Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/sm2PbTADE7IylnXdQluuyuwJ3uA.roa
File:                     sm2PbTADE7IylnXdQluuyuwJ3uA.roa (raw, json)
Hash identifier:          clmgPVpLXEtb9dgD1LMMZAACvA9rP7xB0dBUSKYAA6Q=
Subject key identifier:   B2:6D:8F:6D:30:03:13:B2:32:96:75:DD:42:5B:AE:CA:EC:09:DE:E0
Certificate issuer:       /CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
Certificate serial:       081F4815
Authority key identifier: 63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/sm2PbTADE7IylnXdQluuyuwJ3uA.roa
Signing time:             Sat 01 Jan 2022 03:52:47 +0000
ROA not before:           Sat 01 Jan 2022 03:52:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39702
IP address blocks:        2001:678:a9c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136267797 (0x81f4815)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
        Validity
            Not Before: Jan  1 03:52:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b26d8f6d300313b2329675dd425baecaec09dee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:18:2f:49:78:d3:d0:3a:8b:ea:a4:0c:49:0d:
                    64:83:80:bf:fa:e0:01:b2:ba:c5:36:f2:d7:1f:e3:
                    ab:a2:33:3d:2a:b1:0a:66:78:b2:a8:f3:1d:c9:32:
                    bf:21:02:f8:26:71:38:13:26:23:7e:db:8f:89:23:
                    3f:72:7d:2d:6d:9f:8f:a0:c2:c3:84:fa:6f:f5:a7:
                    2a:81:c4:3f:ed:3e:b9:99:d5:08:25:76:f8:fd:c0:
                    46:ed:75:95:e9:74:95:01:b4:9e:fc:d0:37:b3:66:
                    b7:c6:53:23:c7:6d:1f:c4:22:21:2c:ee:f3:1d:0c:
                    16:02:46:c5:de:72:d1:27:17:4c:a4:ff:71:eb:d5:
                    0f:cb:8e:45:7d:0a:76:11:b8:86:f8:b4:68:81:79:
                    e9:00:1e:c5:e4:a5:2c:47:b6:f6:f7:58:ac:5c:d4:
                    e6:99:fc:05:c7:f5:9a:74:a8:10:39:d3:91:7a:73:
                    32:8e:c1:c1:6b:0f:21:fc:4a:85:7a:7f:36:f1:10:
                    2f:23:ac:db:1b:90:42:df:d4:38:88:8b:b7:11:98:
                    91:10:e6:14:cc:6d:7d:d2:42:46:da:1e:50:16:ee:
                    82:97:89:11:d2:7b:26:5c:db:f1:5b:b7:85:c6:10:
                    f4:af:61:bd:aa:49:03:82:32:f2:83:a1:53:a6:53:
                    ef:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:6D:8F:6D:30:03:13:B2:32:96:75:DD:42:5B:AE:CA:EC:09:DE:E0
            X509v3 Authority Key Identifier:
                keyid:63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/sm2PbTADE7IylnXdQluuyuwJ3uA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:a9c::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:fb:68:67:12:62:5e:a3:9f:40:4f:72:c1:60:ef:76:51:e4:
         0e:4f:94:49:c5:fe:10:19:5b:09:82:91:1f:8e:71:63:4a:8a:
         9f:3d:12:b0:53:f2:4f:db:80:26:9e:ee:06:5f:cf:b3:e8:b5:
         ff:c8:13:7e:d0:c2:bb:93:73:3a:8b:3f:01:fc:fa:02:25:0a:
         4c:91:8b:ba:9d:d0:be:00:12:47:fc:0f:87:b5:75:ff:4a:e9:
         57:22:e4:57:2d:8e:d7:1c:88:f4:4a:06:b7:e3:19:c5:54:cb:
         da:b4:35:b4:40:71:43:86:b1:f1:b5:5d:01:8e:3e:1c:0d:78:
         24:41:e8:a7:04:0e:e4:d1:8a:fd:f9:ce:33:ee:63:52:31:90:
         d8:e7:8a:73:ca:e9:52:1b:c1:48:da:d8:20:ed:93:7d:b1:d6:
         0d:33:94:1f:97:b8:f5:77:b3:e8:8b:40:50:24:ca:7b:36:59:
         66:5d:b5:c7:0b:dd:66:45:a0:9d:74:1a:1a:73:85:13:29:8c:
         83:70:99:b9:be:63:41:b8:31:35:d3:60:3f:7a:92:af:d2:03:
         6b:f6:fc:2c:bd:3a:9b:06:f8:32:54:5a:1e:79:71:c2:ac:62:
         9a:26:0c:47:cf:52:61:c1:63:bd:5a:d9:fe:4d:7d:13:e6:d3:
         ab:4a:09:cd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECB9IFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2MxYjlmZmU5ODY3MmJmNjJmNDg3ZjQ3ZGFmZWEzMGY1YmVmMDljMB4XDTIyMDEw
MTAzNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI2ZDhmNmQzMDAz
MTNiMjMyOTY3NWRkNDI1YmFlY2FlYzA5ZGVlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMYL0l409A6i+qkDEkNZIOAv/rgAbK6xTby1x/jq6IzPSqx
CmZ4sqjzHckyvyEC+CZxOBMmI37bj4kjP3J9LW2fj6DCw4T6b/WnKoHEP+0+uZnV
CCV2+P3ARu11lel0lQG0nvzQN7Nmt8ZTI8dtH8QiISzu8x0MFgJGxd5y0ScXTKT/
cevVD8uORX0KdhG4hvi0aIF56QAexeSlLEe29vdYrFzU5pn8Bcf1mnSoEDnTkXpz
Mo7BwWsPIfxKhXp/NvEQLyOs2xuQQt/UOIiLtxGYkRDmFMxtfdJCRtoeUBbugpeJ
EdJ7Jlzb8Vu3hcYQ9K9hvapJA4Iy8oOhU6ZT75sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSybY9tMAMTsjKWdd1CW67K7Ane4DAfBgNVHSMEGDAWgBRjwbn/6YZyv2L0
h/R9r+ow9b7wnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1k4RzVfLW1HY3I5aTlJZjBmYV9xTVBXLThKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvNjNlMzA1LTQ2ZTYtNDM2My04NzMzLTdkOTQ4ZGJhNWUzYy8x
L3NtMlBiVEFERTdJeWxuWGRRbHV1eXV3SjN1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
NjNlMzA1LTQ2ZTYtNDM2My04NzMzLTdkOTQ4ZGJhNWUzYy8xL1k4RzVfLW1HY3I5
aTlJZjBmYV9xTVBXLThKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKnDANBgkqhkiG9w0BAQsF
AAOCAQEAjvtoZxJiXqOfQE9ywWDvdlHkDk+UScX+EBlbCYKRH45xY0qKnz0SsFPy
T9uAJp7uBl/Ps+i1/8gTftDCu5NzOos/Afz6AiUKTJGLup3QvgASR/wPh7V1/0rp
VyLkVy2O1xyI9EoGt+MZxVTL2rQ1tEBxQ4ax8bVdAY4+HA14JEHopwQO5NGK/fnO
M+5jUjGQ2OeKc8rpUhvBSNrYIO2TfbHWDTOUH5e49Xez6ItAUCTKezZZZl21xwvd
ZkWgnXQaGnOFEymMg3CZub5jQbgxNdNgP3qSr9IDa/b8LL06mwb4MlRaHnlxwqxi
miYMR89SYcFjvVrZ/k19E+bTq0oJzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:50 2024 by rpki-client on console-ams.rpki-client.org