Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/VBjVxgapw4xoa_gSXCShDmqYX8s.roa
File:                     VBjVxgapw4xoa_gSXCShDmqYX8s.roa (raw, json)
Hash identifier:          wYXyz+Hvkm3YAl7L0UiuBhxnRXu0ai+m2gAVkBiPa8w=
Subject key identifier:   54:18:D5:C6:06:A9:C3:8C:68:6B:F8:12:5C:24:A1:0E:6A:98:5F:CB
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       0FE20DEF
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/VBjVxgapw4xoa_gSXCShDmqYX8s.roa
Signing time:             Sat 01 Jan 2022 14:59:41 +0000
ROA not before:           Sat 01 Jan 2022 14:59:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203478
IP address blocks:        2a06:e881:5600::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 266472943 (0xfe20def)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan  1 14:59:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5418d5c606a9c38c686bf8125c24a10e6a985fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a9:13:d5:ce:f9:a2:4d:93:97:24:8f:bf:86:
                    35:fa:a1:40:21:f9:42:f8:c7:7d:c2:6d:ae:8e:ee:
                    aa:1e:c7:ba:fd:00:f0:f0:45:03:16:f2:28:d4:f0:
                    9b:37:3a:c5:a8:d1:07:a6:7d:14:b0:f0:da:71:00:
                    c0:b5:00:b6:1d:a5:d0:7e:a4:59:b9:ec:16:e5:36:
                    73:2d:5b:1e:3a:b1:25:64:6b:1b:bb:01:2e:5c:07:
                    9f:5a:a1:f4:e8:02:ce:70:ff:52:6d:0c:e9:14:6f:
                    41:ad:7d:28:62:f2:b3:f5:6e:a2:9c:56:55:3b:34:
                    6a:0e:d6:87:ba:21:2b:2f:b0:fa:f7:ae:be:7e:b1:
                    ca:8d:e2:67:d0:53:41:80:dc:f7:01:bc:15:6b:2d:
                    45:30:a2:bb:34:92:ea:40:c6:95:93:18:18:42:c6:
                    59:10:e6:4a:ba:ec:1c:41:78:3d:39:19:54:d0:26:
                    20:27:8c:17:83:93:9a:64:ef:9b:52:f1:ef:46:e1:
                    61:20:10:56:45:c6:3f:6d:d4:5e:87:cb:c1:31:68:
                    3a:8b:5d:4a:28:bb:fa:5e:a1:82:e9:6a:51:39:68:
                    06:f0:04:66:c7:e2:be:af:88:6b:e5:00:c8:79:e6:
                    5a:80:66:11:e8:49:b9:fa:26:83:c5:1f:f1:a6:29:
                    5b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:18:D5:C6:06:A9:C3:8C:68:6B:F8:12:5C:24:A1:0E:6A:98:5F:CB
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/VBjVxgapw4xoa_gSXCShDmqYX8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:5600::/44

    Signature Algorithm: sha256WithRSAEncryption
         b6:00:0a:30:d6:75:82:be:b3:92:27:1e:81:67:2d:80:ee:f0:
         7f:29:34:7b:dd:dd:50:6d:10:66:c8:39:60:3c:27:63:ff:b2:
         62:0f:1b:6e:44:f3:1b:95:7a:80:2f:90:22:b4:94:fc:5d:8f:
         78:59:6c:2e:63:22:76:72:2f:1e:cd:22:bd:3b:bc:70:74:be:
         88:6a:ae:d1:d9:12:28:0a:5c:af:26:4c:d1:e9:f1:e4:d3:ad:
         88:b0:fe:b7:03:7e:ea:51:ab:1d:72:b9:c4:9c:61:8c:bf:b2:
         54:d5:6a:e3:9a:b1:e3:fa:47:61:f4:43:d6:9b:83:2c:2b:35:
         a2:e4:74:8a:dd:55:ae:e3:6a:28:db:2f:dc:5f:79:6e:6d:70:
         49:f4:2a:d0:01:76:6c:87:64:42:c8:10:83:cf:86:e0:bf:37:
         6f:b6:df:5c:ba:ad:19:88:35:d1:23:af:d8:71:88:0e:52:95:
         ed:c8:a7:f8:ae:58:a7:33:fd:4a:6a:b9:32:32:10:ba:af:2f:
         fa:45:73:84:42:01:50:89:f5:1f:43:7c:ce:08:87:31:86:30:
         c5:c8:17:82:27:88:3c:dc:82:d4:1e:07:bf:13:fa:1b:b3:5d:
         58:1f:15:75:37:22:70:d6:3e:f5:e7:80:f2:71:5e:31:06:55:
         f3:a2:92:1d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED+IN7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODA3NGI0MTllYWQ0Y2VmZWEyZjJhZDJjMjU5ZDk3OGM1ZWQ3OTU0MB4XDTIyMDEw
MTE0NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQxOGQ1YzYwNmE5
YzM4YzY4NmJmODEyNWMyNGExMGU2YTk4NWZjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKapE9XO+aJNk5ckj7+GNfqhQCH5QvjHfcJtro7uqh7Huv0A
8PBFAxbyKNTwmzc6xajRB6Z9FLDw2nEAwLUAth2l0H6kWbnsFuU2cy1bHjqxJWRr
G7sBLlwHn1qh9OgCznD/Um0M6RRvQa19KGLys/VuopxWVTs0ag7Wh7ohKy+w+veu
vn6xyo3iZ9BTQYDc9wG8FWstRTCiuzSS6kDGlZMYGELGWRDmSrrsHEF4PTkZVNAm
ICeMF4OTmmTvm1Lx70bhYSAQVkXGP23UXofLwTFoOotdSii7+l6hgulqUTloBvAE
Zsfivq+Ia+UAyHnmWoBmEehJufomg8Uf8aYpW0UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRUGNXGBqnDjGhr+BJcJKEOaphfyzAfBgNVHSMEGDAWgBS4B0tBnq1M7+ov
KtLCWdl4xe15VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8x
L1ZCalZ4Z2FwdzR4b2FfZ1NYQ1NoRG1xWVg4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJiMS8xL3VBZExRWjZ0VE9f
cUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoG6IFWADANBgkqhkiG9w0BAQsF
AAOCAQEAtgAKMNZ1gr6zkicegWctgO7wfyk0e93dUG0QZsg5YDwnY/+yYg8bbkTz
G5V6gC+QIrSU/F2PeFlsLmMidnIvHs0ivTu8cHS+iGqu0dkSKApcryZM0enx5NOt
iLD+twN+6lGrHXK5xJxhjL+yVNVq45qx4/pHYfRD1puDLCs1ouR0it1VruNqKNsv
3F95bm1wSfQq0AF2bIdkQsgQg8+G4L83b7bfXLqtGYg10SOv2HGIDlKV7cin+K5Y
pzP9Smq5MjIQuq8v+kVzhEIBUIn1H0N8zgiHMYYwxcgXgieIPNyC1B4HvxP6G7Nd
WB8VdTcicNY+9eeA8nFeMQZV86KSHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org