Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa
File:                     jrKTOOx548Gw8f8IvUNY3IkKf78.roa (raw, json)
Hash identifier:          A/rPyobrm5ClTKHHqYL2x/gfZG0K83oxdCJGEYF84Uw=
Subject key identifier:   8E:B2:93:38:EC:79:E3:C1:B0:F1:FF:08:BD:43:58:DC:89:0A:7F:BF
Certificate issuer:       /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial:       018211F5B0044879411EA3A272A768F2A481
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa
Signing time:             Mon 18 Jul 2022 15:38:10 +0000
ROA not before:           Mon 18 Jul 2022 15:38:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     133752
IP address blocks:        2a00:c6c0:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:f5:b0:04:48:79:41:1e:a3:a2:72:a7:68:f2:a4:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
        Validity
            Not Before: Jul 18 15:38:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8eb29338ec79e3c1b0f1ff08bd4358dc890a7fbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:12:92:1a:ec:b7:d4:0b:85:41:6d:0d:95:4b:
                    80:dd:4f:ad:8a:1b:b3:92:bd:6a:f9:a5:41:39:0d:
                    3e:03:0d:a4:0a:49:32:73:aa:74:12:ea:ed:c8:63:
                    e0:ed:98:46:6e:35:50:8f:ab:ef:34:0c:be:df:9d:
                    51:23:cb:05:38:d6:cb:18:cd:af:29:ad:d0:07:a8:
                    ae:5e:27:f8:21:b5:ac:1e:62:d8:f3:44:d6:e4:3f:
                    c6:2a:26:85:ba:ba:f3:17:a7:a8:e8:9e:36:3c:7d:
                    fb:52:a0:d7:83:87:dd:fd:42:ea:cf:52:82:8b:f2:
                    62:86:7d:c3:e1:41:d6:ec:dc:6f:81:da:e7:5e:e8:
                    f5:be:fd:26:6f:d6:9e:16:24:e6:c5:87:c9:1e:c8:
                    ae:d6:69:c1:f9:e3:65:05:27:ab:a8:4e:ae:6d:54:
                    73:b5:b4:4e:2a:8c:aa:14:2e:16:41:7a:73:4b:33:
                    69:0d:59:cb:c1:ba:22:02:84:30:f9:36:73:2e:81:
                    77:f3:e5:ae:e5:81:24:f0:aa:bb:d3:66:ad:01:38:
                    b4:c0:cd:71:2b:5a:af:b2:68:93:a1:d5:09:89:a3:
                    1c:d5:00:4f:63:2b:01:1b:85:b7:23:f3:5b:0d:21:
                    e6:1d:4a:99:e7:b6:a8:c9:9d:7b:75:0d:df:ee:2b:
                    62:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B2:93:38:EC:79:E3:C1:B0:F1:FF:08:BD:43:58:DC:89:0A:7F:BF
            X509v3 Authority Key Identifier:
                keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/jrKTOOx548Gw8f8IvUNY3IkKf78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:c6c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:4f:a7:34:c1:97:3f:2b:0a:92:a4:6f:14:75:91:a1:c8:eb:
         bf:17:f8:d3:2b:91:f1:12:f3:97:93:33:67:48:fe:9c:34:1e:
         5d:bc:a0:77:68:05:bf:2d:88:6b:58:ce:d8:3d:95:41:9f:6a:
         e4:9a:da:b9:2a:37:0d:8b:c0:33:d4:40:86:ca:1e:aa:a1:cf:
         c5:63:97:36:55:19:0c:80:32:bb:72:d5:ab:45:f1:ac:8a:6e:
         42:bb:6b:30:af:92:15:7e:20:85:ed:42:eb:36:8d:02:bb:20:
         7b:aa:3c:d0:eb:59:25:d0:5e:bc:9c:34:16:b5:9d:e3:e0:78:
         b0:3d:82:d4:75:98:43:fd:48:5f:3b:7a:f9:ae:55:a2:3b:14:
         7f:22:d6:ab:65:ff:6d:39:40:bc:f7:c3:d4:6e:36:d2:17:bb:
         00:cc:ad:86:a7:51:c5:9c:80:ee:c3:11:3b:59:e8:fa:a6:f8:
         60:a2:a5:60:4f:d2:1a:76:33:8b:02:f9:c3:20:51:5e:71:3c:
         23:29:2a:c4:ac:f4:d1:96:e3:1f:45:df:65:b3:0e:f4:72:b4:
         6a:53:53:38:0f:e0:14:5d:ed:bc:c9:5a:90:ab:d9:4a:1b:86:
         3e:34:63:28:91:85:a0:25:bf:5a:07:d9:d8:ca:80:6b:5d:07:
         f9:9b:20:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIR9bAESHlBHqOicqdo8qSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjIwNzE4MTUzODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIyOTMzOGVjNzllM2MxYjBmMWZmMDhiZDQzNThkYzg5MGE3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRKSGuy31AuFQW0NlUuA3U+tihuz
kr1q+aVBOQ0+Aw2kCkkyc6p0EurtyGPg7ZhGbjVQj6vvNAy+351RI8sFONbLGM2v
Ka3QB6iuXif4IbWsHmLY80TW5D/GKiaFurrzF6eo6J42PH37UqDXg4fd/ULqz1KC
i/Jihn3D4UHW7NxvgdrnXuj1vv0mb9aeFiTmxYfJHsiu1mnB+eNlBSerqE6ubVRz
tbROKoyqFC4WQXpzSzNpDVnLwboiAoQw+TZzLoF38+Wu5YEk8Kq702atATi0wM1x
K1qvsmiTodUJiaMc1QBPYysBG4W3I/NbDSHmHUqZ57aoyZ17dQ3f7itiDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI6ykzjseePBsPH/CL1DWNyJCn+/MB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvanJLVE9PeDU0OEd3OGY4SXZVTlkzSWtLZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDGwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAwT6c0wZc/KwqSpG8UdZGhyOu/F/jTK5HxEvOX
kzNnSP6cNB5dvKB3aAW/LYhrWM7YPZVBn2rkmtq5KjcNi8Az1ECGyh6qoc/FY5c2
VRkMgDK7ctWrRfGsim5Cu2swr5IVfiCF7ULrNo0CuyB7qjzQ61kl0F68nDQWtZ3j
4HiwPYLUdZhD/UhfO3r5rlWiOxR/ItarZf9tOUC898PUbjbSF7sAzK2Gp1HFnIDu
wxE7Wej6pvhgoqVgT9IadjOLAvnDIFFecTwjKSrErPTRluMfRd9lsw70crRqU1M4
D+AUXe28yVqQq9lKG4Y+NGMokYWgJb9aB9nYyoBrXQf5myAx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:26 2024 by rpki-client on console-ams.rpki-client.org