Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/KsJvF6xs4OuBIxk1b5PjUGVolo4.roa
File:                     KsJvF6xs4OuBIxk1b5PjUGVolo4.roa (raw, json)
Hash identifier:          2dSuTSbdqPWEqJFaturuDnPNKP/YfjqosTm2vn8sCoI=
Subject key identifier:   2A:C2:6F:17:AC:6C:E0:EB:81:23:19:35:6F:93:E3:50:65:68:96:8E
Certificate issuer:       /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial:       34D53342
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/KsJvF6xs4OuBIxk1b5PjUGVolo4.roa
Signing time:             Sat 01 Jan 2022 13:55:39 +0000
ROA not before:           Sat 01 Jan 2022 13:55:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2485
IP address blocks:        2001:67c:1348::/48 maxlen: 48
                          2001:67c:2218::/47 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 886387522 (0x34d53342)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
        Validity
            Not Before: Jan  1 13:55:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ac26f17ac6ce0eb812319356f93e3506568968e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ff:9e:8b:f8:3a:8a:9c:39:05:39:fc:c5:b8:
                    8b:39:7a:fb:54:da:9b:11:7b:a5:80:1d:f5:73:69:
                    34:66:67:f6:80:4c:ce:09:36:64:cd:89:f8:fb:cb:
                    81:32:8f:df:3f:7e:d5:b3:1b:0c:69:9f:9b:da:41:
                    dd:39:22:a8:83:5b:28:7e:ee:1e:8d:b6:fc:ba:ce:
                    4c:35:55:ec:d1:cf:b9:da:09:14:a4:30:9b:f8:5d:
                    78:a0:c0:29:cf:36:1a:f8:dd:82:e4:5c:9a:cb:77:
                    91:28:a5:c7:2a:32:a2:2e:21:3c:5b:08:5e:26:f3:
                    c2:d5:e2:4f:89:3f:66:33:f7:fb:4f:3e:ea:e0:7d:
                    d0:74:4d:d6:80:78:73:77:eb:ae:22:11:7e:d3:60:
                    9f:cd:ac:95:2b:50:bc:12:f3:fd:c4:24:11:8f:70:
                    bf:f5:38:09:d1:e6:33:54:b2:90:91:97:f4:91:7c:
                    78:2e:d3:3c:d6:78:05:d7:bf:a4:b3:aa:6d:7f:a5:
                    fd:7d:05:25:dd:06:1d:01:a3:33:cc:70:a0:87:aa:
                    2e:ac:1b:68:7d:b0:1b:1b:ab:c8:63:35:28:ce:32:
                    43:e3:56:e4:30:83:8d:9f:a6:a8:78:23:3a:d3:ca:
                    b0:f0:dc:f4:b9:44:41:f5:e5:31:f7:09:75:84:61:
                    2b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C2:6F:17:AC:6C:E0:EB:81:23:19:35:6F:93:E3:50:65:68:96:8E
            X509v3 Authority Key Identifier:
                keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/KsJvF6xs4OuBIxk1b5PjUGVolo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1348::/48
                  2001:67c:2218::/47

    Signature Algorithm: sha256WithRSAEncryption
         08:da:6b:42:27:c3:66:82:47:f4:b6:e4:1e:8b:79:a0:cd:e2:
         d7:ad:e9:c8:cf:9a:c7:28:cc:29:a6:88:94:5b:70:30:9b:fe:
         5d:a0:52:66:33:33:27:39:c6:5c:3c:97:3b:5b:c8:ba:18:e1:
         6a:8d:1c:22:3b:01:9f:92:9e:12:b3:5a:4c:fe:69:be:7d:30:
         97:88:34:14:32:d9:30:7c:8d:0e:ed:44:46:1b:d1:b0:04:e5:
         82:96:d6:58:8c:ce:fc:22:a0:29:1f:ce:15:e8:48:c8:20:2d:
         9e:aa:5f:ec:d3:d3:90:9b:b8:47:1e:1d:48:62:06:8b:f2:48:
         c6:4d:88:35:72:30:4c:67:2f:3a:16:17:ce:92:10:3c:31:f0:
         70:22:7b:30:57:7c:74:40:35:ac:64:c8:65:aa:b5:0c:7d:62:
         26:e1:7f:98:e7:63:32:6a:cc:56:00:a7:5b:cc:35:f1:29:97:
         bb:4e:cc:e4:a1:08:4d:e1:64:11:82:28:2d:43:cb:f2:30:65:
         cc:5d:d9:70:4f:45:8d:b7:0c:13:a8:69:d1:c0:d0:6a:a2:32:
         eb:7b:df:19:08:bc:ce:9c:4d:f8:4c:ec:01:a1:2f:5a:e8:57:
         66:2f:72:bd:26:46:9d:a1:9a:27:91:74:ff:bb:03:4c:c1:00:
         23:c7:ed:56
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENNUzQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkM2MwYjY0MTRjOWM4NmUzYzk0YTcxNGRmYjI2OWNiNWU5MTY5MB4XDTIyMDEw
MTEzNTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFjMjZmMTdhYzZj
ZTBlYjgxMjMxOTM1NmY5M2UzNTA2NTY4OTY4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7/nov4OoqcOQU5/MW4izl6+1TamxF7pYAd9XNpNGZn9oBM
zgk2ZM2J+PvLgTKP3z9+1bMbDGmfm9pB3TkiqINbKH7uHo22/LrOTDVV7NHPudoJ
FKQwm/hdeKDAKc82GvjdguRcmst3kSilxyoyoi4hPFsIXibzwtXiT4k/ZjP3+08+
6uB90HRN1oB4c3frriIRftNgn82slStQvBLz/cQkEY9wv/U4CdHmM1SykJGX9JF8
eC7TPNZ4Bde/pLOqbX+l/X0FJd0GHQGjM8xwoIeqLqwbaH2wGxuryGM1KM4yQ+NW
5DCDjZ+mqHgjOtPKsPDc9LlEQfXlMfcJdYRhK4sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQqwm8XrGzg64EjGTVvk+NQZWiWjjAfBgNVHSMEGDAWgBRejTwLZBTJyG48
lKcU37Jpy16RaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMDhDMlFVeWNodVBKU25GTi15YWN0ZWtXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8x
L0tzSnZGNnhzNE91Qkl4azFiNVBqVUdWb2xvNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8xL1hvMDhDMlFVeWNo
dVBKU25GTi15YWN0ZWtXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACABBnwTSAMHASABBnwiGDANBgkq
hkiG9w0BAQsFAAOCAQEACNprQifDZoJH9LbkHot5oM3i163pyM+axyjMKaaIlFtw
MJv+XaBSZjMzJznGXDyXO1vIuhjhao0cIjsBn5KeErNaTP5pvn0wl4g0FDLZMHyN
Du1ERhvRsATlgpbWWIzO/CKgKR/OFehIyCAtnqpf7NPTkJu4Rx4dSGIGi/JIxk2I
NXIwTGcvOhYXzpIQPDHwcCJ7MFd8dEA1rGTIZaq1DH1iJuF/mOdjMmrMVgCnW8w1
8SmXu07M5KEITeFkEYIoLUPL8jBlzF3ZcE9FjbcME6hp0cDQaqIy63vfGQi8zpxN
+EzsAaEvWuhXZi9yvSZGnaGaJ5F0/7sDTMEAI8ftVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org