Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6dbdaf-5495-4cc5-b770-73590aa290f1/1/ZVENsc1cu-70k6AFfiCd6pEyzrs.roa
File:                     ZVENsc1cu-70k6AFfiCd6pEyzrs.roa (raw, json)
Hash identifier:          is8sOdTVY1vRzzwRUFn18D5sxQ8ncSBwXUwfDsBSKM0=
Subject key identifier:   65:51:0D:B1:CD:5C:BB:EE:F4:93:A0:05:7E:20:9D:EA:91:32:CE:BB
Certificate issuer:       /CN=e371ce2086805f912f8512b79c5e66a9c9f4d4d2
Certificate serial:       0184E21A0BA4FC79A4203506619CA51DDE95
Authority key identifier: E3:71:CE:20:86:80:5F:91:2F:85:12:B7:9C:5E:66:A9:C9:F4:D4:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/43HOIIaAX5EvhRK3nF5mqcn01NI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/6dbdaf-5495-4cc5-b770-73590aa290f1/1/ZVENsc1cu-70k6AFfiCd6pEyzrs.roa
Signing time:             Mon 05 Dec 2022 11:44:28 +0000
ROA not before:           Mon 05 Dec 2022 11:44:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201121
IP address blocks:        2a13:4440::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e2:1a:0b:a4:fc:79:a4:20:35:06:61:9c:a5:1d:de:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e371ce2086805f912f8512b79c5e66a9c9f4d4d2
        Validity
            Not Before: Dec  5 11:44:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65510db1cd5cbbeef493a0057e209dea9132cebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b7:73:d2:47:44:71:2f:e8:91:85:4d:03:30:
                    d9:0e:ae:2b:d9:67:36:2c:17:13:ee:58:ae:e0:f9:
                    60:cb:8f:1f:6d:5f:7d:84:0b:33:f5:0c:58:42:3f:
                    e2:f3:9f:17:52:cf:18:08:98:86:09:66:bd:aa:39:
                    9d:76:78:de:42:f2:a0:0f:97:1b:6b:dd:5d:c6:d3:
                    d2:94:dc:76:ab:15:d4:77:20:da:05:21:50:47:0c:
                    26:e5:3c:86:82:85:b9:d5:a0:6d:ec:5a:b5:b8:f5:
                    46:a9:42:f6:d4:b5:1d:5d:47:71:ac:7b:13:60:72:
                    62:85:43:cc:fc:86:84:2f:d4:0e:85:d5:ca:67:8a:
                    44:37:03:1b:30:60:ee:91:23:4f:14:c3:5e:9b:38:
                    6a:c9:2d:93:33:f5:45:e4:9b:85:37:de:b8:9b:14:
                    6b:68:f7:ad:7f:25:ad:2a:98:d9:df:32:cc:84:48:
                    53:17:1c:ea:73:14:b3:19:9c:1a:48:11:66:aa:19:
                    e7:db:23:3e:29:10:be:8d:23:28:fe:a7:27:68:af:
                    42:df:65:40:14:1b:9d:6e:ef:0c:f3:90:ef:6f:ea:
                    e9:c3:4e:ea:b0:e8:10:b7:eb:6b:c7:0d:ea:04:55:
                    ff:5a:f0:c4:ca:39:b1:40:48:cc:51:ff:be:4a:20:
                    ab:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:51:0D:B1:CD:5C:BB:EE:F4:93:A0:05:7E:20:9D:EA:91:32:CE:BB
            X509v3 Authority Key Identifier:
                keyid:E3:71:CE:20:86:80:5F:91:2F:85:12:B7:9C:5E:66:A9:C9:F4:D4:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43HOIIaAX5EvhRK3nF5mqcn01NI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6dbdaf-5495-4cc5-b770-73590aa290f1/1/ZVENsc1cu-70k6AFfiCd6pEyzrs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6dbdaf-5495-4cc5-b770-73590aa290f1/1/43HOIIaAX5EvhRK3nF5mqcn01NI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:4440::/29

    Signature Algorithm: sha256WithRSAEncryption
         be:c8:75:ac:fa:0a:30:a6:e1:f7:bb:0f:6c:3e:05:73:b5:4f:
         00:43:04:88:f7:52:6c:a3:2a:e6:cc:f9:ed:1d:47:cf:02:1c:
         22:05:24:53:c4:48:6b:cf:5e:f1:f1:76:c7:47:b6:b9:cd:c4:
         e3:82:53:5e:77:e6:99:71:12:60:8b:39:db:ff:ad:f7:c4:65:
         cd:1e:1a:cc:33:a4:e9:90:e2:1e:fc:26:5d:10:ac:26:27:30:
         49:af:dd:7f:e3:e0:6f:a5:9a:1e:bc:53:ae:17:84:e5:58:4b:
         3d:74:43:87:11:58:d3:fc:3b:e9:50:9a:e5:0e:0f:51:29:88:
         33:c7:79:80:ed:cf:73:88:8b:29:74:fe:74:54:ce:bb:86:f7:
         63:62:c4:e0:92:93:25:a2:48:fd:1d:bb:a8:79:8c:73:08:e2:
         db:ad:5c:c1:66:da:c5:ef:3e:34:e0:98:e3:95:92:e8:05:c8:
         b8:ed:b5:f2:a5:22:52:fd:e5:d9:09:4e:d9:e8:b7:2d:fc:8f:
         71:26:e8:e0:42:5d:93:a6:91:9b:77:08:f4:2a:74:63:2f:25:
         08:97:9c:b4:d5:88:84:1c:1f:f5:ba:92:9b:e9:4b:c7:37:9f:
         01:52:2c:8f:7d:09:42:8b:c1:35:95:c9:a9:85:4f:6e:2c:19:
         f7:6e:79:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTiGguk/HmkIDUGYZylHd6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzFjZTIwODY4MDVmOTEyZjg1MTJiNzljNWU2NmE5Yzlm
NGQ0ZDIwHhcNMjIxMjA1MTE0NDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTUxMGRiMWNkNWNiYmVlZjQ5M2EwMDU3ZTIwOWRlYTkxMzJjZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbdz0kdEcS/okYVNAzDZDq4r2Wc2
LBcT7liu4Plgy48fbV99hAsz9QxYQj/i858XUs8YCJiGCWa9qjmddnjeQvKgD5cb
a91dxtPSlNx2qxXUdyDaBSFQRwwm5TyGgoW51aBt7Fq1uPVGqUL21LUdXUdxrHsT
YHJihUPM/IaEL9QOhdXKZ4pENwMbMGDukSNPFMNemzhqyS2TM/VF5JuFN964mxRr
aPetfyWtKpjZ3zLMhEhTFxzqcxSzGZwaSBFmqhnn2yM+KRC+jSMo/qcnaK9C32VA
FBudbu8M85Dvb+rpw07qsOgQt+trxw3qBFX/WvDEyjmxQEjMUf++SiCryQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGVRDbHNXLvu9JOgBX4gneqRMs67MB8GA1UdIwQY
MBaAFONxziCGgF+RL4USt5xeZqnJ9NTSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNIT0lJYUFYNUV2aFJLM25GNW1xY24wMU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82ZGJkYWYtNTQ5NS00Y2M1LWI3NzAt
NzM1OTBhYTI5MGYxLzEvWlZFTnNjMWN1LTcwazZBRmZpQ2Q2cEV5enJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82ZGJkYWYtNTQ5NS00Y2M1LWI3NzAtNzM1OTBhYTI5MGYx
LzEvNDNIT0lJYUFYNUV2aFJLM25GNW1xY24wMU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNEQDAN
BgkqhkiG9w0BAQsFAAOCAQEAvsh1rPoKMKbh97sPbD4Fc7VPAEMEiPdSbKMq5sz5
7R1HzwIcIgUkU8RIa89e8fF2x0e2uc3E44JTXnfmmXESYIs52/+t98RlzR4azDOk
6ZDiHvwmXRCsJicwSa/df+Pgb6WaHrxTrheE5VhLPXRDhxFY0/w76VCa5Q4PUSmI
M8d5gO3Pc4iLKXT+dFTOu4b3Y2LE4JKTJaJI/R27qHmMcwji261cwWbaxe8+NOCY
45WS6AXIuO218qUiUv3l2QlO2ei3LfyPcSbo4EJdk6aRm3cI9Cp0Yy8lCJectNWI
hBwf9bqSm+lLxzefAVIsj30JQovBNZXJqYVPbiwZ92557g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:35 2024 by rpki-client on console-fra.rpki-client.org