Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/X50C7Cxqr9_Z4XmG1MkWtCYXXsw.roa
File:                     X50C7Cxqr9_Z4XmG1MkWtCYXXsw.roa (raw, json)
Hash identifier:          7nt4vcdwihaJeZG/+WPXPb912FQ8hLea76W/yfdc1/Q=
Subject key identifier:   5F:9D:02:EC:2C:6A:AF:DF:D9:E1:79:86:D4:C9:16:B4:26:17:5E:CC
Certificate issuer:       /CN=ffe4146018a763a42a51556359bf15bf85e39ac6
Certificate serial:       09802ABB
Authority key identifier: FF:E4:14:60:18:A7:63:A4:2A:51:55:63:59:BF:15:BF:85:E3:9A:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_-QUYBinY6QqUVVjWb8Vv4XjmsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/X50C7Cxqr9_Z4XmG1MkWtCYXXsw.roa
Signing time:             Mon 16 May 2022 12:38:29 +0000
ROA not before:           Mon 16 May 2022 12:38:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206013
IP address blocks:        2001:67c:10e4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159394491 (0x9802abb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffe4146018a763a42a51556359bf15bf85e39ac6
        Validity
            Not Before: May 16 12:38:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f9d02ec2c6aafdfd9e17986d4c916b426175ecc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:30:25:6f:cf:08:85:88:b0:10:ea:d1:f7:15:
                    b3:64:d9:7b:41:cc:14:02:b5:c3:f0:e5:bf:06:c2:
                    3c:d6:78:ec:16:df:3e:e0:03:c3:15:be:0d:25:35:
                    6b:ed:aa:ef:3c:46:d6:cb:3f:cb:ec:ae:f9:f0:30:
                    80:69:a5:3a:97:86:3d:83:50:1d:4a:5a:85:84:00:
                    94:6c:34:9f:dd:bd:78:43:96:c1:d3:95:bb:92:5d:
                    b7:f1:eb:9c:5c:f6:81:70:bd:85:4a:7b:4b:75:64:
                    ff:04:6c:e5:4c:ce:59:2d:aa:ea:15:9e:59:18:6d:
                    5b:07:2d:7c:f7:91:f7:f2:4a:7b:07:66:2c:69:55:
                    64:4a:66:db:c3:12:0f:06:27:2b:89:b1:e3:c1:07:
                    a8:a9:d1:0f:80:48:35:8d:f8:ff:a1:51:05:04:99:
                    ae:aa:16:0b:f3:0d:f8:75:ad:16:21:29:a3:0a:c0:
                    f2:c0:16:bd:88:e1:a6:75:0b:75:87:d1:1d:c1:23:
                    95:82:3a:f1:51:5d:8d:f5:e6:07:07:12:7d:52:69:
                    07:71:10:06:50:a2:69:2f:90:7a:cc:21:02:d2:f4:
                    b5:83:4f:37:6f:b6:ff:0a:ae:a2:fd:e6:1f:d5:1b:
                    b3:15:a0:0c:c1:b0:43:68:10:33:13:1b:ee:d6:10:
                    95:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:9D:02:EC:2C:6A:AF:DF:D9:E1:79:86:D4:C9:16:B4:26:17:5E:CC
            X509v3 Authority Key Identifier:
                keyid:FF:E4:14:60:18:A7:63:A4:2A:51:55:63:59:BF:15:BF:85:E3:9A:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-QUYBinY6QqUVVjWb8Vv4XjmsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/X50C7Cxqr9_Z4XmG1MkWtCYXXsw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/_-QUYBinY6QqUVVjWb8Vv4XjmsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:10e4::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:ea:34:66:bd:90:56:eb:5b:a0:fb:ca:16:43:9d:f2:8d:5b:
         41:00:a5:64:94:87:b0:c3:a7:3c:0e:35:71:45:06:b6:c0:ad:
         40:52:5d:91:98:be:e9:6b:53:8f:3f:09:8a:f9:08:75:be:52:
         8a:77:82:a7:b0:cb:67:df:a1:3c:f6:82:d7:1a:9e:b4:1f:c6:
         4f:e8:c1:52:4a:f7:e6:fd:db:64:1d:ed:2e:2e:87:e8:62:cd:
         70:82:11:30:71:f2:39:c9:03:42:16:86:f0:08:d1:99:d1:1d:
         f1:a7:57:16:e3:94:0c:92:2d:25:24:a4:a0:8d:7a:36:e5:7c:
         e3:7b:d4:4b:21:b5:56:ee:74:67:ad:09:bd:a5:80:60:ac:82:
         2a:a2:b6:dd:a3:6b:c6:f1:1a:d7:dc:71:57:c2:e2:c5:6a:d1:
         a5:a0:6b:fe:85:7d:7a:fb:38:34:04:87:78:34:eb:c6:de:e6:
         08:45:0f:49:24:61:af:6d:fa:5f:70:9f:66:f2:2a:9b:5d:7f:
         f4:85:e1:81:41:8a:3d:40:1f:c8:32:b6:5d:c2:f0:4c:13:d2:
         46:d3:e1:e9:fc:4e:38:e3:e6:07:3f:78:4c:2a:9d:60:bc:76:
         fd:e0:55:e4:90:1e:53:0a:10:21:51:2e:08:d5:64:6c:be:f9:
         5b:8c:91:55
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECYAquzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmU0MTQ2MDE4YTc2M2E0MmE1MTU1NjM1OWJmMTViZjg1ZTM5YWM2MB4XDTIyMDUx
NjEyMzgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY5ZDAyZWMyYzZh
YWZkZmQ5ZTE3OTg2ZDRjOTE2YjQyNjE3NWVjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4wJW/PCIWIsBDq0fcVs2TZe0HMFAK1w/DlvwbCPNZ47Bbf
PuADwxW+DSU1a+2q7zxG1ss/y+yu+fAwgGmlOpeGPYNQHUpahYQAlGw0n929eEOW
wdOVu5Jdt/HrnFz2gXC9hUp7S3Vk/wRs5UzOWS2q6hWeWRhtWwctfPeR9/JKewdm
LGlVZEpm28MSDwYnK4mx48EHqKnRD4BINY34/6FRBQSZrqoWC/MN+HWtFiEpowrA
8sAWvYjhpnULdYfRHcEjlYI68VFdjfXmBwcSfVJpB3EQBlCiaS+QeswhAtL0tYNP
N2+2/wquov3mH9UbsxWgDMGwQ2gQMxMb7tYQlT0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRfnQLsLGqv39nheYbUyRa0JhdezDAfBgNVHSMEGDAWgBT/5BRgGKdjpCpR
VWNZvxW/heOaxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18tUVVZQmluWTZRcVVWVmpXYjhWdjRYam1zWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvMjIwMTEzLTQ0ZjEtNGRjNS1iMGJjLWE2NTYwNThjNTMxZi8x
L1g1MEM3Q3hxcjlfWjRYbUcxTWtXdENZWFhzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
MjIwMTEzLTQ0ZjEtNGRjNS1iMGJjLWE2NTYwNThjNTMxZi8xL18tUVVZQmluWTZR
cVVWVmpXYjhWdjRYam1zWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwQ5DANBgkqhkiG9w0BAQsF
AAOCAQEAdOo0Zr2QVutboPvKFkOd8o1bQQClZJSHsMOnPA41cUUGtsCtQFJdkZi+
6WtTjz8JivkIdb5SineCp7DLZ9+hPPaC1xqetB/GT+jBUkr35v3bZB3tLi6H6GLN
cIIRMHHyOckDQhaG8AjRmdEd8adXFuOUDJItJSSkoI16NuV843vUSyG1Vu50Z60J
vaWAYKyCKqK23aNrxvEa19xxV8LixWrRpaBr/oV9evs4NASHeDTrxt7mCEUPSSRh
r236X3CfZvIqm11/9IXhgUGKPUAfyDK2XcLwTBPSRtPh6fxOOOPmBz94TCqdYLx2
/eBV5JAeUwoQIVEuCNVkbL75W4yRVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:20 2024 by rpki-client on console-fra.rpki-client.org