Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Yho3iOT8uS1qRbfRwV-sajdxxqc.roa
File:                     Yho3iOT8uS1qRbfRwV-sajdxxqc.roa (raw, json)
Hash identifier:          GCl4bfMP0Ktd6blaEPI99MKozb7QXupLGdwLg4WK3EY=
Subject key identifier:   62:1A:37:88:E4:FC:B9:2D:6A:45:B7:D1:C1:5F:AC:6A:37:71:C6:A7
Certificate issuer:       /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial:       19DD0EAD
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Yho3iOT8uS1qRbfRwV-sajdxxqc.roa
Signing time:             Sat 01 Jan 2022 04:55:10 +0000
ROA not before:           Sat 01 Jan 2022 04:55:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203661
IP address blocks:        2a04:92c7:b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 433917613 (0x19dd0ead)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
        Validity
            Not Before: Jan  1 04:55:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=621a3788e4fcb92d6a45b7d1c15fac6a3771c6a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:5d:e2:41:80:86:1f:2e:32:54:fe:2f:dc:71:
                    4f:08:cb:d2:49:cb:f1:5f:9c:f8:9e:2a:f9:5a:a6:
                    e3:3d:19:09:1a:5b:13:67:e8:b4:45:1d:93:00:64:
                    21:57:29:e5:61:aa:19:e8:10:c3:eb:5c:16:b5:c9:
                    9d:4b:e8:9a:ce:f9:13:e8:de:0e:7d:48:f0:38:ef:
                    79:dc:47:53:1e:70:65:17:e1:45:26:40:30:ab:3a:
                    26:39:41:f5:99:62:00:24:c6:8b:7b:b5:84:d4:4e:
                    47:98:e9:2b:f3:c7:a0:44:eb:d2:85:57:f9:10:2f:
                    ca:d2:b0:24:be:1e:db:39:35:8a:82:29:bb:0f:a1:
                    23:5b:fd:f7:d1:d9:a2:32:6a:9a:5f:e3:49:07:ec:
                    db:1c:4f:88:49:72:0b:5d:00:ec:51:8f:18:12:01:
                    fd:36:b1:ce:2d:92:bf:73:9d:e8:e8:ae:d2:99:82:
                    5f:43:22:f9:e2:aa:4b:19:5c:3c:eb:ca:37:9e:c2:
                    63:fb:d2:82:b7:33:d9:9e:2b:c0:0b:04:80:83:95:
                    4c:8d:3b:be:23:68:99:1f:22:01:97:6b:c1:20:d1:
                    01:32:8a:06:aa:56:f3:d7:1b:2f:88:68:41:3e:ef:
                    8b:66:de:56:a5:e5:f8:58:ab:45:ea:48:87:4e:47:
                    01:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:1A:37:88:E4:FC:B9:2D:6A:45:B7:D1:C1:5F:AC:6A:37:71:C6:A7
            X509v3 Authority Key Identifier:
                keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/Yho3iOT8uS1qRbfRwV-sajdxxqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:92c7:b::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:65:5b:ab:76:4a:88:07:c4:e0:9d:c2:eb:84:60:92:b8:04:
         0d:87:d7:08:ec:44:d1:5c:39:ce:75:92:4b:07:58:55:48:ad:
         91:89:be:92:43:87:aa:e7:29:e0:4a:2c:29:1f:15:12:f0:58:
         3b:f5:6c:d1:dd:41:c5:ad:be:7f:78:13:8c:60:a8:f5:dd:bb:
         30:26:8d:11:8a:99:92:04:63:ac:aa:7c:9d:41:42:db:b0:c9:
         ef:8a:50:ff:1e:7e:e5:cf:3e:bd:28:58:d2:d0:bd:4a:84:3b:
         f7:31:0c:d7:a4:da:cb:f4:15:c7:1c:41:c6:de:79:cf:db:41:
         3b:f3:6a:ae:40:97:59:54:65:2a:90:1e:94:2a:d7:57:22:a0:
         33:97:f4:03:a9:fe:cc:39:2d:76:6b:58:82:fc:d8:8d:f3:21:
         99:36:e8:25:fe:9f:20:7d:f3:ac:ef:01:ea:f9:a9:80:03:1f:
         12:4c:65:49:5d:26:cb:10:87:3d:46:3b:31:aa:0d:cd:fa:7a:
         a6:b1:2c:89:b2:1f:5e:94:7c:1d:4d:0d:f9:84:7e:fc:5a:fe:
         23:88:ed:5e:47:a1:18:82:53:97:96:56:65:b1:07:9b:33:f1:
         4b:5e:ed:75:cc:d9:c3:90:5d:b3:11:87:34:1c:c3:35:32:cb:
         1f:65:2e:00
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGd0OrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMB4XDTIyMDEw
MTA0NTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIxYTM3ODhlNGZj
YjkyZDZhNDViN2QxYzE1ZmFjNmEzNzcxYzZhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANld4kGAhh8uMlT+L9xxTwjL0knL8V+c+J4q+Vqm4z0ZCRpb
E2fotEUdkwBkIVcp5WGqGegQw+tcFrXJnUvoms75E+jeDn1I8DjvedxHUx5wZRfh
RSZAMKs6JjlB9ZliACTGi3u1hNROR5jpK/PHoETr0oVX+RAvytKwJL4e2zk1ioIp
uw+hI1v999HZojJqml/jSQfs2xxPiElyC10A7FGPGBIB/Taxzi2Sv3Od6Oiu0pmC
X0Mi+eKqSxlcPOvKN57CY/vSgrcz2Z4rwAsEgIOVTI07viNomR8iAZdrwSDRATKK
BqpW89cbL4hoQT7vi2beVqXl+FirRepIh05HAaUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRiGjeI5Py5LWpFt9HBX6xqN3HGpzAfBgNVHSMEGDAWgBT/3sSkam5uT5qS
0LouCzq1ZYvhvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L185N0VwR3B1YmstYWt0QzZMZ3M2dFdXTDRiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvMTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8x
L1lobzNpT1Q4dVMxcVJiZlJ3Vi1zYWpkeHhxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
MTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1Ymst
YWt0QzZMZ3M2dFdXTDRiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoEkscACzANBgkqhkiG9w0BAQsF
AAOCAQEAN2Vbq3ZKiAfE4J3C64RgkrgEDYfXCOxE0Vw5znWSSwdYVUitkYm+kkOH
qucp4EosKR8VEvBYO/Vs0d1Bxa2+f3gTjGCo9d27MCaNEYqZkgRjrKp8nUFC27DJ
74pQ/x5+5c8+vShY0tC9SoQ79zEM16Tay/QVxxxBxt55z9tBO/NqrkCXWVRlKpAe
lCrXVyKgM5f0A6n+zDktdmtYgvzYjfMhmTboJf6fIH3zrO8B6vmpgAMfEkxlSV0m
yxCHPUY7MaoNzfp6prEsibIfXpR8HU0N+YR+/Fr+I4jtXkehGIJTl5ZWZbEHmzPx
S17tdczZw5BdsxGHNBzDNTLLH2UuAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:56 2024 by rpki-client on console-fra.rpki-client.org