Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/dm3pG4E3EmJKBvj81DOKW_5n4pk.roa
File:                     dm3pG4E3EmJKBvj81DOKW_5n4pk.roa (raw, json)
Hash identifier:          MjLS7ajPzP/mYWLWPzlyotOXomv/ut57tv0HNDkJrhc=
Subject key identifier:   76:6D:E9:1B:81:37:12:62:4A:06:F8:FC:D4:33:8A:5B:FE:67:E2:99
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       D30909
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/dm3pG4E3EmJKBvj81DOKW_5n4pk.roa
Signing time:             Sat 01 Jan 2022 06:02:32 +0000
ROA not before:           Sat 01 Jan 2022 06:02:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204790
IP address blocks:        2a11:8900::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13830409 (0xd30909)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jan  1 06:02:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=766de91b813712624a06f8fcd4338a5bfe67e299
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a6:b1:e5:3d:d6:4e:00:e4:d2:52:27:18:01:
                    2e:10:45:b4:a4:15:a6:bf:65:01:56:4d:6a:3e:ab:
                    46:04:f3:64:92:9b:62:2c:3c:78:c8:2a:b1:37:96:
                    e2:8e:cf:f8:e9:29:d9:3f:35:97:7a:98:50:bf:76:
                    0c:7b:9d:38:ac:8b:55:9d:b8:43:50:bb:e6:ee:75:
                    2c:06:4f:4d:ad:f2:d4:84:e0:0a:ea:58:b2:63:04:
                    69:28:48:54:29:ae:d7:7d:f4:fc:f5:14:33:41:3a:
                    b9:e5:7a:42:e2:14:3b:b1:8c:44:a5:d2:02:14:82:
                    13:af:f1:54:1d:91:48:d7:f4:22:1b:aa:c4:23:81:
                    bc:71:c6:7b:34:32:57:5c:0e:9a:74:f1:8c:d6:32:
                    83:31:fb:76:4b:cb:45:86:cb:f9:55:8b:22:58:f5:
                    65:75:a2:2c:3f:0a:91:d9:b8:f9:a1:a1:b3:ab:57:
                    56:ed:7f:84:9e:2c:70:97:4f:f2:24:12:1c:6f:b7:
                    85:6d:15:0d:ad:d6:67:4c:59:b0:07:8a:b0:66:a9:
                    6b:b8:8d:49:2a:b8:93:6f:b4:59:87:1b:cc:a5:f6:
                    ef:e9:11:65:5f:eb:d0:69:6b:ae:d5:80:2d:31:1e:
                    b0:71:6f:c7:af:8e:b8:e1:8c:4b:27:6c:13:1a:f6:
                    9a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6D:E9:1B:81:37:12:62:4A:06:F8:FC:D4:33:8A:5B:FE:67:E2:99
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/dm3pG4E3EmJKBvj81DOKW_5n4pk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:8900::/29

    Signature Algorithm: sha256WithRSAEncryption
         58:e2:8e:be:4d:d6:3c:ee:47:05:0f:2b:09:b5:28:ee:b8:42:
         d7:b7:15:38:60:8b:c8:40:0c:21:3f:85:ab:3c:79:3b:b0:a0:
         38:51:5b:94:12:2e:11:c4:7a:0c:a1:c9:94:9d:84:d3:8d:08:
         14:e3:1a:8f:c8:08:27:3d:16:b1:1d:c9:37:93:40:59:f5:f5:
         ac:29:dc:58:31:84:b8:1b:40:f6:ae:d1:80:ee:82:7f:11:55:
         df:43:86:d1:b4:d5:dd:ae:31:d4:d6:e3:0d:8e:21:b5:3d:98:
         a4:de:cc:b5:96:1a:0f:a1:81:82:05:bf:e9:2e:4a:d7:70:cb:
         c7:ba:3a:fb:61:d9:5b:1d:ec:29:79:0c:70:7c:c1:f8:57:a3:
         52:45:24:bc:43:ab:05:28:91:80:20:b5:c5:02:36:2b:00:46:
         bb:27:2d:8f:ec:98:c6:11:b7:5c:89:57:13:41:8c:87:6c:ea:
         2d:fe:8d:53:ca:d9:9d:db:41:e7:71:eb:b5:d8:2e:b3:fa:45:
         2c:c7:f3:11:65:cd:d0:20:a2:7d:5a:f0:45:27:6f:7f:0d:8e:
         a3:e5:42:92:a2:33:16:ae:6b:d5:f0:85:f7:36:02:df:da:6a:
         62:bd:cd:50:09:00:f9:c4:09:5c:9d:55:46:65:37:e5:ba:29:
         c6:31:75:60
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEANMJCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTYwNzZmMjdlMTNkMTgwMGU3N2QxNmU0YjYwYjIzYjZmNThjODIwMB4XDTIyMDEw
MTA2MDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY2ZGU5MWI4MTM3
MTI2MjRhMDZmOGZjZDQzMzhhNWJmZTY3ZTI5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKmseU91k4A5NJSJxgBLhBFtKQVpr9lAVZNaj6rRgTzZJKb
Yiw8eMgqsTeW4o7P+Okp2T81l3qYUL92DHudOKyLVZ24Q1C75u51LAZPTa3y1ITg
CupYsmMEaShIVCmu1330/PUUM0E6ueV6QuIUO7GMRKXSAhSCE6/xVB2RSNf0Ihuq
xCOBvHHGezQyV1wOmnTxjNYygzH7dkvLRYbL+VWLIlj1ZXWiLD8Kkdm4+aGhs6tX
Vu1/hJ4scJdP8iQSHG+3hW0VDa3WZ0xZsAeKsGapa7iNSSq4k2+0WYcbzKX27+kR
ZV/r0GlrrtWALTEesHFvx6+OuOGMSydsExr2mu8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR2bekbgTcSYkoG+PzUM4pb/mfimTAfBgNVHSMEGDAWgBTlYHbyfhPRgA53
0W5LYLI7b1jIIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVXQjI4bjRUMFlBT2Q5RnVTMkN5TzI5WXlDQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvMGFjNDRkLWIzYmUtNDI3Ny04MGY4LTU4Y2Y4OTg4OGUyYS8x
L2RtM3BHNEUzRW1KS0J2ajgxRE9LV181bjRway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
MGFjNDRkLWIzYmUtNDI3Ny04MGY4LTU4Y2Y4OTg4OGUyYS8xLzVXQjI4bjRUMFlB
T2Q5RnVTMkN5TzI5WXlDQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRiQAwDQYJKoZIhvcNAQELBQAD
ggEBAFjijr5N1jzuRwUPKwm1KO64Qte3FThgi8hADCE/has8eTuwoDhRW5QSLhHE
egyhyZSdhNONCBTjGo/ICCc9FrEdyTeTQFn19awp3FgxhLgbQPau0YDugn8RVd9D
htG01d2uMdTW4w2OIbU9mKTezLWWGg+hgYIFv+kuStdwy8e6Ovth2Vsd7Cl5DHB8
wfhXo1JFJLxDqwUokYAgtcUCNisARrsnLY/smMYRt1yJVxNBjIds6i3+jVPK2Z3b
Qedx67XYLrP6RSzH8xFlzdAgon1a8EUnb38NjqPlQpKiMxaua9Xwhfc2At/aamK9
zVAJAPnECVydVUZlN+W6KcYxdWA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:35 2024 by rpki-client on console-ams.rpki-client.org