Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1DAuVte87UoQCbKM9KRn-FtEfu4.roa
File:                     1DAuVte87UoQCbKM9KRn-FtEfu4.roa (raw, json)
Hash identifier:          Mjzq3k62f77LlDNmsfUslzD1Xr84bkk4R/n0eD7WT0M=
Subject key identifier:   D4:30:2E:56:D7:BC:ED:4A:10:09:B2:8C:F4:A4:67:F8:5B:44:7E:EE
Certificate issuer:       /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial:       0183141B043E6A6DE2F8911D3DEB88305093
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1DAuVte87UoQCbKM9KRn-FtEfu4.roa
Signing time:             Tue 06 Sep 2022 18:40:58 +0000
ROA not before:           Tue 06 Sep 2022 18:40:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49367
IP address blocks:        2a11:840:23::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:14:1b:04:3e:6a:6d:e2:f8:91:1d:3d:eb:88:30:50:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
        Validity
            Not Before: Sep  6 18:40:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d4302e56d7bced4a1009b28cf4a467f85b447eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:38:e8:e7:87:11:32:ad:67:11:6f:0c:ac:96:
                    26:87:ba:51:91:87:b6:d2:03:0b:66:9e:64:7c:92:
                    81:09:e3:65:53:dc:19:53:82:f5:8d:03:97:5e:07:
                    57:8a:4e:a0:d1:ad:ef:8d:3e:ac:99:19:ef:d8:15:
                    75:10:f0:07:10:86:f9:15:38:b7:45:84:2f:d3:f9:
                    c3:d8:1f:d5:9f:73:66:61:7f:e1:8d:6b:08:5d:3f:
                    ed:d1:8c:37:6b:4b:51:88:39:de:ea:00:8e:b5:0f:
                    e2:c9:ef:e3:8e:dc:8b:49:b8:ae:5f:9b:d1:cf:5e:
                    51:51:80:50:86:e7:eb:27:ed:ee:7e:3e:15:f1:2a:
                    5a:50:bc:3b:86:85:3e:64:c0:56:ab:2a:6f:74:ef:
                    40:d6:ec:9c:cd:74:38:58:8a:e1:e4:55:62:9c:a9:
                    f6:d5:90:1a:13:8e:e2:1e:60:23:06:5f:30:35:5a:
                    74:d8:42:41:05:8b:b8:7c:5d:22:de:b7:09:15:57:
                    01:9b:e6:68:5a:29:e2:d6:b6:09:82:4f:a8:5f:07:
                    33:14:ab:33:23:27:fb:e2:5b:c8:d3:12:27:71:03:
                    93:68:ae:2e:6c:b4:f9:c8:7f:82:40:5c:ff:b2:8d:
                    81:4b:a7:9a:63:f1:2d:d7:d9:e6:d4:18:42:8c:1f:
                    b3:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:30:2E:56:D7:BC:ED:4A:10:09:B2:8C:F4:A4:67:F8:5B:44:7E:EE
            X509v3 Authority Key Identifier:
                keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/1DAuVte87UoQCbKM9KRn-FtEfu4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:840:23::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:8a:4a:3d:be:05:fe:d7:db:a5:04:cd:5f:be:d1:0f:7a:c3:
         39:22:64:fd:b3:aa:13:d2:4e:16:11:b5:c2:36:34:67:6f:5a:
         2b:c1:cb:cb:aa:23:21:09:ff:18:5d:ac:10:13:59:da:d2:da:
         c8:0a:6c:97:89:93:11:52:25:78:52:a5:fd:0d:96:2a:66:8f:
         96:ac:bc:94:15:b0:b4:e1:91:c8:9d:d6:95:dd:06:08:58:1d:
         08:8d:5d:88:24:b5:3f:c5:29:37:b3:5d:02:ed:24:2c:44:a5:
         8e:ea:ac:be:c2:38:72:40:29:ad:7f:73:d4:60:8a:15:13:37:
         49:21:29:b3:35:92:83:01:38:6c:12:3e:dc:d5:3c:92:b8:86:
         3d:de:38:22:3e:1b:5d:7d:22:6f:6c:b6:a4:00:f5:f7:10:04:
         27:4d:f8:49:3d:4c:84:1d:7b:3c:ce:e8:7d:9b:bb:39:9a:fc:
         bc:d2:8f:c8:fc:52:9a:59:13:58:55:2e:21:b1:53:92:1d:cc:
         69:70:bd:62:c8:c1:8b:c4:2f:58:8c:e9:dc:3f:b5:59:d0:04:
         37:c3:78:53:26:5f:5c:b8:70:6f:cf:b4:ce:09:0c:cf:00:e7:
         f8:66:46:cd:e1:23:52:2a:ed:30:7a:fc:68:ba:0c:11:af:47:
         6e:57:06:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMUGwQ+am3i+JEdPeuIMFCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA2MTg0MDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDMwMmU1NmQ3YmNlZDRhMTAwOWIyOGNmNGE0NjdmODViNDQ3ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjjo54cRMq1nEW8MrJYmh7pRkYe2
0gMLZp5kfJKBCeNlU9wZU4L1jQOXXgdXik6g0a3vjT6smRnv2BV1EPAHEIb5FTi3
RYQv0/nD2B/Vn3NmYX/hjWsIXT/t0Yw3a0tRiDne6gCOtQ/iye/jjtyLSbiuX5vR
z15RUYBQhufrJ+3ufj4V8SpaULw7hoU+ZMBWqypvdO9A1uyczXQ4WIrh5FVinKn2
1ZAaE47iHmAjBl8wNVp02EJBBYu4fF0i3rcJFVcBm+ZoWini1rYJgk+oXwczFKsz
Iyf74lvI0xIncQOTaK4ubLT5yH+CQFz/so2BS6eaY/Et19nm1BhCjB+zPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNQwLlbXvO1KEAmyjPSkZ/hbRH7uMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvMURBdVZ0ZTg3VW9RQ2JLTTlLUm4tRnRFZnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAj
MA0GCSqGSIb3DQEBCwUAA4IBAQACiko9vgX+19ulBM1fvtEPesM5ImT9s6oT0k4W
EbXCNjRnb1orwcvLqiMhCf8YXawQE1na0trICmyXiZMRUiV4UqX9DZYqZo+WrLyU
FbC04ZHIndaV3QYIWB0IjV2IJLU/xSk3s10C7SQsRKWO6qy+wjhyQCmtf3PUYIoV
EzdJISmzNZKDAThsEj7c1TySuIY93jgiPhtdfSJvbLakAPX3EAQnTfhJPUyEHXs8
zuh9m7s5mvy80o/I/FKaWRNYVS4hsVOSHcxpcL1iyMGLxC9YjOncP7VZ0AQ3w3hT
Jl9cuHBvz7TOCQzPAOf4ZkbN4SNSKu0wevxougwRr0duVwat
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org