Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VJLkt2ZLLa1GdG5QzD45xHWeDs0.roa
File:                     VJLkt2ZLLa1GdG5QzD45xHWeDs0.roa (raw, json)
Hash identifier:          bGUfPm7yOVoAYITmU34X55sO57U8cUhBdipe3+iObH8=
Subject key identifier:   54:92:E4:B7:66:4B:2D:AD:46:74:6E:50:CC:3E:39:C4:75:9E:0E:CD
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       018433DECC7E685C0DCE0B6ED5C302450939
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VJLkt2ZLLa1GdG5QzD45xHWeDs0.roa
Signing time:             Tue 01 Nov 2022 15:45:50 +0000
ROA not before:           Tue 01 Nov 2022 15:45:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     141237
IP address blocks:        2a0d:2580:2000::/35 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:33:de:cc:7e:68:5c:0d:ce:0b:6e:d5:c3:02:45:09:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Nov  1 15:45:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5492e4b7664b2dad46746e50cc3e39c4759e0ecd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4e:26:2e:95:d4:be:7c:5c:1f:45:31:07:41:
                    3a:bf:82:06:6d:84:b3:d9:c7:ea:7e:5c:84:dc:73:
                    d4:4c:a3:3f:81:e8:ec:f6:97:24:b6:ec:72:9c:32:
                    f7:56:71:1c:35:78:05:3e:9d:93:af:ca:d3:c3:56:
                    b7:40:51:d8:5e:e5:14:f5:ad:6d:5c:3b:d8:dd:34:
                    96:3c:86:38:53:ca:fd:1d:11:5d:a3:95:8b:75:88:
                    70:a6:f8:f3:59:fa:a4:0d:be:6f:23:33:61:7d:e5:
                    93:c6:7e:5b:41:bb:9e:76:3f:bb:82:e9:a4:ea:24:
                    7a:61:72:94:97:8f:ec:b9:86:b5:4f:4b:c7:12:47:
                    f7:ed:8b:77:73:53:12:7f:b1:0e:af:53:d4:8c:25:
                    5c:bd:7e:64:07:26:a4:6c:09:38:48:68:2f:ed:e9:
                    7b:55:7d:e0:1d:80:68:47:d0:5b:07:d1:25:06:df:
                    91:0e:10:e7:18:aa:e7:5e:cc:58:c0:78:92:21:c4:
                    ee:33:b5:06:71:4c:4a:65:04:ac:b8:20:2c:86:60:
                    3e:8b:8f:29:3f:6b:44:23:8b:a7:04:90:b8:2e:c0:
                    01:c5:14:95:80:7c:6e:9e:1f:a0:bc:ef:0e:f7:e5:
                    73:3f:3c:f0:bb:32:58:4b:1d:4b:46:f6:89:df:c2:
                    55:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:92:E4:B7:66:4B:2D:AD:46:74:6E:50:CC:3E:39:C4:75:9E:0E:CD
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/VJLkt2ZLLa1GdG5QzD45xHWeDs0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2580:2000::/35

    Signature Algorithm: sha256WithRSAEncryption
         5f:27:9a:74:e7:98:7e:9c:ec:b4:53:cf:2c:5b:ad:c8:e3:f8:
         0a:50:54:ee:86:69:87:35:20:24:09:df:33:68:ab:10:a2:28:
         48:bd:67:6b:ea:cf:a9:20:26:4b:6c:b4:4b:66:a6:f0:c1:ba:
         87:47:36:82:0f:10:37:f4:b0:4b:b3:b0:a4:57:7d:f3:f7:b2:
         3e:a9:cc:57:37:fe:6e:13:01:84:f0:bc:9d:ce:c1:8c:78:cc:
         94:3c:6d:d3:33:39:00:86:91:4a:71:64:93:13:f5:9c:25:3c:
         7a:fb:f9:b2:0c:20:0b:ee:0d:98:a0:ea:8f:9f:f1:ec:8e:42:
         bc:db:55:70:4e:48:ca:04:b4:c7:da:2f:08:9b:97:b7:5f:15:
         c1:47:2f:28:f3:68:92:44:0d:28:5e:cb:a8:db:b8:35:6c:b5:
         a0:37:aa:42:52:d5:ca:d6:a0:42:7a:fd:b4:1b:e8:20:6f:07:
         7f:4d:d3:98:2f:67:7c:a3:2b:ff:9e:ef:2a:c5:fd:bf:c7:96:
         f4:ae:f8:aa:9a:2d:46:2e:2c:35:0e:61:96:65:a9:a8:ec:79:
         f5:34:8d:eb:b7:03:8c:f0:93:a5:21:ba:31:4e:fb:c2:fa:a5:
         e3:bf:9d:35:73:08:32:ad:76:47:d7:9d:db:9f:f4:ab:79:20:
         b8:97:43:6d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYQz3sx+aFwNzgtu1cMCRQk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjIxMTAxMTU0NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDkyZTRiNzY2NGIyZGFkNDY3NDZlNTBjYzNlMzljNDc1OWUwZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU4mLpXUvnxcH0UxB0E6v4IGbYSz
2cfqflyE3HPUTKM/gejs9pcktuxynDL3VnEcNXgFPp2Tr8rTw1a3QFHYXuUU9a1t
XDvY3TSWPIY4U8r9HRFdo5WLdYhwpvjzWfqkDb5vIzNhfeWTxn5bQbuedj+7gumk
6iR6YXKUl4/suYa1T0vHEkf37Yt3c1MSf7EOr1PUjCVcvX5kByakbAk4SGgv7el7
VX3gHYBoR9BbB9ElBt+RDhDnGKrnXsxYwHiSIcTuM7UGcUxKZQSsuCAshmA+i48p
P2tEI4unBJC4LsABxRSVgHxunh+gvO8O9+VzPzzwuzJYSx1LRvaJ38JVkQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFSS5LdmSy2tRnRuUMw+OcR1ng7NMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvVkpMa3QyWkxMYTFHZEc1UXpENDV4SFdlRHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKg0lgCAw
DQYJKoZIhvcNAQELBQADggEBAF8nmnTnmH6c7LRTzyxbrcjj+ApQVO6GaYc1ICQJ
3zNoqxCiKEi9Z2vqz6kgJktstEtmpvDBuodHNoIPEDf0sEuzsKRXffP3sj6pzFc3
/m4TAYTwvJ3OwYx4zJQ8bdMzOQCGkUpxZJMT9ZwlPHr7+bIMIAvuDZig6o+f8eyO
QrzbVXBOSMoEtMfaLwibl7dfFcFHLyjzaJJEDShey6jbuDVstaA3qkJS1crWoEJ6
/bQb6CBvB39N05gvZ3yjK/+e7yrF/b/HlvSu+KqaLUYuLDUOYZZlqajsefU0jeu3
A4zwk6UhujFO+8L6peO/nTVzCDKtdkfXnduf9Kt5ILiXQ20=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org