Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5841b1-012f-4046-b1d5-099bad03768e/1/_VrjxV7HIurZ_46ImBOGS0Tg2DM.roa
File:                     _VrjxV7HIurZ_46ImBOGS0Tg2DM.roa (raw, json)
Hash identifier:          3otJmxIDEX98p+H8KBErZItvAUh2sV4MUidqKLIM8fk=
Subject key identifier:   FD:5A:E3:C5:5E:C7:22:EA:D9:FF:8E:88:98:13:86:4B:44:E0:D8:33
Certificate issuer:       /CN=778e134e4ffb5fb13ac284fe9488276826156632
Certificate serial:       01831D4F5B5937AE2A1DE9BD8A87AB33E93A
Authority key identifier: 77:8E:13:4E:4F:FB:5F:B1:3A:C2:84:FE:94:88:27:68:26:15:66:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d44TTk_7X7E6woT-lIgnaCYVZjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/5841b1-012f-4046-b1d5-099bad03768e/1/_VrjxV7HIurZ_46ImBOGS0Tg2DM.roa
Signing time:             Thu 08 Sep 2022 13:34:43 +0000
ROA not before:           Thu 08 Sep 2022 13:34:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44486
IP address blocks:        2a13:7e80::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1d:4f:5b:59:37:ae:2a:1d:e9:bd:8a:87:ab:33:e9:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=778e134e4ffb5fb13ac284fe9488276826156632
        Validity
            Not Before: Sep  8 13:34:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd5ae3c55ec722ead9ff8e889813864b44e0d833
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:52:22:2e:75:32:3e:6b:2a:f3:17:d7:47:42:
                    7c:9a:50:54:c8:27:cd:ea:66:92:b6:c0:b9:32:5e:
                    51:b9:72:61:6b:2a:4e:8d:fc:93:70:bb:f0:3e:02:
                    ef:dc:da:18:40:59:c6:e2:ae:98:89:41:1a:c5:98:
                    0d:75:f6:22:a2:9f:cd:f8:4f:3c:d6:22:68:ba:23:
                    4d:71:20:74:dd:6e:0b:57:b3:fa:3c:e1:8b:4b:95:
                    d9:bc:53:50:f3:6f:db:df:70:0a:e7:53:75:6f:4e:
                    4c:4c:2b:d6:1a:ea:6f:71:79:bf:05:b3:03:67:bd:
                    23:14:5d:73:1a:01:2b:97:dd:8b:cf:21:c3:78:2f:
                    65:bc:a4:53:64:46:53:26:ff:17:1c:56:7f:4f:df:
                    28:d3:ca:39:fb:c3:a6:8a:83:4a:af:dd:74:dd:0c:
                    10:2d:ad:6a:ab:40:8e:47:a0:93:01:5f:6d:2c:40:
                    84:ba:94:42:29:0d:ca:01:a2:6e:2e:9d:b5:7e:e0:
                    6d:7c:d3:2b:3c:90:26:d1:78:df:60:00:29:3d:ac:
                    81:0c:0a:88:7d:53:29:81:99:9a:d9:e1:e3:1c:4d:
                    49:c3:b1:e8:54:59:eb:fa:29:5e:ca:20:e3:52:83:
                    34:80:6e:06:2b:b0:b3:1a:58:1c:5b:c1:07:ba:d4:
                    24:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:5A:E3:C5:5E:C7:22:EA:D9:FF:8E:88:98:13:86:4B:44:E0:D8:33
            X509v3 Authority Key Identifier:
                keyid:77:8E:13:4E:4F:FB:5F:B1:3A:C2:84:FE:94:88:27:68:26:15:66:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d44TTk_7X7E6woT-lIgnaCYVZjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5841b1-012f-4046-b1d5-099bad03768e/1/_VrjxV7HIurZ_46ImBOGS0Tg2DM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5841b1-012f-4046-b1d5-099bad03768e/1/d44TTk_7X7E6woT-lIgnaCYVZjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:7e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:5f:62:9f:00:ac:e1:d4:d2:6f:de:bd:e8:8a:a5:64:5c:0d:
         32:d3:ba:15:9b:67:a8:f4:4a:0d:1e:98:7d:f1:29:71:03:36:
         97:9f:0b:c4:ac:9a:18:20:8b:ea:6f:22:8e:5a:42:48:1d:d8:
         bf:ac:6c:59:d8:ba:b5:4d:6c:2e:7e:47:8c:47:ad:3d:51:e3:
         a5:0d:ef:ed:4a:bc:22:2b:7c:c2:8b:88:ad:e4:e6:20:ea:54:
         e2:b2:70:b8:66:ff:02:37:53:d0:02:70:21:61:62:3f:74:12:
         02:ab:67:d9:d3:a0:40:0d:57:87:5b:f4:d5:43:55:fb:c9:c1:
         a8:8b:f5:42:5c:fe:59:3b:02:b1:0d:b8:90:f1:a1:42:84:cf:
         e8:79:5f:69:5b:5f:43:e7:89:9b:50:08:ed:a0:64:65:2b:3d:
         8e:dd:2d:08:53:40:ff:89:dc:ba:1c:00:f9:94:4d:98:a6:31:
         a9:e0:e0:24:3f:58:69:f4:13:52:21:ab:63:34:6c:b1:d4:54:
         db:43:a3:0a:98:95:09:92:f9:1e:08:0c:19:b2:f5:37:fc:aa:
         dc:20:27:b7:9b:2f:c5:fa:a9:43:af:c7:e2:da:52:8a:6c:5f:
         4d:21:f0:9f:2e:60:be:ce:4e:69:68:ec:d6:c6:ba:f1:b3:e2:
         ef:39:6c:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMdT1tZN64qHem9ioerM+k6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OGUxMzRlNGZmYjVmYjEzYWMyODRmZTk0ODgyNzY4MjYx
NTY2MzIwHhcNMjIwOTA4MTMzNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVhZTNjNTVlYzcyMmVhZDlmZjhlODg5ODEzODY0YjQ0ZTBkODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1IiLnUyPmsq8xfXR0J8mlBUyCfN
6maStsC5Ml5RuXJhaypOjfyTcLvwPgLv3NoYQFnG4q6YiUEaxZgNdfYiop/N+E88
1iJouiNNcSB03W4LV7P6POGLS5XZvFNQ82/b33AK51N1b05MTCvWGupvcXm/BbMD
Z70jFF1zGgErl92LzyHDeC9lvKRTZEZTJv8XHFZ/T98o08o5+8OmioNKr9103QwQ
La1qq0COR6CTAV9tLECEupRCKQ3KAaJuLp21fuBtfNMrPJAm0XjfYAApPayBDAqI
fVMpgZma2eHjHE1Jw7HoVFnr+ileyiDjUoM0gG4GK7CzGlgcW8EHutQkwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP1a48VexyLq2f+OiJgThktE4NgzMB8GA1UdIwQY
MBaAFHeOE05P+1+xOsKE/pSIJ2gmFWYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDQ0VFRrXzdYN0U2d29ULWxJZ25hQ1lWWmpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81ODQxYjEtMDEyZi00MDQ2LWIxZDUt
MDk5YmFkMDM3NjhlLzEvX1ZyanhWN0hJdXJaXzQ2SW1CT0dTMFRnMkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81ODQxYjEtMDEyZi00MDQ2LWIxZDUtMDk5YmFkMDM3Njhl
LzEvZDQ0VFRrXzdYN0U2d29ULWxJZ25hQ1lWWmpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhN+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAFF9inwCs4dTSb9696IqlZFwNMtO6FZtnqPRKDR6Y
ffEpcQM2l58LxKyaGCCL6m8ijlpCSB3Yv6xsWdi6tU1sLn5HjEetPVHjpQ3v7Uq8
Iit8wouIreTmIOpU4rJwuGb/AjdT0AJwIWFiP3QSAqtn2dOgQA1Xh1v01UNV+8nB
qIv1Qlz+WTsCsQ24kPGhQoTP6HlfaVtfQ+eJm1AI7aBkZSs9jt0tCFNA/4ncuhwA
+ZRNmKYxqeDgJD9YafQTUiGrYzRssdRU20OjCpiVCZL5HggMGbL1N/yq3CAnt5sv
xfqpQ6/H4tpSimxfTSHwny5gvs5OaWjs1sa68bPi7zlscA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:18 2024 by rpki-client on console-ams.rpki-client.org