Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/3c2676-9245-4b3c-bb7f-8a29120750bf/1/EKwJ-3y5s9Tc1JV_Au-oJzJ03WQ.roa
File:                     EKwJ-3y5s9Tc1JV_Au-oJzJ03WQ.roa (raw, json)
Hash identifier:          0Ixv5VHwde1FRr45YH85DdbvCtsYpPdMf2OSHVpe7PE=
Subject key identifier:   10:AC:09:FB:7C:B9:B3:D4:DC:D4:95:7F:02:EF:A8:27:32:74:DD:64
Certificate issuer:       /CN=5ae7953e9459dc09486f0ddc59f2a405b5669250
Certificate serial:       0182444A224848CAF88F7A2CF79DC7EA0C8B
Authority key identifier: 5A:E7:95:3E:94:59:DC:09:48:6F:0D:DC:59:F2:A4:05:B5:66:92:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WueVPpRZ3AlIbw3cWfKkBbVmklA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/3c2676-9245-4b3c-bb7f-8a29120750bf/1/EKwJ-3y5s9Tc1JV_Au-oJzJ03WQ.roa
Signing time:             Thu 28 Jul 2022 10:11:25 +0000
ROA not before:           Thu 28 Jul 2022 10:11:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213366
IP address blocks:        2001:67c:a50::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:44:4a:22:48:48:ca:f8:8f:7a:2c:f7:9d:c7:ea:0c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae7953e9459dc09486f0ddc59f2a405b5669250
        Validity
            Not Before: Jul 28 10:11:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10ac09fb7cb9b3d4dcd4957f02efa8273274dd64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ed:a2:bb:57:e0:87:59:41:c8:ff:06:24:71:
                    9f:42:56:d8:49:ba:c7:4f:db:92:28:4c:c9:9b:69:
                    50:05:e4:47:4a:24:41:6e:0a:91:80:eb:0b:c1:dd:
                    37:a2:e3:c5:0f:e6:28:26:25:78:30:02:6e:7f:4a:
                    54:30:a6:53:d0:d3:16:a0:a8:48:4e:44:b3:a2:16:
                    9f:44:43:94:e2:61:85:6d:63:fe:0d:2d:3c:76:5c:
                    10:ae:27:98:ea:0f:a9:4b:dc:7d:e4:eb:62:16:f3:
                    36:d1:d3:db:02:91:77:dd:ac:fa:0c:b0:e2:d2:92:
                    8a:8e:36:fc:ca:72:41:68:83:fb:3b:b6:89:1d:f7:
                    21:91:66:da:cc:43:41:0a:a5:c7:ce:36:d1:f5:89:
                    33:55:8a:01:44:cc:37:7e:a3:80:6f:18:da:c4:e5:
                    95:90:43:3c:7f:e8:bf:e8:01:f9:f1:a3:07:d1:a8:
                    1d:83:af:2d:81:eb:4d:e4:1d:05:44:f7:72:d6:fb:
                    b8:56:1e:b5:34:25:2c:21:72:2e:06:b9:c0:37:e1:
                    62:b0:a9:35:ee:6d:4e:57:fd:1f:2f:f5:51:6c:d4:
                    1e:f6:b7:28:9e:bf:c1:f7:23:88:bf:da:4b:f8:1b:
                    f6:9e:a6:2f:f1:a0:08:44:f8:ca:14:c8:da:77:65:
                    19:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:AC:09:FB:7C:B9:B3:D4:DC:D4:95:7F:02:EF:A8:27:32:74:DD:64
            X509v3 Authority Key Identifier:
                keyid:5A:E7:95:3E:94:59:DC:09:48:6F:0D:DC:59:F2:A4:05:B5:66:92:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WueVPpRZ3AlIbw3cWfKkBbVmklA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3c2676-9245-4b3c-bb7f-8a29120750bf/1/EKwJ-3y5s9Tc1JV_Au-oJzJ03WQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/3c2676-9245-4b3c-bb7f-8a29120750bf/1/WueVPpRZ3AlIbw3cWfKkBbVmklA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:a50::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:f1:7c:0d:cb:b9:fa:23:5e:64:c4:2c:2a:96:2a:07:ec:66:
         7f:03:04:cb:60:15:1c:92:81:8e:19:d4:e3:f3:a1:e6:f8:5c:
         40:02:21:9d:4e:40:50:f7:6f:12:3c:93:aa:5d:d5:f2:ab:ea:
         b2:46:6a:7e:ef:74:37:16:17:90:1c:4f:2b:1d:1a:b4:08:4a:
         57:47:e2:ac:5b:c1:94:82:1f:01:13:99:ea:9b:c6:b6:5e:c3:
         8a:aa:a5:2c:8c:91:6f:e6:94:1d:b9:5c:6f:7a:be:88:98:df:
         bb:99:f4:9b:41:9d:68:cb:93:2a:21:97:6c:5a:cb:bc:a1:9f:
         4b:fb:63:89:d2:bb:2a:9b:6e:ba:45:9e:05:98:17:66:ec:14:
         57:18:f8:9b:18:17:7e:98:38:ca:06:06:59:47:8f:6b:06:ad:
         ff:3e:63:fc:9b:14:5a:0f:38:04:da:b2:da:17:a4:c8:e7:79:
         74:0a:78:71:8c:e9:ef:fa:51:4a:c0:12:4b:ef:c7:30:2c:ff:
         26:5d:3b:fa:73:40:dd:18:ae:49:4e:e7:23:e2:8a:37:6c:95:
         5e:da:3c:44:6c:db:23:76:d7:00:e8:bf:dc:1b:27:a8:78:c1:
         30:1e:b4:85:85:27:b7:b7:74:de:57:32:53:1c:83:4c:5b:1c:
         5c:88:b1:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJESiJISMr4j3os953H6gyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZTc5NTNlOTQ1OWRjMDk0ODZmMGRkYzU5ZjJhNDA1YjU2
NjkyNTAwHhcNMjIwNzI4MTAxMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFjMDlmYjdjYjliM2Q0ZGNkNDk1N2YwMmVmYTgyNzMyNzRkZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+2iu1fgh1lByP8GJHGfQlbYSbrH
T9uSKEzJm2lQBeRHSiRBbgqRgOsLwd03ouPFD+YoJiV4MAJuf0pUMKZT0NMWoKhI
TkSzohafREOU4mGFbWP+DS08dlwQrieY6g+pS9x95OtiFvM20dPbApF33az6DLDi
0pKKjjb8ynJBaIP7O7aJHfchkWbazENBCqXHzjbR9YkzVYoBRMw3fqOAbxjaxOWV
kEM8f+i/6AH58aMH0agdg68tgetN5B0FRPdy1vu4Vh61NCUsIXIuBrnAN+FisKk1
7m1OV/0fL/VRbNQe9rconr/B9yOIv9pL+Bv2nqYv8aAIRPjKFMjad2UZQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBCsCft8ubPU3NSVfwLvqCcydN1kMB8GA1UdIwQY
MBaAFFrnlT6UWdwJSG8N3FnypAW1ZpJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3VlVlBwUlozQWxJYnczY1dmS2tCYlZta2xBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zYzI2NzYtOTI0NS00YjNjLWJiN2Yt
OGEyOTEyMDc1MGJmLzEvRUt3Si0zeTVzOVRjMUpWX0F1LW9KekowM1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zYzI2NzYtOTI0NS00YjNjLWJiN2YtOGEyOTEyMDc1MGJm
LzEvV3VlVlBwUlozQWxJYnczY1dmS2tCYlZta2xBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfApQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAA8XwNy7n6I15kxCwqlioH7GZ/AwTLYBUckoGO
GdTj86Hm+FxAAiGdTkBQ928SPJOqXdXyq+qyRmp+73Q3FheQHE8rHRq0CEpXR+Ks
W8GUgh8BE5nqm8a2XsOKqqUsjJFv5pQduVxver6ImN+7mfSbQZ1oy5MqIZdsWsu8
oZ9L+2OJ0rsqm266RZ4FmBdm7BRXGPibGBd+mDjKBgZZR49rBq3/PmP8mxRaDzgE
2rLaF6TI53l0CnhxjOnv+lFKwBJL78cwLP8mXTv6c0DdGK5JTucj4oo3bJVe2jxE
bNsjdtcA6L/cGyeoeMEwHrSFhSe3t3TeVzJTHINMWxxciLEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:04 2024 by rpki-client on console-fra.rpki-client.org