Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/cujQoZXHihQma5LBHZO5lgr7Kx8.roa
File:                     cujQoZXHihQma5LBHZO5lgr7Kx8.roa (raw, json)
Hash identifier:          2lnU//9DkOcb42JAbQrxPEds0BoEoROjZqkQpwDVRFQ=
Subject key identifier:   72:E8:D0:A1:95:C7:8A:14:26:6B:92:C1:1D:93:B9:96:0A:FB:2B:1F
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       12896B7A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/cujQoZXHihQma5LBHZO5lgr7Kx8.roa
Signing time:             Sat 01 Jan 2022 10:05:48 +0000
ROA not before:           Sat 01 Jan 2022 10:05:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57755
IP address blocks:        2a0a:4e00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 310995834 (0x12896b7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  1 10:05:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72e8d0a195c78a14266b92c11d93b9960afb2b1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d5:74:c7:ef:74:35:5f:f4:99:85:89:11:be:
                    1a:b0:2a:ca:05:74:78:84:2c:4c:74:42:fa:09:05:
                    ee:66:5a:79:a2:74:07:59:1b:38:1b:ce:53:ba:04:
                    ed:35:ac:fe:c9:c8:35:4d:3d:1a:38:e6:64:b1:c7:
                    e9:2f:cd:b0:0a:79:0d:ac:de:02:fc:30:2b:4c:69:
                    a5:8f:62:59:76:90:63:e4:94:10:af:6c:7c:ae:bf:
                    f5:e4:1b:e8:a1:9b:e2:15:19:02:f2:49:7e:a4:6c:
                    a9:67:70:dd:77:9a:98:9e:6f:c1:b8:3a:b7:ef:e9:
                    e0:c9:90:98:ba:55:26:b8:b8:e2:6a:d6:13:5a:cd:
                    7f:af:26:96:31:6d:29:31:d7:59:0e:5a:56:69:fd:
                    be:c8:a9:47:28:5c:0f:33:1d:c8:e9:a3:2d:8c:c7:
                    f2:6e:3b:93:70:89:16:aa:bb:53:f1:79:94:93:43:
                    db:d0:61:0b:29:91:4c:3e:31:51:b1:f9:ec:3d:49:
                    3b:7e:42:c1:0a:78:f2:9e:3b:e8:be:f9:2d:69:40:
                    ea:20:f8:10:05:ed:9b:84:10:6a:89:c7:4b:7a:39:
                    17:19:e6:82:82:69:07:24:a3:23:f0:b0:14:6d:14:
                    33:97:d0:89:63:24:dc:6d:7e:44:f7:ce:58:c2:eb:
                    98:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E8:D0:A1:95:C7:8A:14:26:6B:92:C1:1D:93:B9:96:0A:FB:2B:1F
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/cujQoZXHihQma5LBHZO5lgr7Kx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:4e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         1b:d9:6c:aa:ce:ff:7e:25:0b:e9:15:64:6f:0e:a1:d1:fd:bb:
         d7:e8:87:22:76:cf:d7:7b:21:e3:26:55:50:2c:9c:61:78:cf:
         73:6a:a4:e3:13:4f:0f:52:f5:30:e9:e5:14:f3:0b:9c:0b:de:
         0f:b0:aa:82:ec:2d:f4:af:df:5f:88:29:84:33:78:e1:a6:43:
         a9:f8:69:2b:85:b3:60:17:80:c2:26:db:59:26:16:2c:3a:52:
         dc:9b:78:83:0b:73:83:b1:be:b9:15:b3:07:2e:74:43:d6:e2:
         e0:c7:4d:b2:46:a2:1c:6e:36:af:25:ae:eb:c6:24:fd:fe:8b:
         d5:54:fa:2f:12:d1:c1:f4:6e:7c:08:9a:0f:82:08:ec:65:59:
         b7:e6:b7:07:36:b7:20:f1:1e:8d:4b:fe:b7:7b:4c:51:26:84:
         c8:30:f6:76:45:68:a7:b8:6b:58:b4:a3:c6:0f:e5:bd:4c:8d:
         bc:f5:54:e0:3a:83:db:48:44:eb:f6:3c:f4:e3:3b:23:5d:e6:
         d3:af:c6:99:99:8d:08:e9:da:21:d9:74:6a:ae:81:65:3d:82:
         d7:92:2b:8e:e8:14:c4:63:35:0f:24:9b:10:80:47:35:73:e7:
         36:a7:73:f0:6b:08:e5:75:f0:ff:2a:86:67:16:a1:f2:6e:a0:
         a0:b0:94:f2
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEEolrejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJlOGQwYTE5NWM3
OGExNDI2NmI5MmMxMWQ5M2I5OTYwYWZiMmIxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLVdMfvdDVf9JmFiRG+GrAqygV0eIQsTHRC+gkF7mZaeaJ0
B1kbOBvOU7oE7TWs/snINU09GjjmZLHH6S/NsAp5DazeAvwwK0xppY9iWXaQY+SU
EK9sfK6/9eQb6KGb4hUZAvJJfqRsqWdw3XeamJ5vwbg6t+/p4MmQmLpVJri44mrW
E1rNf68mljFtKTHXWQ5aVmn9vsipRyhcDzMdyOmjLYzH8m47k3CJFqq7U/F5lJND
29BhCymRTD4xUbH57D1JO35CwQp48p476L75LWlA6iD4EAXtm4QQaonHS3o5Fxnm
goJpBySjI/CwFG0UM5fQiWMk3G1+RPfOWMLrmPsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRy6NChlceKFCZrksEdk7mWCvsrHzAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L2N1alFvWlhIaWhRbWE1TEJIWk81bGdyN0t4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoKTgAwDQYJKoZIhvcNAQELBQAD
ggEBABvZbKrO/34lC+kVZG8OodH9u9fohyJ2z9d7IeMmVVAsnGF4z3NqpOMTTw9S
9TDp5RTzC5wL3g+wqoLsLfSv31+IKYQzeOGmQ6n4aSuFs2AXgMIm21kmFiw6Utyb
eIMLc4OxvrkVswcudEPW4uDHTbJGohxuNq8lruvGJP3+i9VU+i8S0cH0bnwImg+C
COxlWbfmtwc2tyDxHo1L/rd7TFEmhMgw9nZFaKe4a1i0o8YP5b1Mjbz1VOA6g9tI
ROv2PPTjOyNd5tOvxpmZjQjp2iHZdGqugWU9gteSK47oFMRjNQ8kmxCARzVz5zan
c/BrCOV18P8qhmcWofJuoKCwlPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org