Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/1JZPxfU3cuguvF_rHolZs2WQD5A.roa
File:                     1JZPxfU3cuguvF_rHolZs2WQD5A.roa (raw, json)
Hash identifier:          mWti4TSFxWf35ph7ffqriZLU1SPSzwso17F/zz0Dh7M=
Subject key identifier:   D4:96:4F:C5:F5:37:72:E8:2E:BC:5F:EB:1E:89:59:B3:65:90:0F:90
Certificate issuer:       /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial:       0182B1F1E293F541C33D546311E8BFC3F213
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/1JZPxfU3cuguvF_rHolZs2WQD5A.roa
Signing time:             Thu 18 Aug 2022 17:13:15 +0000
ROA not before:           Thu 18 Aug 2022 17:13:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62571
IP address blocks:        2a02:e982:1e::/48 maxlen: 48
                          2a02:e982:31::/48 maxlen: 48
                          2a02:e980:1e::/48 maxlen: 48
                          2a02:e980:25::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b1:f1:e2:93:f5:41:c3:3d:54:63:11:e8:bf:c3:f2:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
        Validity
            Not Before: Aug 18 17:13:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d4964fc5f53772e82ebc5feb1e8959b365900f90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f7:4a:70:f2:24:ea:b6:65:e0:95:0f:02:be:
                    67:88:1c:82:8b:62:87:f0:79:c6:b6:17:9b:c7:04:
                    e9:48:89:2a:cf:4a:4f:88:12:8f:64:ff:0d:33:9a:
                    50:92:c3:97:a5:f6:91:ec:e6:cc:dc:30:81:5a:9d:
                    3a:06:63:14:93:e6:b2:82:51:da:de:f0:27:b2:e0:
                    5f:14:23:cf:27:90:47:83:77:b5:b3:0a:90:69:fa:
                    16:f7:fb:c7:00:ea:c4:d7:3e:37:39:af:07:d0:1e:
                    01:b9:3d:d9:7d:3d:68:b6:47:84:f1:e6:ee:e6:73:
                    be:3e:37:82:7c:38:d3:b4:7f:d9:48:37:bc:4d:52:
                    06:c8:9c:9a:3d:09:bf:dc:2d:e5:ec:c0:58:28:7c:
                    0d:87:b2:5e:f7:83:34:40:a5:37:f7:f1:1f:55:d6:
                    9d:96:31:60:53:2b:d7:df:55:09:4b:1a:54:25:ac:
                    c6:c6:c2:36:10:4a:3c:9c:a6:6f:0f:89:3f:20:b4:
                    34:86:df:11:3d:b0:88:55:95:96:80:28:4a:31:1d:
                    8d:f3:ce:16:5c:26:30:b4:68:8f:86:5d:f8:90:3b:
                    99:b5:2a:80:93:d2:80:70:34:55:48:19:0b:b5:5a:
                    9a:73:fd:e5:24:63:5b:49:48:9d:ba:ef:2b:0c:bd:
                    57:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:96:4F:C5:F5:37:72:E8:2E:BC:5F:EB:1E:89:59:B3:65:90:0F:90
            X509v3 Authority Key Identifier:
                keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/1JZPxfU3cuguvF_rHolZs2WQD5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:e980:1e::/48
                  2a02:e980:25::/48
                  2a02:e982:1e::/48
                  2a02:e982:31::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:f4:85:29:28:77:b6:6e:5f:55:30:91:13:11:d1:35:47:0e:
         7b:7b:ac:c5:76:d9:58:7b:c0:46:63:a6:42:32:dd:73:8e:01:
         21:bf:3a:1f:1c:1d:c8:09:43:27:f7:3c:24:b1:ca:d4:5c:4b:
         00:5a:a4:39:6a:f0:9b:5e:db:5c:bf:39:08:76:6b:0a:e5:0d:
         9c:26:9f:53:32:b8:1d:1d:dc:ab:26:16:98:4a:a0:b5:34:23:
         6b:70:e0:8b:c5:dd:11:08:37:f6:cc:26:29:dd:b0:10:ed:1f:
         74:d5:d3:ce:7d:f7:ea:d0:40:82:22:c0:16:57:e1:f3:9e:3b:
         f6:1d:45:0b:3f:0e:75:0c:5c:e7:e2:3c:1a:16:c6:05:52:4f:
         2d:6d:e6:b3:e0:4e:dc:2f:a6:f8:4f:30:2d:9d:cd:39:b7:fc:
         b1:47:95:30:c1:10:1a:69:ff:37:71:45:c1:44:97:19:8c:7a:
         c7:09:9d:37:fe:93:cf:14:ae:75:47:81:cb:08:2e:17:96:58:
         91:47:40:04:e3:7a:01:b0:b9:ea:73:84:98:55:a3:e8:33:19:
         55:68:1b:c3:a0:15:54:41:bb:44:60:1a:78:3f:9c:64:03:1d:
         5a:c4:2c:dc:68:2d:5f:55:3b:0a:28:ce:22:54:56:98:89:f9:
         1d:88:08:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYKx8eKT9UHDPVRjEei/w/ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjIwODE4MTcxMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDk2NGZjNWY1Mzc3MmU4MmViYzVmZWIxZTg5NTliMzY1OTAwZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfdKcPIk6rZl4JUPAr5niByCi2KH
8HnGthebxwTpSIkqz0pPiBKPZP8NM5pQksOXpfaR7ObM3DCBWp06BmMUk+ayglHa
3vAnsuBfFCPPJ5BHg3e1swqQafoW9/vHAOrE1z43Oa8H0B4BuT3ZfT1otkeE8ebu
5nO+PjeCfDjTtH/ZSDe8TVIGyJyaPQm/3C3l7MBYKHwNh7Je94M0QKU39/EfVdad
ljFgUyvX31UJSxpUJazGxsI2EEo8nKZvD4k/ILQ0ht8RPbCIVZWWgChKMR2N884W
XCYwtGiPhl34kDuZtSqAk9KAcDRVSBkLtVqac/3lJGNbSUiduu8rDL1XYQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNSWT8X1N3LoLrxf6x6JWbNlkA+QMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvMUpaUHhmVTNjdWd1dkZfckhvbFpzMldRRDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgLpgAAe
AwcAKgLpgAAlAwcAKgLpggAeAwcAKgLpggAxMA0GCSqGSIb3DQEBCwUAA4IBAQA9
9IUpKHe2bl9VMJETEdE1Rw57e6zFdtlYe8BGY6ZCMt1zjgEhvzofHB3ICUMn9zwk
scrUXEsAWqQ5avCbXttcvzkIdmsK5Q2cJp9TMrgdHdyrJhaYSqC1NCNrcOCLxd0R
CDf2zCYp3bAQ7R901dPOfffq0ECCIsAWV+Hznjv2HUULPw51DFzn4jwaFsYFUk8t
beaz4E7cL6b4TzAtnc05t/yxR5UwwRAaaf83cUXBRJcZjHrHCZ03/pPPFK51R4HL
CC4XlliRR0AE43oBsLnqc4SYVaPoMxlVaBvDoBVUQbtEYBp4P5xkAx1axCzcaC1f
VTsKKM4iVFaYifkdiAhh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org