Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/xjuAvWUabSsHIagx_ChCLoHDhrA.roa
File:                     xjuAvWUabSsHIagx_ChCLoHDhrA.roa (raw, json)
Hash identifier:          N6M8L6AjYKzJt41CFDd3MU7/+JgQ9Zufsn63fXD1NIs=
Subject key identifier:   C6:3B:80:BD:65:1A:6D:2B:07:21:A8:31:FC:28:42:2E:81:C3:86:B0
Certificate issuer:       /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial:       0C7EC0F4
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/xjuAvWUabSsHIagx_ChCLoHDhrA.roa
Signing time:             Sat 01 Jan 2022 14:02:38 +0000
ROA not before:           Sat 01 Jan 2022 14:02:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204680
IP address blocks:        2a00:139b:ffff::/48 maxlen: 48
                          2a00:139b::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209633524 (0xc7ec0f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
        Validity
            Not Before: Jan  1 14:02:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c63b80bd651a6d2b0721a831fc28422e81c386b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cc:36:ce:66:34:42:46:06:fd:2a:a7:08:e9:
                    e4:8d:32:99:7c:4a:5f:36:86:eb:cd:7a:3f:dc:18:
                    cc:f6:ac:dc:1f:43:30:76:4b:ca:39:f6:dd:71:51:
                    08:06:cb:97:df:fb:fa:60:ae:a8:da:f7:c9:41:5d:
                    a6:99:f4:e2:65:22:f5:d1:38:df:c1:54:bb:eb:62:
                    c8:16:da:e2:66:86:89:43:10:26:c7:35:b8:20:5b:
                    a6:2d:32:a3:17:93:0a:42:07:10:f9:40:3c:b3:22:
                    a8:d5:f2:32:61:20:54:2e:83:29:f0:d7:2c:ac:0d:
                    b9:f0:14:e0:4f:42:ba:db:eb:af:57:b0:89:f8:9d:
                    76:b6:44:ab:97:24:a3:1a:e2:2b:b1:91:dc:c8:3b:
                    3b:1f:d5:a7:5d:a8:df:2e:07:e2:d5:81:31:9d:c6:
                    61:92:db:a9:83:bf:8c:2f:68:1c:4d:73:e0:82:46:
                    37:6e:72:92:d4:96:47:73:53:be:1b:4d:de:95:f0:
                    31:af:36:95:9e:b7:94:52:fd:83:06:b6:c1:d1:a8:
                    d0:b3:8e:35:8b:c3:2a:88:0e:d9:10:50:da:db:f1:
                    bd:0c:12:15:d5:57:ca:db:f1:40:98:9d:38:9a:23:
                    44:f0:a9:79:74:43:5d:35:47:62:11:2f:0c:9f:8c:
                    57:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:3B:80:BD:65:1A:6D:2B:07:21:A8:31:FC:28:42:2E:81:C3:86:B0
            X509v3 Authority Key Identifier:
                keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/xjuAvWUabSsHIagx_ChCLoHDhrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:139b::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:88:cc:45:b0:bd:9f:19:04:f7:ac:d6:26:88:79:16:f6:17:
         42:af:df:0e:72:47:d5:50:67:7f:62:82:df:96:fc:05:5d:a5:
         77:e7:af:96:6a:27:cb:00:f3:8f:01:f8:21:5a:03:6b:61:9b:
         77:e2:75:a7:57:d6:93:e6:7c:ba:ca:52:7b:59:e8:5a:9e:98:
         16:f3:c7:ea:7d:00:6f:e1:40:df:05:c8:8f:5a:24:00:0d:c9:
         0f:65:f3:15:e7:05:06:7a:51:84:01:d3:dc:c0:bf:aa:5b:0d:
         c9:bb:35:81:2d:cd:a4:f4:49:5d:fe:bb:38:70:47:9e:1f:a7:
         69:e3:e0:a4:91:98:40:5c:18:01:84:96:73:1c:31:69:10:76:
         86:7f:e3:58:d4:0f:25:6f:f5:15:34:37:e7:24:ef:ba:08:88:
         c6:68:9f:f2:38:a6:5e:ba:6e:14:ca:05:b5:e2:bc:23:ac:b4:
         02:7e:55:bc:45:e1:41:40:06:bb:5a:85:8a:2f:99:3d:a0:2f:
         69:5b:92:34:9e:eb:f2:8a:15:96:c4:0c:16:2f:90:4f:70:73:
         8f:6f:a0:29:a2:18:c8:b9:6a:ff:80:de:b7:53:4f:65:bd:87:
         47:91:c8:1c:2a:0a:ce:27:03:43:3d:98:3c:fd:68:dd:ff:e2:
         bf:78:96:45
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDH7A9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWIxNzg4ZmUyMjBlNDY0MzQ2OTJkMWNjNDM3MDcyZDc5MmQ3ODg4MB4XDTIyMDEw
MTE0MDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYzYjgwYmQ2NTFh
NmQyYjA3MjFhODMxZmMyODQyMmU4MWMzODZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjMNs5mNEJGBv0qpwjp5I0ymXxKXzaG6816P9wYzPas3B9D
MHZLyjn23XFRCAbLl9/7+mCuqNr3yUFdppn04mUi9dE438FUu+tiyBba4maGiUMQ
Jsc1uCBbpi0yoxeTCkIHEPlAPLMiqNXyMmEgVC6DKfDXLKwNufAU4E9Cutvrr1ew
ifiddrZEq5ckoxriK7GR3Mg7Ox/Vp12o3y4H4tWBMZ3GYZLbqYO/jC9oHE1z4IJG
N25yktSWR3NTvhtN3pXwMa82lZ63lFL9gwa2wdGo0LOONYvDKogO2RBQ2tvxvQwS
FdVXytvxQJidOJojRPCpeXRDXTVHYhEvDJ+MV38CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTGO4C9ZRptKwchqDH8KEIugcOGsDAfBgNVHSMEGDAWgBQ+sXiP4iDkZDRp
LRzENwcteS14iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ByRjRqLUlnNUdRMGFTMGN4RGNITFhrdGVJZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8x
L3hqdUF2V1VhYlNzSElhZ3hfQ2hDTG9IRGhyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8xL1ByRjRqLUlnNUdR
MGFTMGN4RGNITFhrdGVJZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAE5swDQYJKoZIhvcNAQELBQAD
ggEBAFmIzEWwvZ8ZBPes1iaIeRb2F0Kv3w5yR9VQZ39igt+W/AVdpXfnr5ZqJ8sA
848B+CFaA2thm3fidadX1pPmfLrKUntZ6FqemBbzx+p9AG/hQN8FyI9aJAANyQ9l
8xXnBQZ6UYQB09zAv6pbDcm7NYEtzaT0SV3+uzhwR54fp2nj4KSRmEBcGAGElnMc
MWkQdoZ/41jUDyVv9RU0N+ck77oIiMZon/I4pl66bhTKBbXivCOstAJ+VbxF4UFA
BrtahYovmT2gL2lbkjSe6/KKFZbEDBYvkE9wc49voCmiGMi5av+A3rdTT2W9h0eR
yBwqCs4nA0M9mDz9aN3/4r94lkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org