Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IN-xsMN6dX531EwAgbxhg3UKEj0.roa
File:                     IN-xsMN6dX531EwAgbxhg3UKEj0.roa (raw, json)
Hash identifier:          zeLqZfC54Ibk+/DpvcEV9xCAIdx+wKJmsf6ZcyxgiEg=
Subject key identifier:   20:DF:B1:B0:C3:7A:75:7E:77:D4:4C:00:81:BC:61:83:75:0A:12:3D
Certificate issuer:       /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial:       085BC51A
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IN-xsMN6dX531EwAgbxhg3UKEj0.roa
Signing time:             Tue 31 May 2022 14:04:13 +0000
ROA not before:           Tue 31 May 2022 14:04:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204874
IP address blocks:        2a03:5840:280::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140231962 (0x85bc51a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
        Validity
            Not Before: May 31 14:04:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20dfb1b0c37a757e77d44c0081bc6183750a123d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a9:72:51:ef:78:cc:30:68:72:fe:da:77:9e:
                    cd:e7:63:34:a8:2a:dd:59:d6:66:ac:69:b5:0c:92:
                    11:f2:15:66:85:4f:bb:a8:80:bc:68:cc:61:e7:cc:
                    35:93:fd:2b:a2:fb:36:01:d4:a8:3e:9a:f6:97:f2:
                    a1:ed:02:f8:a7:02:1d:28:a8:60:18:a9:3b:e7:ad:
                    30:6e:cf:65:0d:a2:71:56:ab:05:8f:3c:a8:fe:87:
                    8d:11:56:56:f8:de:f3:81:08:07:4f:7f:58:ed:93:
                    a0:ed:a7:97:aa:74:c6:02:2f:0e:6d:5c:c0:02:de:
                    90:2e:db:08:93:aa:a3:0f:8a:fc:99:d9:b0:6f:91:
                    05:83:90:c6:a2:75:5c:bb:5d:d3:c5:6f:43:13:49:
                    1b:0b:a9:b9:5d:78:06:b1:1d:09:82:57:cc:92:3e:
                    32:a0:4c:71:d9:75:4b:98:1c:a7:0a:b6:17:f7:fc:
                    0a:6e:51:5a:b4:cd:e8:9e:d1:dd:14:b3:25:ce:e0:
                    c6:d0:2e:d9:4d:50:8b:37:96:b1:02:25:71:07:92:
                    b6:b4:1d:5c:00:5e:1b:a0:05:f2:58:c8:96:22:a0:
                    69:13:ea:b0:17:b6:23:56:88:bb:89:bb:e7:94:3a:
                    ec:76:d1:d1:99:b6:3f:81:27:73:6b:89:bf:4b:98:
                    d4:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DF:B1:B0:C3:7A:75:7E:77:D4:4C:00:81:BC:61:83:75:0A:12:3D
            X509v3 Authority Key Identifier:
                keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/IN-xsMN6dX531EwAgbxhg3UKEj0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5840:280::/44

    Signature Algorithm: sha256WithRSAEncryption
         b2:41:6c:2a:48:2c:02:79:0a:28:73:87:e4:84:4a:04:6d:62:
         f5:cf:9c:d1:a9:38:d3:74:dc:7f:30:24:7f:12:e9:23:c5:8e:
         87:dc:c6:59:1b:f5:31:16:b3:a4:60:2d:34:c4:b4:0c:c9:fc:
         ea:18:a5:85:5e:2c:17:15:f0:16:4b:9f:30:4e:b0:89:cd:0f:
         f5:a1:62:96:e8:82:ab:40:7f:c3:fd:f5:ed:cb:d2:25:ef:8f:
         8c:98:19:a6:b9:af:ca:0a:9b:85:c7:3c:e0:ca:77:05:1c:49:
         d7:86:f7:51:1d:3e:aa:4f:1c:9f:5e:65:5a:b3:f2:54:e7:9d:
         f1:34:6a:d6:2d:ff:bd:99:a6:b7:f7:76:ed:98:34:b3:a4:39:
         89:82:d7:1a:14:c5:3f:b2:bc:50:06:46:c5:1e:33:93:f2:fd:
         3e:84:86:b7:4d:cb:c4:b5:8a:ef:9a:97:d1:72:0f:af:1a:5f:
         2f:57:bf:24:73:cc:92:08:bb:16:53:cb:6f:93:a5:84:a8:bb:
         48:e0:65:f6:cd:f0:75:84:1c:08:c5:48:fe:ab:fa:93:fa:aa:
         87:9a:72:dc:3b:d9:a2:ed:34:bb:20:54:89:1f:78:d5:32:1c:
         3f:1f:cd:45:fa:85:cf:01:de:07:df:65:22:96:4a:0d:6f:00:
         b4:f7:c5:3c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECFvFGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc3MDVlODliYjY1YjQ3MmU0ZTAxODRkNmZlOWJmYjhjNTg2MzVhMB4XDTIyMDUz
MTE0MDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBkZmIxYjBjMzdh
NzU3ZTc3ZDQ0YzAwODFiYzYxODM3NTBhMTIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2pclHveMwwaHL+2neezedjNKgq3VnWZqxptQySEfIVZoVP
u6iAvGjMYefMNZP9K6L7NgHUqD6a9pfyoe0C+KcCHSioYBipO+etMG7PZQ2icVar
BY88qP6HjRFWVvje84EIB09/WO2ToO2nl6p0xgIvDm1cwALekC7bCJOqow+K/JnZ
sG+RBYOQxqJ1XLtd08VvQxNJGwupuV14BrEdCYJXzJI+MqBMcdl1S5gcpwq2F/f8
Cm5RWrTN6J7R3RSzJc7gxtAu2U1QizeWsQIlcQeStrQdXABeG6AF8ljIliKgaRPq
sBe2I1aIu4m755Q67HbR0Zm2P4Enc2uJv0uY1F0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQg37Gww3p1fnfUTACBvGGDdQoSPTAfBgNVHSMEGDAWgBT3dwXom7ZbRy5O
AYTW/pv7jFhjWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzY0Y2SnUyVzBjdVRnR0UxdjZiLTR4WVkxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8x
L0lOLXhzTU42ZFg1MzFFd0FnYnhoZzNVS0VqMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8xLzkzY0Y2SnUyVzBj
dVRnR0UxdjZiLTR4WVkxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoDWEACgDANBgkqhkiG9w0BAQsF
AAOCAQEAskFsKkgsAnkKKHOH5IRKBG1i9c+c0ak403TcfzAkfxLpI8WOh9zGWRv1
MRazpGAtNMS0DMn86hilhV4sFxXwFkufME6wic0P9aFiluiCq0B/w/317cvSJe+P
jJgZprmvygqbhcc84Mp3BRxJ14b3UR0+qk8cn15lWrPyVOed8TRq1i3/vZmmt/d2
7Zg0s6Q5iYLXGhTFP7K8UAZGxR4zk/L9PoSGt03LxLWK75qX0XIPrxpfL1e/JHPM
kgi7FlPLb5OlhKi7SOBl9s3wdYQcCMVI/qv6k/qqh5py3DvZou00uyBUiR941TIc
Px/NRfqFzwHeB99lIpZKDW8AtPfFPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:12 2024 by rpki-client on console-fra.rpki-client.org