Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/JsddZ5XE5DIAUBXEjurtZP_n1bw.roa
File:                     JsddZ5XE5DIAUBXEjurtZP_n1bw.roa (raw, json)
Hash identifier:          g1Xoe6HBsj1mqVuFKv3LNP9OcrmqMUxLCqCiUKpYlwk=
Subject key identifier:   26:C7:5D:67:95:C4:E4:32:00:50:15:C4:8E:EA:ED:64:FF:E7:D5:BC
Certificate issuer:       /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial:       0892B6BE
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/JsddZ5XE5DIAUBXEjurtZP_n1bw.roa
Signing time:             Thu 21 Apr 2022 09:09:50 +0000
ROA not before:           Thu 21 Apr 2022 09:09:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57429
IP address blocks:        2a0f:607:1024::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143832766 (0x892b6be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
        Validity
            Not Before: Apr 21 09:09:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=26c75d6795c4e432005015c48eeaed64ffe7d5bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:79:41:e1:ed:38:dc:87:d0:de:5d:f9:d4:e9:
                    97:e4:66:62:af:f1:91:05:18:8e:0d:dd:02:45:a8:
                    9a:f6:a8:47:cd:25:ee:3b:b1:14:22:93:57:1f:b5:
                    86:f0:45:c9:9e:8b:74:fe:8c:9a:88:ff:65:3a:2a:
                    69:2a:21:6e:8c:98:43:4d:93:aa:92:0d:79:ad:d1:
                    70:58:84:1c:1a:8b:3b:f2:c7:2f:00:28:c7:ae:a0:
                    a0:d7:08:ab:94:31:dc:4a:54:b1:ac:59:77:99:0e:
                    8c:6d:92:46:1e:c2:04:80:c1:51:03:37:a4:d1:e8:
                    68:fd:2e:ab:25:40:c6:7a:a2:eb:f3:2b:5f:22:5f:
                    6c:45:11:8b:80:7f:39:a1:20:29:7e:82:26:16:e6:
                    b6:2d:e8:29:90:48:ec:fe:f9:82:9e:ad:d3:e9:32:
                    73:2b:39:bb:86:74:04:30:f0:57:b5:a6:43:5a:e1:
                    60:ae:41:99:52:1f:09:d5:eb:46:29:c3:57:ca:eb:
                    89:d0:bf:d8:bc:66:03:9e:a5:42:20:31:7f:73:7e:
                    b2:1e:64:2e:f6:31:2c:fe:7d:eb:97:5c:5c:f0:ec:
                    82:d7:75:79:db:de:f9:6c:8d:2e:b0:f5:a8:96:f4:
                    1b:dd:d3:59:da:8b:a3:0f:22:b1:36:63:a0:3c:a8:
                    2a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C7:5D:67:95:C4:E4:32:00:50:15:C4:8E:EA:ED:64:FF:E7:D5:BC
            X509v3 Authority Key Identifier:
                keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/JsddZ5XE5DIAUBXEjurtZP_n1bw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:607:1024::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:34:48:c8:f2:41:cd:61:27:d2:a8:e2:64:c3:cb:1e:80:dd:
         4b:75:72:5d:ed:01:95:80:66:f4:b5:70:d4:2a:29:85:f6:b9:
         99:34:f4:9d:93:54:87:a1:1f:36:7d:47:59:79:52:d0:25:08:
         d5:ff:23:ad:86:a3:e3:36:d2:28:20:1f:81:19:16:7d:c4:86:
         c3:b7:aa:a2:e4:63:5e:32:db:10:40:1f:7a:1a:3e:cb:76:11:
         8e:67:ec:62:34:c0:c5:fe:65:0d:0f:47:b0:43:27:75:e9:36:
         3e:7a:4b:30:9e:7a:52:7e:7d:88:90:d5:b6:0d:bd:fb:22:ed:
         72:da:21:11:6c:fc:19:23:00:5e:75:db:8c:fe:d5:8a:c4:1d:
         0c:47:e6:14:66:bb:15:26:69:1f:60:69:d4:e1:b3:94:ca:0c:
         26:d2:0b:77:17:6e:42:d5:07:31:ef:54:8e:c7:0b:12:c7:21:
         2b:71:6b:c1:6b:c1:b1:4d:28:7c:03:37:8e:f1:4a:ae:e1:38:
         2d:fe:fc:9b:ad:d6:d5:8b:ee:3a:8e:cf:9f:3f:3a:b6:5e:ce:
         41:9f:9d:0e:6c:09:37:a2:1a:cc:df:c5:27:04:dc:ac:6b:bd:
         33:f5:c0:91:d3:2d:7a:65:ca:1c:a4:4c:3a:03:e4:51:31:a8:
         74:f7:6f:a7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECJK2vjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDQy
MTA5MDk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZjNzVkNjc5NWM0
ZTQzMjAwNTAxNWM0OGVlYWVkNjRmZmU3ZDViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKR5QeHtONyH0N5d+dTpl+RmYq/xkQUYjg3dAkWomvaoR80l
7juxFCKTVx+1hvBFyZ6LdP6Mmoj/ZToqaSohboyYQ02TqpINea3RcFiEHBqLO/LH
LwAox66goNcIq5Qx3EpUsaxZd5kOjG2SRh7CBIDBUQM3pNHoaP0uqyVAxnqi6/Mr
XyJfbEURi4B/OaEgKX6CJhbmti3oKZBI7P75gp6t0+kycys5u4Z0BDDwV7WmQ1rh
YK5BmVIfCdXrRinDV8rridC/2LxmA56lQiAxf3N+sh5kLvYxLP5965dcXPDsgtd1
edve+WyNLrD1qJb0G93TWdqLow8isTZjoDyoKp0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQmx11nlcTkMgBQFcSO6u1k/+fVvDAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L0pzZGRaNVhFNURJQVVCWEVqdXJ0WlBfbjFidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoPBgcQJDANBgkqhkiG9w0BAQsF
AAOCAQEAGTRIyPJBzWEn0qjiZMPLHoDdS3VyXe0BlYBm9LVw1Cophfa5mTT0nZNU
h6EfNn1HWXlS0CUI1f8jrYaj4zbSKCAfgRkWfcSGw7eqouRjXjLbEEAfeho+y3YR
jmfsYjTAxf5lDQ9HsEMndek2PnpLMJ56Un59iJDVtg29+yLtctohEWz8GSMAXnXb
jP7VisQdDEfmFGa7FSZpH2Bp1OGzlMoMJtILdxduQtUHMe9UjscLEschK3FrwWvB
sU0ofAM3jvFKruE4Lf78m63W1YvuOo7Pnz86tl7OQZ+dDmwJN6IazN/FJwTcrGu9
M/XAkdMtemXKHKRMOgPkUTGodPdvpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org