Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Fuh5PlYUBRwOgNnLjVq8gLHwkM.roa
File:                     0Fuh5PlYUBRwOgNnLjVq8gLHwkM.roa (raw, json)
Hash identifier:          Zy4X99TNYuJTfXYrbQstoLrKMymBaAzc85VZJVGEoHw=
Subject key identifier:   D0:5B:A1:E4:F9:58:50:14:70:3A:03:67:2E:35:6A:F2:02:C7:C2:43
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       11F166CA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Fuh5PlYUBRwOgNnLjVq8gLHwkM.roa
Signing time:             Fri 11 Feb 2022 09:36:41 +0000
ROA not before:           Fri 11 Feb 2022 09:36:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0e:b107:1870::/48 maxlen: 48
                          2a0e:b107:5d0::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:900::/44 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:b107:ba6::/48 maxlen: 48
                          2a10:cc42:1000::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 301033162 (0x11f166ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 11 09:36:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d05ba1e4f9585014703a03672e356af202c7c243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ad:61:10:b7:40:e0:bc:80:ed:be:31:44:88:
                    e8:7a:27:bb:9c:ba:1b:8b:e5:b3:bb:0a:ce:6f:9b:
                    c6:96:ce:d4:da:74:a0:9a:6c:17:84:82:fd:98:88:
                    e0:52:2a:62:a4:18:91:bc:4e:ec:d0:f2:c5:a1:c9:
                    d6:c3:ad:9d:5d:54:06:13:c7:8e:c3:6f:9e:2a:f9:
                    bf:f2:c6:24:ad:b3:6b:aa:e2:b3:4e:33:77:68:26:
                    12:a1:ab:6f:d6:ec:33:4d:c8:41:a8:47:59:ca:e2:
                    7f:0c:49:3d:da:4f:de:a5:05:eb:41:4a:6c:b2:9e:
                    95:c7:5e:9b:3e:f7:d8:cc:54:5b:0b:98:89:02:81:
                    78:91:3f:3b:8e:e6:19:72:98:d5:17:5b:73:78:bb:
                    24:f8:c7:e5:d3:04:2c:35:b4:40:b8:b8:0c:c0:ad:
                    72:2d:94:3f:2d:8e:02:92:af:97:74:45:1c:22:1a:
                    fd:0a:6e:31:1a:21:d3:a9:69:0b:e4:98:dc:05:38:
                    c8:65:8e:22:e4:76:c8:70:d8:a0:03:dc:04:21:e3:
                    a8:f4:c5:14:14:82:73:6c:1b:6a:3d:a5:59:21:f5:
                    67:0f:4f:0c:d6:f6:11:86:29:25:7f:f8:44:0b:a8:
                    a8:d7:18:5e:04:0b:70:82:93:96:e7:c5:a3:9d:1a:
                    a6:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:5B:A1:E4:F9:58:50:14:70:3A:03:67:2E:35:6A:F2:02:C7:C2:43
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0Fuh5PlYUBRwOgNnLjVq8gLHwkM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5d0::-2a0e:b107:5ef:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:900::/44
                  2a0e:b107:9f6::/48
                  2a0e:b107:ba6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a10:cc42:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         08:3e:dd:dd:a4:0c:05:f8:54:e7:81:e7:df:29:f4:0f:07:1a:
         0b:2f:4a:cf:71:9f:2a:1e:ac:89:8d:c6:bb:72:31:73:aa:c5:
         65:1f:bf:6a:a2:76:60:4f:1a:48:db:99:6c:f4:d2:a1:65:d3:
         6f:6f:63:2b:be:10:a5:8d:8f:53:46:4c:0b:aa:4d:94:8a:c3:
         7c:9d:32:f5:ad:df:05:a1:af:31:ae:7b:ac:4c:02:84:39:bc:
         61:75:e8:a3:62:b6:80:4e:f2:dc:58:af:97:9f:7f:da:73:b0:
         46:b2:90:e0:59:27:12:87:a2:a7:f0:ff:52:b6:40:48:7d:7d:
         92:d3:5f:3c:c9:b4:47:f6:d7:39:f6:43:3e:0a:29:9d:a0:8d:
         a4:fd:c2:66:1d:f8:e9:5a:d8:cf:51:2b:53:99:80:4f:db:1b:
         b6:ae:3b:d3:f2:26:2d:a3:72:7c:c1:9a:98:cd:b5:5c:c2:2d:
         4d:cb:71:13:72:e1:4d:97:18:d7:fd:bb:73:a5:07:94:ef:02:
         46:f8:4b:06:b4:58:f0:30:71:87:22:21:b3:e7:87:1f:08:aa:
         4a:4c:f6:f8:f4:09:08:09:20:fd:52:14:27:f0:f7:11:84:ed:
         2e:f1:37:bf:d2:02:da:10:54:8b:53:2a:6e:fd:64:1e:eb:b6:
         6d:93:3f:e8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIEEfFmyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MTA5MzY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA1YmExZTRmOTU4
NTAxNDcwM2EwMzY3MmUzNTZhZjIwMmM3YzI0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMetYRC3QOC8gO2+MUSI6Honu5y6G4vls7sKzm+bxpbO1Np0
oJpsF4SC/ZiI4FIqYqQYkbxO7NDyxaHJ1sOtnV1UBhPHjsNvnir5v/LGJK2za6ri
s04zd2gmEqGrb9bsM03IQahHWcrifwxJPdpP3qUF60FKbLKelcdemz732MxUWwuY
iQKBeJE/O47mGXKY1Rdbc3i7JPjH5dMELDW0QLi4DMCtci2UPy2OApKvl3RFHCIa
/QpuMRoh06lpC+SY3AU4yGWOIuR2yHDYoAPcBCHjqPTFFBSCc2wbaj2lWSH1Zw9P
DNb2EYYpJX/4RAuoqNcYXgQLcIKTlufFo50apoUCAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBTQW6Hk+VhQFHA6A2cuNWryAsfCQzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzBGdWg1UGxZVUJSd09nTm5MalZxOGdMSHdrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwTwQCAAIwSTASAwcEKg6xBwXQAwcEKg6xBwXgAwcE
Kg6xBwkAAwcAKg6xBwn2AwcAKg6xBwumAwcAKg6xBw3yAwcAKg6xBxhwAwYEKhDM
QhAwDQYJKoZIhvcNAQELBQADggEBAAg+3d2kDAX4VOeB598p9A8HGgsvSs9xnyoe
rImNxrtyMXOqxWUfv2qidmBPGkjbmWz00qFl029vYyu+EKWNj1NGTAuqTZSKw3yd
MvWt3wWhrzGue6xMAoQ5vGF16KNitoBO8txYr5eff9pzsEaykOBZJxKHoqfw/1K2
QEh9fZLTXzzJtEf21zn2Qz4KKZ2gjaT9wmYd+Ola2M9RK1OZgE/bG7auO9PyJi2j
cnzBmpjNtVzCLU3LcRNy4U2XGNf9u3OlB5TvAkb4Swa0WPAwcYciIbPnhx8IqkpM
9vj0CQgJIP1SFCfw9xGE7S7xN7/SAtoQVItTKm79ZB7rtm2TP+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:20 2024 by rpki-client on console-fra.rpki-client.org