Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0PYtsBXccFuUX-id3cwTALNBEHQ.roa
File:                     0PYtsBXccFuUX-id3cwTALNBEHQ.roa (raw, json)
Hash identifier:          RU6o32/4pGhnO3hVJhDj7d/bhXRhdgOrfQKSVDrljZc=
Subject key identifier:   D0:F6:2D:B0:15:DC:70:5B:94:5F:E8:9D:DD:CC:13:00:B3:41:10:74
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       14A01F0B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0PYtsBXccFuUX-id3cwTALNBEHQ.roa
Signing time:             Fri 13 May 2022 18:59:40 +0000
ROA not before:           Fri 13 May 2022 18:59:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205121
IP address blocks:        2a0e:97c0:ad0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 346038027 (0x14a01f0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: May 13 18:59:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0f62db015dc705b945fe89dddcc1300b3411074
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a2:d0:3f:72:cd:35:73:8e:12:dc:a2:89:41:
                    91:23:f7:34:09:13:1f:34:5f:25:92:9b:38:ef:20:
                    68:4c:6c:f5:3a:f8:fe:2f:ea:cd:32:f5:8b:ce:4d:
                    63:0f:f3:22:f7:57:f1:fb:bf:88:d4:f5:50:3b:20:
                    79:41:d9:3d:87:81:4c:d6:fb:0e:73:91:b4:3a:e5:
                    3f:82:b4:ce:5f:39:27:22:39:6e:92:eb:8f:51:a9:
                    de:fd:30:82:e0:66:13:2f:b6:2b:e0:d9:b3:14:0e:
                    43:80:9c:21:cd:e3:28:ea:f8:81:a3:13:5d:70:6f:
                    e1:79:e7:e2:eb:ea:58:26:88:4a:ef:ad:f8:18:f0:
                    9d:a2:94:e6:a3:d7:ba:01:9e:2a:1f:be:bc:ab:9f:
                    96:3e:0e:3b:31:f7:5e:7e:79:a4:b5:3a:64:6f:34:
                    7f:7a:92:e9:fd:e6:1e:b2:c3:ab:94:78:3e:f9:c6:
                    cc:92:4b:5f:98:da:dc:a7:1f:fe:ad:2f:bb:64:00:
                    3c:c7:d4:58:4d:07:5f:20:f6:4f:2b:81:75:68:97:
                    08:27:8d:c6:a3:e6:2d:80:36:06:41:34:8e:1a:89:
                    82:28:6b:ac:d4:ba:b9:0d:e3:55:4d:3c:ab:a5:23:
                    bd:10:2b:7b:a1:53:cb:65:98:a8:95:dc:b0:64:b9:
                    b0:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F6:2D:B0:15:DC:70:5B:94:5F:E8:9D:DD:CC:13:00:B3:41:10:74
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0PYtsBXccFuUX-id3cwTALNBEHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:ad0::/44

    Signature Algorithm: sha256WithRSAEncryption
         83:ea:09:67:d6:78:16:7b:2c:ed:b6:3a:c4:31:d1:e8:84:23:
         70:65:6c:3b:39:9c:9a:2f:90:e6:fb:06:9f:36:4a:6d:da:67:
         43:de:ee:f9:d8:62:18:1d:5f:bd:f3:92:42:f1:74:f0:a6:36:
         9a:5f:42:c8:f0:55:1a:ec:cf:ff:b9:d2:e6:a7:d2:f2:4e:37:
         ad:a6:71:a0:91:e9:2a:68:cd:cd:80:1e:df:4f:5d:0c:ac:d2:
         7f:b5:ba:17:a8:ea:a5:ce:ca:d1:fa:98:81:17:5c:71:21:17:
         84:70:35:58:c6:7f:43:5f:c2:37:a6:ea:d7:be:37:f4:b5:89:
         7d:0b:53:98:d2:0f:6f:0b:82:96:84:45:e8:f6:89:4b:11:9a:
         dd:89:b5:a2:8b:0b:4c:95:a8:0c:60:4d:85:e7:51:57:13:7b:
         a1:8f:cf:91:10:65:65:3f:70:f0:fb:f2:51:0e:71:6a:86:c2:
         b9:d0:71:05:fc:55:20:9a:08:e1:9a:dd:83:46:7d:66:f3:3d:
         db:b2:d3:64:9b:14:5a:0a:92:be:70:66:5c:00:08:ce:4e:12:
         46:53:05:3d:e1:26:07:51:5d:85:04:2d:b5:2f:ad:da:04:f9:
         74:ce:b7:b6:6a:17:9c:17:73:a4:66:dc:66:05:36:41:22:5f:
         70:75:96:ff
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFKAfCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDUx
MzE4NTk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBmNjJkYjAxNWRj
NzA1Yjk0NWZlODlkZGRjYzEzMDBiMzQxMTA3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKui0D9yzTVzjhLcoolBkSP3NAkTHzRfJZKbOO8gaExs9Tr4
/i/qzTL1i85NYw/zIvdX8fu/iNT1UDsgeUHZPYeBTNb7DnORtDrlP4K0zl85JyI5
bpLrj1Gp3v0wguBmEy+2K+DZsxQOQ4CcIc3jKOr4gaMTXXBv4Xnn4uvqWCaISu+t
+BjwnaKU5qPXugGeKh++vKuflj4OOzH3Xn55pLU6ZG80f3qS6f3mHrLDq5R4PvnG
zJJLX5ja3Kcf/q0vu2QAPMfUWE0HXyD2TyuBdWiXCCeNxqPmLYA2BkE0jhqJgihr
rNS6uQ3jVU08q6UjvRAre6FTy2WYqJXcsGS5sL0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTQ9i2wFdxwW5Rf6J3dzBMAs0EQdDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzBQWXRzQlhjY0Z1VVgtaWQzY3dUQUxOQkVIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AK0DANBgkqhkiG9w0BAQsF
AAOCAQEAg+oJZ9Z4Fnss7bY6xDHR6IQjcGVsOzmcmi+Q5vsGnzZKbdpnQ97u+dhi
GB1fvfOSQvF08KY2ml9CyPBVGuzP/7nS5qfS8k43raZxoJHpKmjNzYAe309dDKzS
f7W6F6jqpc7K0fqYgRdccSEXhHA1WMZ/Q1/CN6bq17439LWJfQtTmNIPbwuCloRF
6PaJSxGa3Ym1oosLTJWoDGBNhedRVxN7oY/PkRBlZT9w8PvyUQ5xaobCudBxBfxV
IJoI4Zrdg0Z9ZvM927LTZJsUWgqSvnBmXAAIzk4SRlMFPeEmB1FdhQQttS+t2gT5
dM63tmoXnBdzpGbcZgU2QSJfcHWW/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org