Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b8072f-f355-4dd6-9393-6a65d8041803/1/1-AlO9t5VGYORBKUAkUP_e2h2Wxs.roa
File:                     1-AlO9t5VGYORBKUAkUP_e2h2Wxs.roa (raw, json)
Hash identifier:          53ADN/ypXzqqCyDtUTxHlz0i70S+baPD9k8dHiVDrWA=
Subject key identifier:   F8:09:4E:F6:DE:55:19:83:91:04:A5:00:91:43:FF:7B:68:76:5B:1B
Certificate issuer:       /CN=5e51c193fb7ff1746a215c41817f50ecba5a581a
Certificate serial:       01A20291
Authority key identifier: 5E:51:C1:93:FB:7F:F1:74:6A:21:5C:41:81:7F:50:EC:BA:5A:58:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XlHBk_t_8XRqIVxBgX9Q7LpaWBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b8072f-f355-4dd6-9393-6a65d8041803/1/1-AlO9t5VGYORBKUAkUP_e2h2Wxs.roa
Signing time:             Sat 01 Jan 2022 07:03:16 +0000
ROA not before:           Sat 01 Jan 2022 07:03:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2001:678:f8c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27394705 (0x1a20291)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e51c193fb7ff1746a215c41817f50ecba5a581a
        Validity
            Not Before: Jan  1 07:03:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f8094ef6de5519839104a5009143ff7b68765b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e2:b0:30:37:99:b7:b6:17:42:32:d4:fd:68:
                    03:a7:8f:14:cc:1d:35:f0:db:fd:5d:14:c3:10:62:
                    0f:5a:be:ab:38:8d:9d:ab:fc:de:f6:33:84:de:b9:
                    d5:c7:d6:29:de:5f:39:55:43:89:d0:a9:6e:eb:fa:
                    53:4d:09:01:e5:17:30:75:c2:42:5c:c6:b3:5c:f2:
                    b6:4c:ba:fb:0e:ec:4e:0e:67:22:8f:2b:2b:f1:c0:
                    28:50:19:3b:fc:f2:ec:78:7e:dc:4d:f1:37:0d:3b:
                    97:9b:32:21:63:37:2b:af:6a:0e:84:3e:f9:4b:cd:
                    f7:0d:5c:d9:70:80:20:5e:c8:29:15:27:f8:ce:9a:
                    93:f0:50:55:95:a6:e1:a8:87:d9:15:5e:05:3d:7a:
                    49:1a:86:46:1f:95:1f:3e:3e:79:fa:66:58:ca:d8:
                    7a:2a:59:d7:e0:c9:9c:97:34:9a:ec:48:4a:68:0a:
                    25:23:df:f3:bf:6c:12:6d:fc:f9:07:b0:d1:9a:86:
                    7a:af:d3:61:0e:fd:a0:e9:ec:fa:4c:50:a7:53:0a:
                    ff:d9:aa:5a:7a:38:fc:12:95:8f:86:72:3d:76:b5:
                    46:4b:cd:44:be:96:50:f4:fa:1f:3b:80:72:8d:72:
                    d4:66:b9:b9:02:53:bd:d9:b3:25:c7:19:04:17:11:
                    f6:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:09:4E:F6:DE:55:19:83:91:04:A5:00:91:43:FF:7B:68:76:5B:1B
            X509v3 Authority Key Identifier:
                keyid:5E:51:C1:93:FB:7F:F1:74:6A:21:5C:41:81:7F:50:EC:BA:5A:58:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlHBk_t_8XRqIVxBgX9Q7LpaWBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b8072f-f355-4dd6-9393-6a65d8041803/1/1-AlO9t5VGYORBKUAkUP_e2h2Wxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b8072f-f355-4dd6-9393-6a65d8041803/1/XlHBk_t_8XRqIVxBgX9Q7LpaWBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:f8c::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:4b:72:c9:9f:10:b7:88:de:29:f7:dc:1a:fe:ee:ae:9b:b7:
         a7:cd:c8:89:91:c2:77:27:38:6c:b2:97:d0:dd:ae:72:ac:16:
         6e:21:f0:0d:49:e7:5f:86:b7:d1:74:b3:4f:b3:3c:ff:cd:a4:
         ab:b4:13:92:0c:31:77:aa:ef:03:d1:45:a7:96:4b:77:2b:43:
         a1:35:1c:b8:36:ec:44:37:bb:19:5e:9c:b5:2c:d5:39:ee:42:
         3e:ad:39:6c:91:a0:56:28:2b:49:95:06:60:63:37:90:7a:37:
         92:37:b2:c0:86:b8:0b:60:72:d8:7e:0e:37:45:74:7e:66:c8:
         79:e6:8b:01:cb:73:e6:09:32:9d:90:f5:79:59:65:2b:ef:99:
         d6:4f:dc:c5:6a:22:cd:0e:d4:ef:6f:7b:4d:0a:fa:0d:6a:29:
         c4:31:e1:0d:69:57:da:0e:25:37:d1:4d:68:16:1f:6f:cd:6f:
         78:da:35:cb:37:fc:34:cc:59:ef:49:4f:cd:78:79:d9:e5:ae:
         bc:a9:27:05:2e:91:a6:5e:cc:e5:e7:fe:b5:6c:f8:19:16:94:
         b1:d6:8f:01:22:63:95:2c:39:c1:5f:1a:6b:98:97:74:a8:33:
         fe:e4:df:50:96:35:0c:c2:12:66:f5:0a:80:c2:59:14:0b:59:
         65:79:d3:4e
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEAaICkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTUxYzE5M2ZiN2ZmMTc0NmEyMTVjNDE4MTdmNTBlY2JhNWE1ODFhMB4XDTIyMDEw
MTA3MDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjgwOTRlZjZkZTU1
MTk4MzkxMDRhNTAwOTE0M2ZmN2I2ODc2NWIxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/isDA3mbe2F0Iy1P1oA6ePFMwdNfDb/V0UwxBiD1q+qziN
nav83vYzhN651cfWKd5fOVVDidCpbuv6U00JAeUXMHXCQlzGs1zytky6+w7sTg5n
Io8rK/HAKFAZO/zy7Hh+3E3xNw07l5syIWM3K69qDoQ++UvN9w1c2XCAIF7IKRUn
+M6ak/BQVZWm4aiH2RVeBT16SRqGRh+VHz4+efpmWMrYeipZ1+DJnJc0muxISmgK
JSPf879sEm38+Qew0ZqGeq/TYQ79oOns+kxQp1MK/9mqWno4/BKVj4ZyPXa1RkvN
RL6WUPT6HzuAco1y1Ga5uQJTvdmzJccZBBcR9oUCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT4CU723lUZg5EEpQCRQ/97aHZbGzAfBgNVHSMEGDAWgBReUcGT+3/xdGoh
XEGBf1DsulpYGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hsSEJrX3RfOFhScUlWeEJnWDlRN0xwYVdCby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjgwNzJmLWYzNTUtNGRkNi05MzkzLTZhNjVkODA0MTgwMy8x
LzEtQWxPOXQ1VkdZT1JCS1VBa1VQX2UyaDJXeHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y4
L2I4MDcyZi1mMzU1LTRkZDYtOTM5My02YTY1ZDgwNDE4MDMvMS9YbEhCa190XzhY
UnFJVnhCZ1g5UTdMcGFXQm8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4D4wwDQYJKoZIhvcNAQEL
BQADggEBAB5LcsmfELeI3in33Br+7q6bt6fNyImRwncnOGyyl9DdrnKsFm4h8A1J
51+Gt9F0s0+zPP/NpKu0E5IMMXeq7wPRRaeWS3crQ6E1HLg27EQ3uxlenLUs1Tnu
Qj6tOWyRoFYoK0mVBmBjN5B6N5I3ssCGuAtgcth+DjdFdH5myHnmiwHLc+YJMp2Q
9XlZZSvvmdZP3MVqIs0O1O9ve00K+g1qKcQx4Q1pV9oOJTfRTWgWH2/Nb3jaNcs3
/DTMWe9JT814ednlrrypJwUukaZezOXn/rVs+BkWlLHWjwEiY5UsOcFfGmuYl3So
M/7k31CWNQzCEmb1CoDCWRQLWWV5004=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:41 2023 by rpki-client on console-fra.rpki-client.org