Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/FYwTmPyOzM1ADUtYyyMiUL05hAY.roa
File:                     FYwTmPyOzM1ADUtYyyMiUL05hAY.roa (raw, json)
Hash identifier:          DKOvESyJaCyY5S031ugdxcfINbdZ9dsTLP3hQgbTviw=
Subject key identifier:   15:8C:13:98:FC:8E:CC:CD:40:0D:4B:58:CB:23:22:50:BD:39:84:06
Certificate issuer:       /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial:       01832F2F2ACA4022362F1CD9BB13493B4E00
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/FYwTmPyOzM1ADUtYyyMiUL05hAY.roa
Signing time:             Mon 12 Sep 2022 00:52:43 +0000
ROA not before:           Mon 12 Sep 2022 00:52:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     141483
IP address blocks:        2a0e:46c4:1800::/48 maxlen: 48
                          2a0e:46c4:1801::/48 maxlen: 48
                          2a0e:46c4:1802::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:2f:2f:2a:ca:40:22:36:2f:1c:d9:bb:13:49:3b:4e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
        Validity
            Not Before: Sep 12 00:52:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=158c1398fc8ecccd400d4b58cb232250bd398406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:88:c4:66:f0:fb:1d:37:26:98:59:0c:6e:12:
                    d1:f3:59:59:69:fe:a7:32:03:a4:c2:e4:6c:8a:af:
                    ed:e9:65:6c:b0:ec:b7:44:be:7e:7c:a0:e8:fc:04:
                    d1:aa:e0:33:7e:35:0b:ff:1a:9a:6e:a7:cc:c2:1d:
                    da:1d:df:81:57:cb:da:42:28:0e:01:3e:f1:64:75:
                    69:73:96:0e:0b:b1:51:b2:ba:76:18:a6:21:a2:9e:
                    07:ed:c8:57:c5:71:1f:98:1d:fb:1f:fd:c2:e3:21:
                    91:70:eb:8f:64:fe:85:4a:38:0b:a6:76:c4:7b:8f:
                    cb:ab:a1:c5:7d:3a:c6:32:0c:7a:ae:17:21:3b:13:
                    b2:60:9c:dc:6f:61:5c:99:54:b7:02:09:23:fd:cc:
                    35:c4:ef:70:2d:d8:55:07:3e:ac:59:d7:69:1d:ae:
                    4a:75:35:09:06:1f:50:d5:5d:bf:7d:7a:28:ed:75:
                    47:98:8a:0d:4b:85:35:89:13:88:ed:7b:32:4f:ee:
                    f3:e4:f2:23:14:19:67:16:a7:65:22:86:53:2a:ba:
                    7f:a6:c7:63:ef:66:ca:0f:d7:08:79:80:18:1d:61:
                    70:9c:2e:b8:59:86:55:ae:f0:5c:2e:c7:01:a0:9c:
                    9c:49:3b:3c:7e:bf:ee:15:39:68:19:d4:85:48:61:
                    0c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:8C:13:98:FC:8E:CC:CD:40:0D:4B:58:CB:23:22:50:BD:39:84:06
            X509v3 Authority Key Identifier:
                keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/FYwTmPyOzM1ADUtYyyMiUL05hAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:46c4:1800::-2a0e:46c4:1802:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         29:e9:a5:88:f6:a7:c4:b2:30:34:4d:8d:be:b4:a9:fd:c6:56:
         17:2a:a9:ac:14:10:b2:80:3a:21:9d:03:42:e5:96:44:2c:4b:
         a7:1f:11:2d:7d:37:f6:0a:7e:d0:68:03:d1:b4:0f:75:35:d5:
         62:2d:32:ef:6c:18:13:99:fd:bb:54:c9:a9:1a:e2:2a:84:89:
         ca:62:94:37:f5:e3:e4:98:e3:22:fe:b9:4f:eb:41:65:cf:dc:
         21:20:98:a9:24:12:17:ee:82:58:4b:df:11:fe:84:8f:b2:88:
         3a:cf:6a:b2:a1:8a:0d:04:be:3b:fc:63:d9:5b:e5:33:72:76:
         e8:f2:d5:74:8d:43:1c:d2:83:db:df:e1:c1:de:34:12:03:71:
         db:0d:71:a1:40:e7:3c:7b:54:4e:80:2b:03:92:f0:18:a9:fc:
         d0:cb:38:4f:82:cf:ac:50:28:35:1b:8d:5c:49:5e:c4:6b:23:
         18:97:af:17:ea:f7:db:99:22:da:43:1b:4d:0f:c1:ff:8e:f6:
         bf:0b:01:b4:68:cb:d8:ff:c7:33:b0:30:33:df:3a:a4:57:70:
         5e:c4:64:37:85:b6:5c:59:0b:ec:62:e0:f9:5c:59:1d:85:c8:
         f5:cd:c2:72:f3:5e:66:70:7c:3b:92:86:81:25:1d:20:cb:73:
         5b:db:4e:de
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYMvLyrKQCI2LxzZuxNJO04AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjIwOTEyMDA1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNThjMTM5OGZjOGVjY2NkNDAwZDRiNThjYjIzMjI1MGJkMzk4NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmojEZvD7HTcmmFkMbhLR81lZaf6n
MgOkwuRsiq/t6WVssOy3RL5+fKDo/ATRquAzfjUL/xqabqfMwh3aHd+BV8vaQigO
AT7xZHVpc5YOC7FRsrp2GKYhop4H7chXxXEfmB37H/3C4yGRcOuPZP6FSjgLpnbE
e4/Lq6HFfTrGMgx6rhchOxOyYJzcb2FcmVS3Agkj/cw1xO9wLdhVBz6sWddpHa5K
dTUJBh9Q1V2/fXoo7XVHmIoNS4U1iROI7XsyT+7z5PIjFBlnFqdlIoZTKrp/psdj
72bKD9cIeYAYHWFwnC64WYZVrvBcLscBoJycSTs8fr/uFTloGdSFSGEMvQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBWME5j8jszNQA1LWMsjIlC9OYQGMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvRll3VG1QeU96TTFBRFV0WXl5TWlVTDA1aEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgMqDkbE
GAMHACoORsQYAjANBgkqhkiG9w0BAQsFAAOCAQEAKemliPanxLIwNE2NvrSp/cZW
FyqprBQQsoA6IZ0DQuWWRCxLpx8RLX039gp+0GgD0bQPdTXVYi0y72wYE5n9u1TJ
qRriKoSJymKUN/Xj5JjjIv65T+tBZc/cISCYqSQSF+6CWEvfEf6Ej7KIOs9qsqGK
DQS+O/xj2VvlM3J26PLVdI1DHNKD29/hwd40EgNx2w1xoUDnPHtUToArA5LwGKn8
0Ms4T4LPrFAoNRuNXElexGsjGJevF+r325ki2kMbTQ/B/472vwsBtGjL2P/HM7Aw
M986pFdwXsRkN4W2XFkL7GLg+VxZHYXI9c3CcvNeZnB8O5KGgSUdIMtzW9tO3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:15 2024 by rpki-client on console-fra.rpki-client.org