Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/t_L5fpqbRHiZlKJC4QMvEgFTB9Q.roa
File:                     t_L5fpqbRHiZlKJC4QMvEgFTB9Q.roa (raw, json)
Hash identifier:          itU066z0jnQUejpQgHIQv+U4/s6Q3+xGhPSIYhEjVyY=
Subject key identifier:   B7:F2:F9:7E:9A:9B:44:78:99:94:A2:42:E1:03:2F:12:01:53:07:D4
Certificate issuer:       /CN=805db5678139e2eeace89b5ee9982c35449c0b3b
Certificate serial:       01840FA17F7B82C7E7EF2C6601C2C847CF40
Authority key identifier: 80:5D:B5:67:81:39:E2:EE:AC:E8:9B:5E:E9:98:2C:35:44:9C:0B:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gF21Z4E54u6s6Jte6ZgsNUScCzs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/t_L5fpqbRHiZlKJC4QMvEgFTB9Q.roa
Signing time:             Tue 25 Oct 2022 14:52:32 +0000
ROA not before:           Tue 25 Oct 2022 14:52:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209638
IP address blocks:        2a07:900::/29 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0f:a1:7f:7b:82:c7:e7:ef:2c:66:01:c2:c8:47:cf:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=805db5678139e2eeace89b5ee9982c35449c0b3b
        Validity
            Not Before: Oct 25 14:52:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7f2f97e9a9b44789994a242e1032f12015307d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8d:45:bf:04:ee:6b:96:f4:ea:1b:ec:53:23:
                    5d:72:4a:5c:0c:19:fe:32:eb:40:10:f1:b6:b9:8d:
                    42:32:89:cc:dc:e4:15:f2:d5:2d:e1:6c:68:5e:7d:
                    75:80:cf:16:63:37:12:f3:7b:75:7d:49:be:39:2f:
                    f3:00:64:17:03:57:8f:16:1b:76:7c:64:f9:6f:82:
                    d2:43:41:06:4d:8b:c8:3d:6c:4c:91:ff:7a:5b:55:
                    e4:38:a6:45:dd:bc:1c:2b:f1:df:62:73:05:cb:e6:
                    2e:40:9d:04:2d:89:04:f8:56:e1:e5:ad:43:bb:2c:
                    8a:97:de:ee:b3:2f:e0:5c:ad:67:54:61:5b:b5:67:
                    26:2b:eb:18:c8:c8:cc:6b:cb:35:7b:66:2b:d6:52:
                    9d:e6:e6:60:97:70:b4:16:f7:2b:d4:1b:e9:d9:57:
                    96:93:3f:14:a6:c4:2f:3f:b7:a3:ff:87:22:48:a3:
                    1e:2c:a5:a5:b2:7d:90:07:a8:d7:ad:bc:ac:04:71:
                    c4:ff:ad:75:2a:5c:33:2a:27:71:e4:3d:da:8b:21:
                    05:66:24:9e:c5:e0:74:43:eb:3a:34:13:75:a8:8b:
                    fa:e6:f3:42:bc:23:48:ed:60:49:3a:81:6f:98:ab:
                    fc:05:ec:6c:81:ce:b7:b2:09:f4:ea:44:21:a1:2a:
                    34:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F2:F9:7E:9A:9B:44:78:99:94:A2:42:E1:03:2F:12:01:53:07:D4
            X509v3 Authority Key Identifier:
                keyid:80:5D:B5:67:81:39:E2:EE:AC:E8:9B:5E:E9:98:2C:35:44:9C:0B:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gF21Z4E54u6s6Jte6ZgsNUScCzs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/t_L5fpqbRHiZlKJC4QMvEgFTB9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/gF21Z4E54u6s6Jte6ZgsNUScCzs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:900::/29

    Signature Algorithm: sha256WithRSAEncryption
         3a:47:c4:dd:d6:e7:1b:46:86:0b:20:18:43:10:07:78:a4:25:
         2f:7e:e3:69:48:21:ce:93:e1:12:cd:31:1f:08:42:23:cd:90:
         7a:21:cd:19:7e:a1:2a:87:02:a7:d9:d3:27:75:ba:3d:f1:fd:
         64:46:b6:01:41:7a:e6:df:e0:2d:d3:5d:fe:c7:72:e6:22:78:
         46:b4:32:53:91:3c:f2:3c:47:6b:8d:1b:39:d1:65:a2:5c:51:
         67:90:62:5f:81:c5:f3:80:76:48:17:c8:2f:9b:94:e2:9f:3e:
         81:e3:45:fb:98:eb:66:43:5c:da:11:9a:40:b7:1a:31:52:51:
         88:85:5f:46:4a:ae:6a:b5:da:46:54:91:3f:ee:28:b4:05:8b:
         ae:83:b4:0b:a1:e4:2a:0d:ce:ee:0f:63:d1:8d:8e:24:92:af:
         44:fd:92:b9:5c:af:c3:c8:5c:7b:ae:9b:44:70:f7:df:c6:8c:
         41:e2:39:89:e9:13:e1:d9:8f:63:f1:97:27:4f:cd:32:3c:3c:
         63:58:b6:ee:2f:97:20:2f:70:08:16:0b:22:06:ec:5c:54:c8:
         fd:b0:09:28:6f:94:4d:ad:29:5a:68:c2:0d:b5:96:e9:30:3d:
         80:17:a0:56:22:f7:d4:bf:c1:03:e4:a3:11:33:1c:71:8d:89:
         b1:71:c1:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQPoX97gsfn7yxmAcLIR89AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNWRiNTY3ODEzOWUyZWVhY2U4OWI1ZWU5OTgyYzM1NDQ5
YzBiM2IwHhcNMjIxMDI1MTQ1MjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2YyZjk3ZTlhOWI0NDc4OTk5NGEyNDJlMTAzMmYxMjAxNTMwN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY1FvwTua5b06hvsUyNdckpcDBn+
MutAEPG2uY1CMonM3OQV8tUt4WxoXn11gM8WYzcS83t1fUm+OS/zAGQXA1ePFht2
fGT5b4LSQ0EGTYvIPWxMkf96W1XkOKZF3bwcK/HfYnMFy+YuQJ0ELYkE+Fbh5a1D
uyyKl97usy/gXK1nVGFbtWcmK+sYyMjMa8s1e2Yr1lKd5uZgl3C0Fvcr1Bvp2VeW
kz8UpsQvP7ej/4ciSKMeLKWlsn2QB6jXrbysBHHE/611KlwzKidx5D3aiyEFZiSe
xeB0Q+s6NBN1qIv65vNCvCNI7WBJOoFvmKv8Bexsgc63sgn06kQhoSo0+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLfy+X6am0R4mZSiQuEDLxIBUwfUMB8GA1UdIwQY
MBaAFIBdtWeBOeLurOibXumYLDVEnAs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0YyMVo0RTU0dTZzNkp0ZTZaZ3NOVVNjQ3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8zZGQwODItYzUwMy00NWI4LTliMDct
OTIyOTIzZTg5OGU2LzEvdF9MNWZwcWJSSGlabEtKQzRRTXZFZ0ZUQjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8zZGQwODItYzUwMy00NWI4LTliMDctOTIyOTIzZTg5OGU2
LzEvZ0YyMVo0RTU0dTZzNkp0ZTZaZ3NOVVNjQ3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgcJADAN
BgkqhkiG9w0BAQsFAAOCAQEAOkfE3dbnG0aGCyAYQxAHeKQlL37jaUghzpPhEs0x
HwhCI82QeiHNGX6hKocCp9nTJ3W6PfH9ZEa2AUF65t/gLdNd/sdy5iJ4RrQyU5E8
8jxHa40bOdFlolxRZ5BiX4HF84B2SBfIL5uU4p8+geNF+5jrZkNc2hGaQLcaMVJR
iIVfRkquarXaRlSRP+4otAWLroO0C6HkKg3O7g9j0Y2OJJKvRP2SuVyvw8hce66b
RHD338aMQeI5iekT4dmPY/GXJ0/NMjw8Y1i27i+XIC9wCBYLIgbsXFTI/bAJKG+U
Ta0pWmjCDbWW6TA9gBegViL31L/BA+SjETMccY2JsXHBNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:14 2024 by rpki-client on console-fra.rpki-client.org