Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/F0pogVGJJmj7V2rihUog3S9vC0U.roa
File:                     F0pogVGJJmj7V2rihUog3S9vC0U.roa (raw, json)
Hash identifier:          suBN22wTP371LNYpSt1gkJCW0aA+Q6HkNuPWIwEVcMI=
Subject key identifier:   17:4A:68:81:51:89:26:68:FB:57:6A:E2:85:4A:20:DD:2F:6F:0B:45
Certificate issuer:       /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial:       0186EEC3
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/F0pogVGJJmj7V2rihUog3S9vC0U.roa
Signing time:             Sat 01 Jan 2022 13:02:11 +0000
ROA not before:           Sat 01 Jan 2022 13:02:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209209
IP address blocks:        2a11:2307::/37 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25620163 (0x186eec3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
        Validity
            Not Before: Jan  1 13:02:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=174a688151892668fb576ae2854a20dd2f6f0b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e8:c9:a7:7a:e5:24:e1:c2:c1:29:05:be:40:
                    70:35:36:cd:d3:34:43:72:78:f5:0a:15:20:f4:f0:
                    3b:8c:aa:fd:a0:e3:66:c1:34:9d:59:11:c9:90:d4:
                    72:49:8b:d5:4a:3f:f7:9a:39:ad:9c:e3:5d:31:36:
                    57:47:4f:df:9b:ee:6b:2c:e6:c6:1d:cd:d0:4a:66:
                    05:db:d9:dc:ce:82:75:3c:f8:a9:01:e3:fc:56:60:
                    47:29:db:18:3d:63:ba:15:0d:36:ab:5d:d0:84:34:
                    4d:16:c0:66:51:97:d1:b7:6f:01:b2:b9:0a:f6:f0:
                    98:a5:55:58:3e:92:f3:4c:5e:eb:82:e3:ca:8b:cd:
                    41:b6:e5:c9:4d:31:88:4e:27:ca:6f:0a:e5:bc:f7:
                    4a:a4:d9:56:02:3d:8c:43:91:31:29:65:c2:f0:06:
                    75:b7:ac:56:f6:1d:28:6f:1a:c5:cc:3a:dd:5d:b2:
                    b5:8c:35:a0:9f:ba:78:21:5a:84:73:a2:58:e9:09:
                    3a:33:ca:42:d3:db:e6:6f:30:b6:8e:89:6a:2f:f6:
                    cb:d6:f7:48:25:3c:ba:09:53:d2:b8:a1:66:e1:07:
                    c7:cb:fa:33:95:16:8a:2f:31:53:ab:f9:15:fd:a9:
                    c1:d8:a7:4e:45:4b:42:35:b4:ff:2c:bf:8b:38:f5:
                    23:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4A:68:81:51:89:26:68:FB:57:6A:E2:85:4A:20:DD:2F:6F:0B:45
            X509v3 Authority Key Identifier:
                keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/F0pogVGJJmj7V2rihUog3S9vC0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:2307::/37

    Signature Algorithm: sha256WithRSAEncryption
         15:c4:68:d8:78:83:24:da:79:37:45:b6:cf:08:d4:c0:ea:eb:
         cc:1d:9d:35:22:a1:5d:e1:74:80:49:4a:1b:56:1e:9f:c6:d2:
         b0:52:b4:0f:ed:fd:e0:02:bb:6a:76:0c:69:c0:a4:03:21:49:
         e8:b4:dc:b3:f2:63:d9:6c:df:1e:19:70:3c:ef:e6:2c:04:77:
         ba:1c:7d:11:fb:af:2e:3b:37:fc:5c:c6:b7:fd:d4:39:50:07:
         7f:b3:16:33:fd:13:fb:68:d6:99:77:7d:b3:b0:75:5c:02:5f:
         d8:f6:13:6c:9c:3b:e0:42:2d:42:c8:e0:d4:d0:cc:bc:e0:c7:
         09:63:bf:e3:ff:4a:be:88:cc:d5:66:13:96:c2:33:43:9a:4d:
         3d:b8:f1:7e:76:33:a2:a9:80:e0:97:d6:0b:b9:49:cb:71:48:
         ea:4e:34:47:ab:41:ee:a9:87:b0:7f:9e:62:03:e5:7f:ac:bb:
         3d:7d:0d:56:6b:be:1e:1b:1e:7e:7b:cf:61:0e:7b:c2:a4:38:
         cf:ed:84:01:a2:3c:b9:5f:f8:85:d4:0d:d5:0a:6c:17:c4:f1:
         d3:3d:c7:71:84:48:ba:92:fb:61:76:77:b9:51:a2:c5:96:54:
         b9:78:1e:7e:cf:95:6b:b9:8d:a2:70:e6:83:f8:fa:d6:48:07:
         f6:1b:58:9c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAYbuwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWMyYzFhZmQ0YmRlYzk4MDUwNmZhMDdkZjdjODY2MmQ1NTRmYTQ2MB4XDTIyMDEw
MTEzMDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc0YTY4ODE1MTg5
MjY2OGZiNTc2YWUyODU0YTIwZGQyZjZmMGI0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/oyad65SThwsEpBb5AcDU2zdM0Q3J49QoVIPTwO4yq/aDj
ZsE0nVkRyZDUckmL1Uo/95o5rZzjXTE2V0dP35vuayzmxh3N0EpmBdvZ3M6CdTz4
qQHj/FZgRynbGD1juhUNNqtd0IQ0TRbAZlGX0bdvAbK5CvbwmKVVWD6S80xe64Lj
yovNQbblyU0xiE4nym8K5bz3SqTZVgI9jEORMSllwvAGdbesVvYdKG8axcw63V2y
tYw1oJ+6eCFahHOiWOkJOjPKQtPb5m8wto6Jai/2y9b3SCU8uglT0rihZuEHx8v6
M5UWii8xU6v5Ff2pwdinTkVLQjW0/yy/izj1I40CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQXSmiBUYkmaPtXauKFSiDdL28LRTAfBgNVHSMEGDAWgBTqwsGv1L3smAUG
+gfffIZi1VT6RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZzTEJyOVM5N0pnRkJ2b0gzM3lHWXRWVS1rWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvNTg5YTZiLTRkN2UtNDAxMi1hMGZjLWMwY2ViMDM3YWQ0Mi8x
L0YwcG9nVkdKSm1qN1YycmloVW9nM1M5dkMwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
NTg5YTZiLTRkN2UtNDAxMi1hMGZjLWMwY2ViMDM3YWQ0Mi8xLzZzTEJyOVM5N0pn
RkJ2b0gzM3lHWXRWVS1rWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoRIwcAMA0GCSqGSIb3DQEBCwUA
A4IBAQAVxGjYeIMk2nk3RbbPCNTA6uvMHZ01IqFd4XSASUobVh6fxtKwUrQP7f3g
ArtqdgxpwKQDIUnotNyz8mPZbN8eGXA87+YsBHe6HH0R+68uOzf8XMa3/dQ5UAd/
sxYz/RP7aNaZd32zsHVcAl/Y9hNsnDvgQi1CyODU0My84McJY7/j/0q+iMzVZhOW
wjNDmk09uPF+djOiqYDgl9YLuUnLcUjqTjRHq0HuqYewf55iA+V/rLs9fQ1Wa74e
Gx5+e89hDnvCpDjP7YQBojy5X/iF1A3VCmwXxPHTPcdxhEi6kvthdne5UaLFllS5
eB5+z5VruY2icOaD+PrWSAf2G1ic
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:48 2024 by rpki-client on console-ams.rpki-client.org