Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/1-11dlBSbgljaKoIkfUWM0EAnt8g.roa
File:                     1-11dlBSbgljaKoIkfUWM0EAnt8g.roa (raw, json)
Hash identifier:          jloLjTBnHXR1ZkY28z6c0cQfNxXv6u9QPqWTiehrEec=
Subject key identifier:   FB:5D:5D:94:14:9B:82:58:DA:2A:82:24:7D:45:8C:D0:40:27:B7:C8
Certificate issuer:       /CN=2b003e583bdb2511ff57ab7a32fce741334b343b
Certificate serial:       18F39C74
Authority key identifier: 2B:00:3E:58:3B:DB:25:11:FF:57:AB:7A:32:FC:E7:41:33:4B:34:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KwA-WDvbJRH_V6t6MvznQTNLNDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/1-11dlBSbgljaKoIkfUWM0EAnt8g.roa
Signing time:             Sat 01 Jan 2022 11:00:33 +0000
ROA not before:           Sat 01 Jan 2022 11:00:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42
IP address blocks:        2001:678:94::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 418618484 (0x18f39c74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b003e583bdb2511ff57ab7a32fce741334b343b
        Validity
            Not Before: Jan  1 11:00:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb5d5d94149b8258da2a82247d458cd04027b7c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:34:6f:d8:09:5c:16:ef:2b:37:65:f0:a5:23:
                    76:82:c5:d0:8b:64:c1:e1:83:4e:42:5c:7a:5c:ac:
                    52:9f:c2:d0:b2:82:a3:f9:20:c8:4b:55:6c:03:6b:
                    07:4e:e5:ab:7e:95:71:cc:35:66:fa:53:1c:51:ba:
                    68:95:b5:b4:94:96:ef:03:90:a2:d5:f8:6a:6c:db:
                    09:29:62:25:e1:25:51:a0:9c:33:5d:46:84:fe:07:
                    68:a2:e0:8e:82:5d:e1:47:65:d4:c4:4c:73:17:b4:
                    8e:9d:d9:bb:68:a0:59:ae:71:6e:78:a2:7d:31:b0:
                    a9:e7:b8:f0:e6:fd:8c:64:84:4f:3e:6b:cc:a9:4d:
                    d5:4f:8a:84:12:31:73:b6:17:08:2b:06:62:67:c1:
                    ed:6a:77:2e:a0:c2:61:9f:25:6f:d2:d7:ae:6d:40:
                    77:4e:a7:be:35:4d:a6:a0:a6:10:cd:e3:b6:66:9f:
                    67:43:41:33:4c:68:9b:e7:86:b6:fb:ff:72:2b:dc:
                    e4:2b:b8:31:37:52:75:39:d7:ae:0c:4d:94:81:f7:
                    21:66:f0:63:cc:be:a7:82:49:92:ee:e8:13:c1:63:
                    33:35:a9:89:6e:12:ce:cc:66:37:71:05:83:a9:ac:
                    25:2a:4e:09:04:34:21:17:e8:a0:3b:fa:a7:e3:59:
                    12:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:5D:5D:94:14:9B:82:58:DA:2A:82:24:7D:45:8C:D0:40:27:B7:C8
            X509v3 Authority Key Identifier:
                keyid:2B:00:3E:58:3B:DB:25:11:FF:57:AB:7A:32:FC:E7:41:33:4B:34:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwA-WDvbJRH_V6t6MvznQTNLNDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/1-11dlBSbgljaKoIkfUWM0EAnt8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/KwA-WDvbJRH_V6t6MvznQTNLNDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:94::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:f7:27:be:e3:ef:f3:18:50:20:53:87:d7:98:c1:44:65:db:
         ef:18:9d:58:68:3f:c3:96:c0:42:78:43:9e:49:a3:2f:9d:65:
         4f:91:f3:fe:81:25:02:81:2d:dc:34:ce:55:73:6c:e5:f6:29:
         b8:e9:f2:b2:1b:53:98:56:d0:ba:b8:55:3e:cd:9f:a7:e9:60:
         ad:fe:ba:4f:a0:49:7a:7a:30:a6:79:b3:7c:b4:93:d1:5f:f8:
         9b:a3:ab:f3:fc:ba:3f:68:39:56:fc:82:97:7a:e1:3f:9f:67:
         c1:6a:82:75:06:a6:9d:8f:d8:38:2e:07:86:69:1d:70:f7:96:
         6e:87:3b:1a:c5:4f:2f:dd:04:c1:ac:a9:8c:bd:9e:17:cb:0f:
         cb:eb:05:92:78:38:91:9c:99:19:ae:f8:d1:5e:6f:69:11:21:
         0e:b7:d5:45:6a:43:d6:38:87:02:2a:5f:7b:73:c5:8c:c1:cb:
         c7:0f:25:ed:a2:f2:4f:3e:47:19:4f:6c:ea:f7:be:b9:67:7f:
         e2:1a:c9:e6:29:f7:b2:5a:e5:a4:ca:65:1d:5a:29:f3:b6:fc:
         d7:f4:77:e5:76:33:8e:f7:37:76:db:5e:5e:86:89:cb:7b:24:
         8e:7f:04:94:97:f0:a8:2c:8e:7e:4b:f6:3c:0d:23:3d:a4:1c:
         7c:fe:08:a4
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEGPOcdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjAwM2U1ODNiZGIyNTExZmY1N2FiN2EzMmZjZTc0MTMzNGIzNDNiMB4XDTIyMDEw
MTExMDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI1ZDVkOTQxNDli
ODI1OGRhMmE4MjI0N2Q0NThjZDA0MDI3YjdjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANk0b9gJXBbvKzdl8KUjdoLF0ItkweGDTkJcelysUp/C0LKC
o/kgyEtVbANrB07lq36Vccw1ZvpTHFG6aJW1tJSW7wOQotX4amzbCSliJeElUaCc
M11GhP4HaKLgjoJd4Udl1MRMcxe0jp3Zu2igWa5xbniifTGwqee48Ob9jGSETz5r
zKlN1U+KhBIxc7YXCCsGYmfB7Wp3LqDCYZ8lb9LXrm1Ad06nvjVNpqCmEM3jtmaf
Z0NBM0xom+eGtvv/civc5Cu4MTdSdTnXrgxNlIH3IWbwY8y+p4JJku7oE8FjMzWp
iW4SzsxmN3EFg6msJSpOCQQ0IRfooDv6p+NZElUCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT7XV2UFJuCWNoqgiR9RYzQQCe3yDAfBgNVHSMEGDAWgBQrAD5YO9slEf9X
q3oy/OdBM0s0OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t3QS1XRHZiSlJIX1Y2dDZNdnpuUVROTE5Ecy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvMTk0ZjIyLTg2ODktNGZkYi05YzQxLTA1OGJiZjlkNWUyNy8x
LzEtMTFkbEJTYmdsamFLb0lrZlVXTTBFQW50OGcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Fk
LzE5NGYyMi04Njg5LTRmZGItOWM0MS0wNThiYmY5ZDVlMjcvMS9Ld0EtV0R2YkpS
SF9WNnQ2TXZ6blFUTkxORHMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4AJQwDQYJKoZIhvcNAQEL
BQADggEBACb3J77j7/MYUCBTh9eYwURl2+8YnVhoP8OWwEJ4Q55Joy+dZU+R8/6B
JQKBLdw0zlVzbOX2Kbjp8rIbU5hW0Lq4VT7Nn6fpYK3+uk+gSXp6MKZ5s3y0k9Ff
+Jujq/P8uj9oOVb8gpd64T+fZ8FqgnUGpp2P2DguB4ZpHXD3lm6HOxrFTy/dBMGs
qYy9nhfLD8vrBZJ4OJGcmRmu+NFeb2kRIQ631UVqQ9Y4hwIqX3tzxYzBy8cPJe2i
8k8+RxlPbOr3vrlnf+IayeYp97Ja5aTKZR1aKfO2/Nf0d+V2M473N3bbXl6Gict7
JI5/BJSX8Kgsjn5L9jwNIz2kHHz+CKQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org