Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/f1Md29IVcTY6AgqMNovHIZu9zxA.roa
File:                     f1Md29IVcTY6AgqMNovHIZu9zxA.roa (raw, json)
Hash identifier:          diuwQJqHoBfMVoYBbbdsm1y2HFkti2Jp/8611lt+4+o=
Subject key identifier:   7F:53:1D:DB:D2:15:71:36:3A:02:0A:8C:36:8B:C7:21:9B:BD:CF:10
Certificate issuer:       /CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
Certificate serial:       0BB719D0
Authority key identifier: 4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/f1Md29IVcTY6AgqMNovHIZu9zxA.roa
Signing time:             Sat 01 Jan 2022 11:56:50 +0000
ROA not before:           Sat 01 Jan 2022 11:56:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23470
IP address blocks:        2a0c:8fc3::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196549072 (0xbb719d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
        Validity
            Not Before: Jan  1 11:56:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7f531ddbd21571363a020a8c368bc7219bbdcf10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:41:49:b2:2d:76:c2:05:7b:72:6d:1e:3c:a3:
                    1a:a1:60:96:73:b7:06:05:b7:98:25:74:07:34:0e:
                    29:cc:c9:c6:43:6a:58:30:c0:3c:07:4b:28:7b:19:
                    f1:ed:9a:54:d5:50:58:35:46:b9:9a:10:9f:71:85:
                    2b:03:7e:37:e3:8d:51:fd:4e:d4:2a:c6:f9:d3:47:
                    57:e8:03:f3:b7:8f:2b:fb:3d:2b:a3:3e:05:c1:ef:
                    26:6e:e6:ca:94:45:46:d5:d2:9c:4a:74:8e:3d:df:
                    1a:e4:ff:5e:89:4c:70:47:c2:09:40:25:89:fa:82:
                    06:c4:cb:55:c2:72:bc:36:70:ae:8b:09:00:ae:03:
                    41:43:1c:a4:95:20:d2:bd:ba:f9:19:39:f0:98:f2:
                    72:8f:8e:3c:04:70:de:cb:86:c8:c3:49:f4:43:dc:
                    5b:57:5d:ce:13:74:eb:ca:74:c5:21:f8:c8:57:04:
                    3b:bf:c4:0c:27:8c:e5:86:8b:46:9e:d7:da:91:e0:
                    19:34:ec:c8:0d:23:bb:9b:af:5a:6d:eb:54:7e:66:
                    f3:0c:33:1a:00:05:dd:a7:bf:e5:76:78:ae:a1:08:
                    92:11:44:39:b7:8a:02:69:89:4c:ca:f2:ee:e3:17:
                    a3:e4:29:9f:72:b0:18:6f:dd:a8:09:a0:25:a4:08:
                    53:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:53:1D:DB:D2:15:71:36:3A:02:0A:8C:36:8B:C7:21:9B:BD:CF:10
            X509v3 Authority Key Identifier:
                keyid:4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/f1Md29IVcTY6AgqMNovHIZu9zxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:8fc3::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:8c:15:25:67:09:cc:97:7d:0f:3c:df:51:f6:e5:29:8d:47:
         69:39:8c:67:b8:dd:36:bb:4e:d7:72:df:49:1e:e2:30:0e:dc:
         dc:5a:b6:94:83:f6:3c:2f:ea:58:40:ea:b5:29:5b:57:8c:0a:
         59:58:bb:6f:89:a0:24:9c:1c:ee:27:83:00:bf:18:0a:0f:0f:
         e3:4b:70:4c:89:41:9f:00:40:4d:c7:12:31:2b:4e:96:9c:ac:
         a3:7b:0d:b9:b0:99:ac:c6:46:53:17:91:ac:ba:46:2a:f7:c4:
         86:34:33:10:0c:36:52:17:de:1d:8f:77:67:98:b1:0a:ab:ae:
         09:41:28:1f:24:8e:1b:1d:44:9c:78:14:13:37:25:74:8c:95:
         65:29:aa:06:2d:7f:29:c3:0a:08:fd:6e:2a:8e:c3:64:12:2e:
         7b:09:75:bb:90:50:21:24:e6:91:f3:e2:41:d8:76:5c:92:30:
         c5:c6:5d:18:12:db:d5:5e:54:c1:a5:6b:b3:a1:d7:48:78:60:
         b5:ca:eb:a1:e9:7e:a7:39:ff:ad:ae:40:2d:50:31:e2:a0:33:
         29:47:33:5b:16:02:68:1f:30:78:af:32:fd:f9:94:c1:40:9d:
         ed:c7:b8:6e:12:60:8f:2c:50:34:6e:94:a3:7f:f3:85:96:be:
         c8:79:36:e1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEC7cZ0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjNiZDU2ZThiNTRlNmRhMjdiYmU2NjIyZGFjNjdjYmYwMmE4MWVhMB4XDTIyMDEw
MTExNTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y1MzFkZGJkMjE1
NzEzNjNhMDIwYThjMzY4YmM3MjE5YmJkY2YxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJBSbItdsIFe3JtHjyjGqFglnO3BgW3mCV0BzQOKczJxkNq
WDDAPAdLKHsZ8e2aVNVQWDVGuZoQn3GFKwN+N+ONUf1O1CrG+dNHV+gD87ePK/s9
K6M+BcHvJm7mypRFRtXSnEp0jj3fGuT/XolMcEfCCUAlifqCBsTLVcJyvDZwrosJ
AK4DQUMcpJUg0r26+Rk58Jjyco+OPARw3suGyMNJ9EPcW1ddzhN068p0xSH4yFcE
O7/EDCeM5YaLRp7X2pHgGTTsyA0ju5uvWm3rVH5m8wwzGgAF3ae/5XZ4rqEIkhFE
ObeKAmmJTMry7uMXo+Qpn3KwGG/dqAmgJaQIU9ECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBR/Ux3b0hVxNjoCCow2i8chm73PEDAfBgNVHSMEGDAWgBRPO9Vui1Tm2ie7
5mItrGfL8CqB6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R6dlZib3RVNXRvbnUtWmlMYXhueV9BcWdlby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvNmZlMTQ5LThhNzItNDdmZC04NzM1LTdkYzViZGRmOTFiNS8x
L2YxTWQyOUlWY1RZNkFncU1Ob3ZISVp1OXp4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
NmZlMTQ5LThhNzItNDdmZC04NzM1LTdkYzViZGRmOTFiNS8xL1R6dlZib3RVNXRv
bnUtWmlMYXhueV9BcWdlby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoMj8MwDQYJKoZIhvcNAQELBQAD
ggEBAGiMFSVnCcyXfQ8831H25SmNR2k5jGe43Ta7Ttdy30ke4jAO3NxatpSD9jwv
6lhA6rUpW1eMCllYu2+JoCScHO4ngwC/GAoPD+NLcEyJQZ8AQE3HEjErTpacrKN7
DbmwmazGRlMXkay6Rir3xIY0MxAMNlIX3h2Pd2eYsQqrrglBKB8kjhsdRJx4FBM3
JXSMlWUpqgYtfynDCgj9biqOw2QSLnsJdbuQUCEk5pHz4kHYdlySMMXGXRgS29Ve
VMGla7Oh10h4YLXK66Hpfqc5/62uQC1QMeKgMylHM1sWAmgfMHivMv35lMFAne3H
uG4SYI8sUDRulKN/84WWvsh5NuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:20 2024 by rpki-client on console-fra.rpki-client.org