Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/v4kb89k1VbvjUR_aTFDrf5WpQEo.roa
File:                     v4kb89k1VbvjUR_aTFDrf5WpQEo.roa (raw, json)
Hash identifier:          wVUUdzVhsPyH8nan2PHXqq1qyMIQvR6C0/JjQAllRa4=
Subject key identifier:   BF:89:1B:F3:D9:35:55:BB:E3:51:1F:DA:4C:50:EB:7F:95:A9:40:4A
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       0182E802249152CE0B9D55FB7FF3514723E3
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/v4kb89k1VbvjUR_aTFDrf5WpQEo.roa
Signing time:             Mon 29 Aug 2022 05:10:30 +0000
ROA not before:           Mon 29 Aug 2022 05:10:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208254
IP address blocks:        2a0e:bac0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e8:02:24:91:52:ce:0b:9d:55:fb:7f:f3:51:47:23:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Aug 29 05:10:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bf891bf3d93555bbe3511fda4c50eb7f95a9404a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:63:50:60:3e:3a:24:74:8d:b4:a3:34:e0:0f:
                    e4:86:56:f3:ea:57:94:96:6b:39:9d:02:40:a8:66:
                    23:76:a9:7d:0a:d3:6d:a8:5a:32:58:09:ab:0a:67:
                    29:ef:07:fa:1a:a0:ed:88:92:a3:7e:1b:fe:ab:38:
                    3c:38:84:7f:93:90:00:c8:ee:3b:a5:fe:b6:87:09:
                    4f:8f:45:5d:7e:aa:69:a7:88:76:6a:a6:cb:c6:ca:
                    5e:7c:1a:88:05:18:5d:38:97:29:45:49:5a:99:e5:
                    fc:b0:7e:a2:51:00:a3:91:81:f2:ac:5b:1e:64:0f:
                    97:49:83:ec:8f:ca:7c:e4:fc:7e:31:6e:c7:1a:f6:
                    37:fa:35:a7:ff:28:dd:21:01:9e:9a:f7:28:0d:b8:
                    22:49:1b:cb:af:b8:99:31:27:fd:37:50:df:a9:a4:
                    c8:ef:47:15:aa:4d:37:be:ff:bf:06:31:69:e9:48:
                    a8:88:95:68:ab:d3:9d:60:e3:ff:3a:bb:02:d2:b2:
                    b7:5f:27:0f:f1:0b:79:68:68:ab:76:59:2a:7b:c6:
                    21:7a:22:98:94:9d:9c:64:fe:40:5b:e8:aa:ad:76:
                    9e:2d:4c:d7:85:18:d6:c2:4b:f2:1a:b9:02:e4:62:
                    33:5b:28:38:23:65:83:30:ed:f0:f3:8a:39:26:f8:
                    2e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:89:1B:F3:D9:35:55:BB:E3:51:1F:DA:4C:50:EB:7F:95:A9:40:4A
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/v4kb89k1VbvjUR_aTFDrf5WpQEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:bac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4e:9c:25:23:ac:7b:30:7e:0f:ab:7a:67:69:99:3b:a5:09:2d:
         0c:84:50:17:b2:19:b6:0a:81:b6:52:63:d1:72:86:8b:af:a6:
         6e:08:06:c7:70:ad:cb:fa:8b:d0:a2:67:ba:c8:0a:6c:7a:16:
         8b:a6:aa:79:db:5b:e0:76:bd:51:25:7e:d0:bc:21:4f:33:c3:
         34:2c:5f:d7:f4:af:c7:f1:89:9e:cf:32:fa:71:43:a5:27:7c:
         c9:68:7a:ca:4e:ee:08:86:d0:5d:2b:66:88:0b:c5:31:a7:5c:
         1a:f5:4b:a5:24:d8:ab:6a:35:3b:70:39:48:b6:17:87:dc:d9:
         11:1b:00:e5:72:8e:10:26:63:2a:d7:c1:75:29:06:1b:b7:26:
         80:9b:5a:89:a9:33:7e:76:bf:f5:18:f0:5e:f2:10:83:a5:3b:
         2d:e3:9f:90:c6:46:f6:ff:92:d5:f8:12:36:d9:6b:c3:e9:f5:
         e0:73:18:7e:3e:a2:25:0a:c7:58:9d:c8:ff:a4:da:7c:03:b5:
         da:ce:d8:51:2c:7d:e4:e2:ec:97:e7:8a:c2:22:47:14:3c:c6:
         49:26:d9:a9:d8:ff:9b:75:da:a3:b0:5f:f7:d7:86:4e:00:1a:
         37:6e:2f:a7:5d:b7:6c:d3:6b:03:32:3f:1a:85:31:db:ff:be:
         d9:e4:79:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLoAiSRUs4LnVX7f/NRRyPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwODI5MDUxMDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg5MWJmM2Q5MzU1NWJiZTM1MTFmZGE0YzUwZWI3Zjk1YTk0MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGNQYD46JHSNtKM04A/khlbz6leU
lms5nQJAqGYjdql9CtNtqFoyWAmrCmcp7wf6GqDtiJKjfhv+qzg8OIR/k5AAyO47
pf62hwlPj0Vdfqppp4h2aqbLxspefBqIBRhdOJcpRUlameX8sH6iUQCjkYHyrFse
ZA+XSYPsj8p85Px+MW7HGvY3+jWn/yjdIQGemvcoDbgiSRvLr7iZMSf9N1DfqaTI
70cVqk03vv+/BjFp6UioiJVoq9OdYOP/OrsC0rK3XycP8Qt5aGirdlkqe8YheiKY
lJ2cZP5AW+iqrXaeLUzXhRjWwkvyGrkC5GIzWyg4I2WDMO3w84o5Jvgu6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL+JG/PZNVW741Ef2kxQ63+VqUBKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdjRrYjg5azFWYnZqVVJfYVRGRHJmNVdwUUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg66wDAN
BgkqhkiG9w0BAQsFAAOCAQEATpwlI6x7MH4Pq3pnaZk7pQktDIRQF7IZtgqBtlJj
0XKGi6+mbggGx3Cty/qL0KJnusgKbHoWi6aqedtb4Ha9USV+0LwhTzPDNCxf1/Sv
x/GJns8y+nFDpSd8yWh6yk7uCIbQXStmiAvFMadcGvVLpSTYq2o1O3A5SLYXh9zZ
ERsA5XKOECZjKtfBdSkGG7cmgJtaiakzfna/9RjwXvIQg6U7LeOfkMZG9v+S1fgS
Ntlrw+n14HMYfj6iJQrHWJ3I/6TafAO12s7YUSx95OLsl+eKwiJHFDzGSSbZqdj/
m3Xao7Bf99eGTgAaN24vp123bNNrAzI/GoUx2/++2eR57A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org