Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/cf1ffd-134d-4382-8e59-4a08d5a1c71f/1/VMzSWUKRllxsu2rgYcN7mK-vCtU.roa
File:                     VMzSWUKRllxsu2rgYcN7mK-vCtU.roa (raw, json)
Hash identifier:          IiWrGYRfY3oj/jSEZJkilXuJhHKa7X71EV2OER60jdA=
Subject key identifier:   54:CC:D2:59:42:91:96:5C:6C:BB:6A:E0:61:C3:7B:98:AF:AF:0A:D5
Certificate issuer:       /CN=8810fc3198a0ab99647877dbe5725e05cee013f0
Certificate serial:       2C3EC2
Authority key identifier: 88:10:FC:31:98:A0:AB:99:64:78:77:DB:E5:72:5E:05:CE:E0:13:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBD8MZigq5lkeHfb5XJeBc7gE_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/cf1ffd-134d-4382-8e59-4a08d5a1c71f/1/VMzSWUKRllxsu2rgYcN7mK-vCtU.roa
Signing time:             Sat 01 Jan 2022 00:58:49 +0000
ROA not before:           Sat 01 Jan 2022 00:58:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210118
IP address blocks:        2a11:f940::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2899650 (0x2c3ec2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8810fc3198a0ab99647877dbe5725e05cee013f0
        Validity
            Not Before: Jan  1 00:58:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=54ccd2594291965c6cbb6ae061c37b98afaf0ad5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:79:d7:8c:e3:83:b5:28:f6:cc:45:6a:31:db:
                    e1:ab:78:f8:a5:1a:9f:b8:26:08:57:cd:1d:b5:81:
                    18:94:f0:25:9e:9b:dc:d9:54:1b:9f:09:f1:0d:e8:
                    0a:a2:24:c2:d0:93:41:76:7f:cc:35:a1:89:ca:f4:
                    27:2b:6e:cf:db:0d:17:d7:d7:82:6c:1d:67:96:50:
                    ce:4d:03:d5:37:e0:df:d9:da:af:1f:1c:91:99:eb:
                    da:55:50:0f:85:ee:f5:5a:7e:42:98:6b:b6:8c:15:
                    24:d5:4f:c4:6a:2b:44:7b:30:0a:cf:21:11:68:5e:
                    16:b7:08:0a:a7:67:9e:61:38:db:98:4a:bb:32:74:
                    4f:a8:b2:10:e4:84:29:67:3a:82:52:2d:ee:7b:de:
                    e2:56:f5:5d:27:d8:dc:04:10:e3:ab:0f:32:ce:9f:
                    ac:d6:24:43:1f:e9:37:0c:fc:97:17:df:04:2a:22:
                    7f:1a:21:de:20:5d:06:95:92:7d:69:f1:f4:95:7d:
                    1f:d9:1a:f9:f9:d2:43:0d:24:79:eb:1d:69:62:c6:
                    f9:28:f6:6d:46:cb:ad:29:c3:6b:3b:37:3d:8e:9b:
                    02:52:3c:b9:ac:62:0f:8f:ea:a5:45:c3:bb:27:50:
                    91:19:93:52:a2:6e:48:f6:e3:0c:4d:e2:fc:dc:57:
                    b9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:CC:D2:59:42:91:96:5C:6C:BB:6A:E0:61:C3:7B:98:AF:AF:0A:D5
            X509v3 Authority Key Identifier:
                keyid:88:10:FC:31:98:A0:AB:99:64:78:77:DB:E5:72:5E:05:CE:E0:13:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBD8MZigq5lkeHfb5XJeBc7gE_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/cf1ffd-134d-4382-8e59-4a08d5a1c71f/1/VMzSWUKRllxsu2rgYcN7mK-vCtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/cf1ffd-134d-4382-8e59-4a08d5a1c71f/1/iBD8MZigq5lkeHfb5XJeBc7gE_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f940::/29

    Signature Algorithm: sha256WithRSAEncryption
         25:e8:ae:9e:c0:95:df:4a:97:39:d0:63:40:a3:7b:5d:e4:0d:
         5f:aa:7d:2c:c3:a2:74:bf:00:44:b8:4b:8a:3e:8e:25:01:85:
         8c:86:98:47:91:85:f4:57:43:10:ba:73:25:39:fa:3f:87:d7:
         b8:d5:5a:15:0e:35:a2:8e:d1:92:78:84:3f:21:f6:c1:a8:ae:
         44:a2:e6:a6:4d:75:46:a3:d0:ad:77:21:da:22:6f:48:66:ef:
         69:bf:d2:e1:6f:e1:47:94:2d:2d:d0:c5:c5:5c:92:44:a8:04:
         89:e6:62:ae:e6:3d:40:c7:3e:7d:55:2a:8e:97:8f:8e:cf:4c:
         c5:2e:5c:95:bd:b0:7c:68:0f:0e:0e:4e:5b:a3:69:e2:dd:77:
         86:fb:d0:0a:4f:62:a4:81:82:5f:10:ae:9a:5b:82:73:73:4a:
         79:11:75:e4:34:ad:32:3b:b0:6f:73:a5:7c:f1:b2:bd:ff:ad:
         11:6e:35:fb:9b:7a:9f:ab:c2:45:a7:0c:38:11:d1:1a:e9:26:
         1b:6e:ff:15:df:bd:46:14:8f:80:ea:60:c3:d8:45:ce:e5:16:
         0d:02:ae:e5:e5:90:11:c7:e0:4b:23:17:08:53:b1:db:5d:0d:
         ac:32:87:cb:7b:e7:07:d1:2d:1c:74:cd:1c:10:78:c7:1e:8a:
         87:b9:3c:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDLD7CMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg4
MTBmYzMxOThhMGFiOTk2NDc4NzdkYmU1NzI1ZTA1Y2VlMDEzZjAwHhcNMjIwMTAx
MDA1ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1NGNjZDI1OTQyOTE5
NjVjNmNiYjZhZTA2MWMzN2I5OGFmYWYwYWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxXnXjOODtSj2zEVqMdvhq3j4pRqfuCYIV80dtYEYlPAlnpvc
2VQbnwnxDegKoiTC0JNBdn/MNaGJyvQnK27P2w0X19eCbB1nllDOTQPVN+Df2dqv
HxyRmevaVVAPhe71Wn5CmGu2jBUk1U/EaitEezAKzyERaF4WtwgKp2eeYTjbmEq7
MnRPqLIQ5IQpZzqCUi3ue97iVvVdJ9jcBBDjqw8yzp+s1iRDH+k3DPyXF98EKiJ/
GiHeIF0GlZJ9afH0lX0f2Rr5+dJDDSR56x1pYsb5KPZtRsutKcNrOzc9jpsCUjy5
rGIPj+qlRcO7J1CRGZNSom5I9uMMTeL83Fe5RQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFFTM0llCkZZcbLtq4GHDe5ivrwrVMB8GA1UdIwQYMBaAFIgQ/DGYoKuZZHh3
2+VyXgXO4BPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aUJEOE1aaWdxNWxrZUhmYjVYSmVCYzdnRV9BLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Ny9jZjFmZmQtMTM0ZC00MzgyLThlNTktNGEwOGQ1YTFjNzFmLzEv
Vk16U1dVS1JsbHhzdTJyZ1ljTjdtSy12Q3RVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9j
ZjFmZmQtMTM0ZC00MzgyLThlNTktNGEwOGQ1YTFjNzFmLzEvaUJEOE1aaWdxNWxr
ZUhmYjVYSmVCYzdnRV9BLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH5QDANBgkqhkiG9w0BAQsFAAOC
AQEAJeiunsCV30qXOdBjQKN7XeQNX6p9LMOidL8ARLhLij6OJQGFjIaYR5GF9FdD
ELpzJTn6P4fXuNVaFQ41oo7RkniEPyH2waiuRKLmpk11RqPQrXch2iJvSGbvab/S
4W/hR5QtLdDFxVySRKgEieZiruY9QMc+fVUqjpePjs9MxS5clb2wfGgPDg5OW6Np
4t13hvvQCk9ipIGCXxCumluCc3NKeRF15DStMjuwb3OlfPGyvf+tEW41+5t6n6vC
RacMOBHRGukmG27/Fd+9RhSPgOpgw9hFzuUWDQKu5eWQEcfgSyMXCFOx210NrDKH
y3vnB9EtHHTNHBB4xx6Kh7k86g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:40 2024 by rpki-client on console-ams.rpki-client.org