Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/1-2cKCxnwS0mgcSx5r_elfIE16H4.roa
File:                     1-2cKCxnwS0mgcSx5r_elfIE16H4.roa (raw, json)
Hash identifier:          U9Qi+aSSnI6gRucmQVZpCd0s5VoCSrifET+hV5+QNG8=
Subject key identifier:   FB:67:0A:0B:19:F0:4B:49:A0:71:2C:79:AF:F7:A5:7C:81:35:E8:7E
Certificate issuer:       /CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Certificate serial:       04B8AC8A
Authority key identifier: 40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/1-2cKCxnwS0mgcSx5r_elfIE16H4.roa
Signing time:             Sat 01 Jan 2022 08:54:39 +0000
ROA not before:           Sat 01 Jan 2022 08:54:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58264
IP address blocks:        94.143.64.0/21 maxlen: 21
                          185.246.228.0/22 maxlen: 22
                          2a06:b140::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79211658 (0x4b8ac8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
        Validity
            Not Before: Jan  1 08:54:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb670a0b19f04b49a0712c79aff7a57c8135e87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:55:99:9a:18:64:7e:44:17:25:e9:e6:17:36:
                    99:2a:03:eb:a7:58:df:cc:98:61:0e:78:8d:65:5d:
                    4f:64:0a:fa:ff:2b:9c:7d:cb:11:0a:3b:24:a7:bf:
                    03:92:08:d0:27:20:8a:77:13:cf:1a:13:6f:1d:9d:
                    6c:a9:26:48:fb:d5:83:2e:59:da:4c:26:b8:4c:52:
                    a4:7c:1f:07:60:8d:25:bd:6a:5e:9d:f1:ac:f1:48:
                    b8:3d:ef:ed:6c:e8:5e:87:35:b2:ed:7f:6b:08:2c:
                    c3:90:c5:10:50:0a:f5:08:fa:6b:2d:ec:3f:d0:85:
                    4a:cc:eb:98:69:91:e7:76:bb:e6:ee:79:d5:1c:63:
                    4b:45:77:74:5e:e5:fe:fb:9e:69:6f:1b:f2:e9:ef:
                    e4:fe:e5:bb:29:12:6d:87:76:71:ff:3f:1e:89:14:
                    2c:ac:27:48:53:58:8d:6d:a3:be:21:3d:d6:47:b1:
                    31:d3:97:2b:e7:1a:b5:c1:ec:b2:95:74:2c:9d:6f:
                    7b:5b:3b:2a:2a:b3:a9:c4:42:c6:db:27:88:a5:eb:
                    88:d9:7f:86:9f:36:a3:3d:8b:21:ed:17:16:3a:67:
                    bd:db:5b:44:40:e3:42:30:d0:27:f8:82:4b:7f:da:
                    e7:06:11:6d:79:58:19:b9:8f:f5:ca:6e:bc:3d:77:
                    25:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:67:0A:0B:19:F0:4B:49:A0:71:2C:79:AF:F7:A5:7C:81:35:E8:7E
            X509v3 Authority Key Identifier:
                keyid:40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/1-2cKCxnwS0mgcSx5r_elfIE16H4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.143.64.0/21
                  185.246.228.0/22
                IPv6:
                  2a06:b140::/29

    Signature Algorithm: sha256WithRSAEncryption
         72:e8:73:14:25:2d:29:a5:fe:db:da:06:64:3a:4c:50:d9:6d:
         35:26:54:34:71:87:a2:4a:2e:a3:d9:02:0c:03:5f:f8:13:98:
         58:98:bf:fe:95:64:e3:79:bd:f5:68:5c:5b:c7:f3:ab:03:48:
         22:2b:97:1e:76:90:43:f1:01:22:60:0a:47:10:80:71:7b:b2:
         01:e7:2c:42:7a:97:a6:2e:67:b3:70:cd:8a:8a:a0:1f:e0:68:
         d2:b4:59:80:1a:8d:6c:98:55:8d:7c:ea:1c:9d:68:7b:48:9d:
         e2:1d:77:a8:65:81:39:b1:9e:af:62:91:1f:f0:f1:79:a4:9a:
         67:8e:be:bb:b3:7c:da:38:32:04:c8:b3:e7:ab:95:7b:64:20:
         15:1b:f0:74:7c:22:63:7d:cb:3d:e4:51:d2:cc:ed:d2:dc:da:
         69:1a:39:85:50:9d:c3:f2:cc:69:8f:94:6f:85:6b:56:f1:95:
         4c:dc:3a:a3:9a:2d:00:66:95:f6:23:71:41:38:de:29:11:18:
         8a:8f:05:62:8e:ed:ae:37:22:ae:d6:6f:bb:48:1a:63:a7:4b:
         7e:75:61:e0:6e:34:09:ef:8f:1a:f5:7e:33:15:82:84:7f:3a:
         d6:8d:3c:bd:09:f2:b8:69:6d:81:26:02:b1:7f:57:1b:27:28:
         72:7e:1c:35
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBLisijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGVlNjEwYmRjZDIzYmFkMmIxMTkyYmQ0NWNhOGE5NzZkMzg1NWRhMB4XDTIyMDEw
MTA4NTQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI2NzBhMGIxOWYw
NGI0OWEwNzEyYzc5YWZmN2E1N2M4MTM1ZTg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPRVmZoYZH5EFyXp5hc2mSoD66dY38yYYQ54jWVdT2QK+v8r
nH3LEQo7JKe/A5II0CcgincTzxoTbx2dbKkmSPvVgy5Z2kwmuExSpHwfB2CNJb1q
Xp3xrPFIuD3v7WzoXoc1su1/awgsw5DFEFAK9Qj6ay3sP9CFSszrmGmR53a75u55
1RxjS0V3dF7l/vueaW8b8unv5P7luykSbYd2cf8/HokULKwnSFNYjW2jviE91kex
MdOXK+catcHsspV0LJ1ve1s7KiqzqcRCxtsniKXriNl/hp82oz2LIe0XFjpnvdtb
REDjQjDQJ/iCS3/a5wYRbXlYGbmP9cpuvD13JRMCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBT7ZwoLGfBLSaBxLHmv96V8gTXofjAfBgNVHSMEGDAWgBRA7mEL3NI7rSsR
kr1FyoqXbThV2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FPNWhDOXpTTzYwckVaSzlSY3FLbDIwNFZkby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNWVmYWU1LTJjOTItNDBkMC1hM2I2LWE2YzE3Y2U4MmQ3Ny8x
LzEtMmNLQ3hud1MwbWdjU3g1cl9lbGZJRTE2SDQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U2
LzVlZmFlNS0yYzkyLTQwZDAtYTNiNi1hNmMxN2NlODJkNzcvMS9RTzVoQzl6U082
MHJFWks5UmNxS2wyMDRWZG8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBANej0ADBAK59uQwDQQCAAIwBwMF
AyoGsUAwDQYJKoZIhvcNAQELBQADggEBAHLocxQlLSml/tvaBmQ6TFDZbTUmVDRx
h6JKLqPZAgwDX/gTmFiYv/6VZON5vfVoXFvH86sDSCIrlx52kEPxASJgCkcQgHF7
sgHnLEJ6l6YuZ7NwzYqKoB/gaNK0WYAajWyYVY186hydaHtIneIdd6hlgTmxnq9i
kR/w8XmkmmeOvruzfNo4MgTIs+erlXtkIBUb8HR8ImN9yz3kUdLM7dLc2mkaOYVQ
ncPyzGmPlG+Fa1bxlUzcOqOaLQBmlfYjcUE43ikRGIqPBWKO7a43Iq7Wb7tIGmOn
S351YeBuNAnvjxr1fjMVgoR/OtaNPL0J8rhpbYEmArF/VxsnKHJ+HDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:49 2024 by rpki-client on console-ams.rpki-client.org