Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XoMRrkvxv3GlpfRCEJGj0HgZrxI.roa
File:                     XoMRrkvxv3GlpfRCEJGj0HgZrxI.roa (raw, json)
Hash identifier:          vDvHGXYgnI4Tf51ZEBRw32WQClLRkM2m4AJXjdCbpEw=
Subject key identifier:   5E:83:11:AE:4B:F1:BF:71:A5:A5:F4:42:10:91:A3:D0:78:19:AF:12
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01842CA91E041BD467AB3D2210C564998CF3
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XoMRrkvxv3GlpfRCEJGj0HgZrxI.roa
Signing time:             Mon 31 Oct 2022 06:09:51 +0000
ROA not before:           Mon 31 Oct 2022 06:09:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9312
IP address blocks:        2a07:e340::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2c:a9:1e:04:1b:d4:67:ab:3d:22:10:c5:64:99:8c:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Oct 31 06:09:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e8311ae4bf1bf71a5a5f4421091a3d07819af12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bd:db:45:b7:36:3f:cf:2b:a5:3d:dd:f2:96:
                    35:aa:0e:11:47:52:87:aa:05:61:df:87:f0:fa:48:
                    bd:58:95:33:79:98:2c:cb:7a:e1:2c:cf:8c:4c:e5:
                    a8:8d:50:88:9f:e7:f9:61:ec:15:9b:16:9e:65:15:
                    0c:90:4c:a2:d7:e2:93:e7:cb:bb:3f:27:3d:eb:a3:
                    aa:2c:3e:f1:71:cf:06:fc:da:06:d6:f1:1f:f2:75:
                    71:09:59:55:7c:a7:9e:6b:e5:1f:dc:95:05:f3:04:
                    18:3b:3d:4b:b3:85:f4:f3:15:4d:f9:a2:54:33:02:
                    2e:8c:98:75:ee:6c:2a:48:dd:f0:80:d7:a5:b1:c4:
                    ff:a8:de:fc:b1:10:43:f8:29:f4:bc:28:b4:1e:16:
                    11:e0:d5:0f:d2:0f:96:43:18:93:2a:92:d7:7b:ce:
                    c4:d2:c0:c3:fa:af:fe:f1:54:ec:9b:b4:d7:b4:c5:
                    a7:74:88:70:09:ee:96:88:97:cb:f3:9d:32:15:58:
                    22:8c:92:6f:7e:e4:52:9f:5f:d2:bc:d8:da:3a:9a:
                    d2:50:dc:31:f0:6a:67:e0:5a:af:3f:ad:2f:21:b2:
                    ed:48:83:4a:03:df:a6:3c:50:59:60:d9:c9:83:7e:
                    5b:a2:f7:1e:45:d5:28:8b:6f:83:55:d1:9b:4f:22:
                    cc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:83:11:AE:4B:F1:BF:71:A5:A5:F4:42:10:91:A3:D0:78:19:AF:12
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XoMRrkvxv3GlpfRCEJGj0HgZrxI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:e340::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:2f:8e:31:00:d5:36:4c:0e:f5:16:f1:da:c0:7a:08:36:9e:
         76:c4:b1:ed:3f:d6:44:8d:9f:ad:83:23:82:fc:57:a8:5f:51:
         7d:8a:cf:5e:75:bc:8b:de:a3:36:20:5f:9c:cd:10:5c:e5:4c:
         46:d2:11:ca:a4:bc:ab:94:f3:30:ef:3c:e5:87:ce:7d:e3:1e:
         b1:a5:0a:64:f5:e5:d0:1d:5f:93:f6:db:45:2a:2e:11:f8:cf:
         92:5c:0a:ef:1e:a3:24:b9:36:12:bc:09:16:4d:fc:96:fb:d5:
         17:fd:32:df:1b:50:c0:c5:39:ac:bc:71:2e:4d:3a:8c:13:75:
         da:af:1a:aa:b6:1e:3c:ff:e6:67:bd:2d:99:5b:87:8b:af:52:
         7b:b7:b7:38:a9:91:ab:df:76:e4:65:f7:51:89:5b:c4:c0:1c:
         71:5e:d5:ff:9b:b6:74:8a:fb:e0:bb:35:39:27:f3:c4:d9:40:
         05:04:24:c6:a5:4f:ea:c6:5a:f9:56:b7:2e:13:f6:55:87:e3:
         a2:05:5e:15:ac:c2:dd:c4:fe:30:31:a3:96:c9:97:38:27:25:
         bd:23:1d:4a:80:fe:e0:ff:ea:47:4d:04:fc:4b:f5:32:eb:ea:
         c9:c8:59:34:c0:f5:94:3c:d0:b5:fa:f4:27:6a:48:a0:d3:45:
         19:8a:98:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQsqR4EG9Rnqz0iEMVkmYzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDMxMDYwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgzMTFhZTRiZjFiZjcxYTVhNWY0NDIxMDkxYTNkMDc4MTlhZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor3bRbc2P88rpT3d8pY1qg4RR1KH
qgVh34fw+ki9WJUzeZgsy3rhLM+MTOWojVCIn+f5YewVmxaeZRUMkEyi1+KT58u7
Pyc966OqLD7xcc8G/NoG1vEf8nVxCVlVfKeea+Uf3JUF8wQYOz1Ls4X08xVN+aJU
MwIujJh17mwqSN3wgNelscT/qN78sRBD+Cn0vCi0HhYR4NUP0g+WQxiTKpLXe87E
0sDD+q/+8VTsm7TXtMWndIhwCe6WiJfL850yFVgijJJvfuRSn1/SvNjaOprSUNwx
8Gpn4FqvP60vIbLtSINKA9+mPFBZYNnJg35bovceRdUoi2+DVdGbTyLM1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF6DEa5L8b9xpaX0QhCRo9B4Ga8SMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWG9NUnJrdnh2M0dscGZSQ0VKR2owSGdacnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKS+OMQDVNkwO9Rbx2sB6CDaedsSx7T/WRI2frYMj
gvxXqF9RfYrPXnW8i96jNiBfnM0QXOVMRtIRyqS8q5TzMO885YfOfeMesaUKZPXl
0B1fk/bbRSouEfjPklwK7x6jJLk2ErwJFk38lvvVF/0y3xtQwMU5rLxxLk06jBN1
2q8aqrYePP/mZ70tmVuHi69Se7e3OKmRq9925GX3UYlbxMAccV7V/5u2dIr74Ls1
OSfzxNlABQQkxqVP6sZa+Va3LhP2VYfjogVeFazC3cT+MDGjlsmXOCclvSMdSoD+
4P/qR00E/Ev1MuvqychZNMD1lDzQtfr0J2pIoNNFGYqYDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org