    c3:46:c1:ed:9c:09:2f:f3:c3:c3:14:63:dd:93:4d:
                    63:65:0e:08:aa:33:fa:91:44:cc:28:d9:45:e4:a7:
                    04:f7:b0:fd:27:75:b2:cd:d5:8d:7a:ea:97:14:54:
                    2a:83:cc:65:a6:89:a7:19:bc:ba:7b:04:a1:96:b9:
                    4e:a8:44:4b:9c:b7:dd:ed:f4:99:d9:60:63:55:49:
                    62:35:ce:c3:91:9a:04:b8:47:b3:f8:bb:bb:6e:14:
                    a4:3f:32:47:66:6c:e0:bb:59:d0:bb:61:ac:c0:d5:
                    31:af:1d:d7:7a:de:04:4a:06:fb:77:a4:56:d9:41:
                    f8:f9:c7:43:b2:c1:43:a8:27:1e:87:97:d6:12:3a:
                    c4:65:1b:9e:99:db:dd:0b:15:b2:02:af:f6:0a:ef:
                    ec:5a:cf:a1:0e:58:e9:7b:c7:90:63:94:59:13:b4:
                    43:12:48:27:2b:a1:00:78:dc:1a:f7:9c:cd:66:c9:
                    93:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:D8:A3:74:22:54:B8:A4:86:FB:2B:30:87:EC:07:8C:43:A1:D4:BE
            X509v3 Authority Key Identifier:
                keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/JNijdCJUuKSG-yswh-wHjEOh1L4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:6540:2003::/48
                  2a06:6541:2003::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:ed:88:4f:73:d8:5d:ec:68:e6:ef:80:f8:49:e0:0d:dc:0c:
         67:97:a7:9c:fc:ed:b6:28:66:b4:66:01:a8:bc:0f:90:ba:d0:
         7d:44:87:fa:c1:21:fd:32:16:ed:b3:dd:da:ea:4d:65:34:1f:
         6a:47:a2:c9:6a:1d:c2:26:88:1c:1b:67:6f:ab:1e:8f:e2:37:
         d0:6f:a7:0a:06:3f:75:2b:11:bf:ef:31:85:a7:29:b9:f2:97:
         0f:51:67:af:37:e3:fe:ef:7d:80:47:28:52:ac:05:69:19:02:
         d1:3a:8e:ec:f8:26:8f:f4:1b:09:6f:09:0c:f9:ee:af:2b:a0:
         13:10:df:dc:cb:75:70:1d:bf:2f:f4:6d:0e:23:3a:0d:ed:94:
         da:c3:ea:49:7a:86:cd:f4:ec:1d:b2:fe:39:20:d2:69:0b:59:
         9e:3a:15:ec:3c:e6:9c:55:89:54:8c:26:11:ac:be:70:82:e4:
         a7:72:bc:61:c1:f0:79:3c:5a:2b:61:86:12:a1:9c:6c:a6:b7:
         ad:3b:58:0d:23:23:9f:4d:63:8e:ee:12:07:8f:8e:41:d8:c3:
         78:fe:53:60:9d:a3:ba:41:f6:81:8f:86:4c:02:f0:2c:7c:38:
         65:e0:79:46:4c:28:41:df:7d:68:8b:65:4c:85:1c:33:d2:4c:
         26:e5:20:4d
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDyinEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWM0NjZjYzg5ZjlkYjRlMzFjNTQwMGQyYWU3YTJiZmZkYjIyNTQ3MB4XDTIyMDEw
MTA0NTIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRkOGEzNzQyMjU0
YjhhNDg2ZmIyYjMwODdlYzA3OGM0M2ExZDRiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqP17/X8+xasFMkRfxDdIW86OmGiyiletugleXVB5NSFQ/1
vazq9H/EZwK+CgThM6fDIG8FzWRHZjOod6oDxGgbs8onJmWyettzw0bB7ZwJL/PD
wxRj3ZNNY2UOCKoz+pFEzCjZReSnBPew/Sd1ss3VjXrqlxRUKoPMZaaJpxm8unsE
oZa5TqhES5y33e30mdlgY1VJYjXOw5GaBLhHs/i7u24UpD8yR2Zs4LtZ0LthrMDV
Ma8d13reBEoG+3ekVtlB+PnHQ7LBQ6gnHoeX1hI6xGUbnpnb3QsVsgKv9grv7FrP
oQ5Y6XvHkGOUWRO0QxJIJyuhAHjcGveczWbJk0cCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQk2KN0IlS4pIb7KzCH7AeMQ6HUvjAfBgNVHSMEGDAWgBRaxGbMifnbTjHF
QA0q56K//bIlRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dzUm16SW41MjA0eHhVQU5LdWVpdl8yeUpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZTI5Yzg3LTQ2ODMtNDQzZS04ODNmLTlhYmQxYWE2NGJlMS8x
L0pOaWpkQ0pVdUtTRy15c3doLXdIakVPaDFMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
ZTI5Yzg3LTQ2ODMtNDQzZS04ODNmLTlhYmQxYWE2NGJlMS8xL1dzUm16SW41MjA0
eHhVQU5LdWVpdl8yeUpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoGZUAgAwMHACoGZUEgAzANBgkq
hkiG9w0BAQsFAAOCAQEAGu2IT3PYXexo5u+A+EngDdwMZ5ennPzttihmtGYBqLwP
kLrQfUSH+sEh/TIW7bPd2upNZTQfakeiyWodwiaIHBtnb6sej+I30G+nCgY/dSsR
v+8xhacpufKXD1Fnrzfj/u99gEcoUqwFaRkC0TqO7Pgmj/QbCW8JDPnuryugExDf
3Mt1cB2/L/RtDiM6De2U2sPqSXqGzfTsHbL+OSDSaQtZnjoV7DzmnFWJVIwmEay+
cILkp3K8YcHweTxaK2GGEqGcbKa3rTtYDSMjn01jju4SB4+OQdjDeP5TYJ2jukH2
gY+GTALwLHw4ZeB5RkwoQd99aItlTIUcM9JMJuUgTQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:17 2023 by rpki-client on console-ams.rpki-client.org