Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QJswqYLJtsT6Q9MjB5v8s8elY4.roa
File:                     0QJswqYLJtsT6Q9MjB5v8s8elY4.roa (raw, json)
Hash identifier:          b5blnMRnuqODOj4ybk4feuOire8tT8mzTxdpsJTIK3s=
Subject key identifier:   D1:02:6C:C2:A6:0B:26:DB:13:E9:0F:4C:8C:1E:6F:F2:CF:1E:95:8E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       131FC892
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QJswqYLJtsT6Q9MjB5v8s8elY4.roa
Signing time:             Wed 23 Mar 2022 21:18:41 +0000
ROA not before:           Wed 23 Mar 2022 21:18:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206895
IP address blocks:        2a0e:97c0:a10::/48 maxlen: 48
                          2a10:cc40:15e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320850066 (0x131fc892)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 23 21:18:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1026cc2a60b26db13e90f4c8c1e6ff2cf1e958e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a9:04:33:8e:e8:03:0f:42:33:78:a4:64:d7:
                    e5:8c:f0:49:d5:40:e1:fa:c8:85:b8:c4:d0:ed:0b:
                    83:18:41:06:1a:4c:fd:85:2b:b5:37:16:59:7e:81:
                    3b:39:01:d7:6d:2e:44:22:95:c1:bc:0d:de:b3:2d:
                    65:82:a6:70:20:34:26:80:37:24:ff:0b:52:67:b0:
                    c0:7d:cc:27:53:d7:93:cb:73:58:48:c6:09:09:c0:
                    44:25:88:b4:ad:01:50:c2:bb:81:9f:49:12:e6:5f:
                    29:bc:fe:31:ce:a6:5e:82:b7:bf:cb:10:38:82:c1:
                    40:3a:3c:2f:f8:51:d2:4a:de:1d:0a:42:4d:b0:1d:
                    60:39:c3:9a:25:0a:10:49:77:0e:bd:f7:45:fe:2d:
                    5e:4f:4e:0a:67:e5:ea:09:56:2d:83:2d:7e:f6:57:
                    93:3b:42:6e:10:1d:24:35:dc:10:ef:45:ef:48:b0:
                    3f:b6:49:fa:4b:e3:2c:33:09:0d:f0:fc:2b:fc:87:
                    f1:95:2b:96:4b:15:3e:93:b3:b8:87:11:39:c7:fd:
                    5c:f1:9a:84:04:ef:e0:f9:5d:e8:0a:99:42:2a:e5:
                    61:2c:cd:7e:ff:1c:23:4e:27:78:19:4e:f7:2d:d9:
                    7d:af:13:3c:cc:63:b8:9c:67:77:4a:1e:a3:d4:e0:
                    1d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:02:6C:C2:A6:0B:26:DB:13:E9:0F:4C:8C:1E:6F:F2:CF:1E:95:8E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QJswqYLJtsT6Q9MjB5v8s8elY4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:a10::/48
                  2a10:cc40:15e::/48

    Signature Algorithm: sha256WithRSAEncryption
         b7:31:ea:a2:7e:66:b5:d8:96:1c:15:b5:3b:f2:a9:80:40:0a:
         aa:e4:a0:a7:cb:15:26:3b:7e:55:d8:0f:9e:c5:b1:ff:20:51:
         71:32:1b:a9:ac:86:53:56:f3:c1:6a:0b:c5:7e:9b:b0:63:de:
         17:13:95:6d:38:cf:fc:3b:35:de:3b:eb:81:59:cf:52:45:35:
         76:65:39:bd:87:c1:68:5e:87:06:81:37:6f:ca:71:48:47:6b:
         15:d1:99:6b:f3:52:23:6b:fa:43:c9:1d:25:fa:95:e2:68:b0:
         35:0d:c2:79:f9:1f:ce:cb:0f:16:08:23:2f:dc:f6:c8:e2:97:
         af:82:d1:33:27:11:77:2f:55:58:56:13:08:b4:34:fd:c3:61:
         5e:b7:d4:86:55:2d:b0:01:5b:d3:7b:ec:d9:fd:19:2f:d8:a5:
         44:a2:aa:02:a2:e3:c9:3c:9c:b7:5a:ed:68:56:4d:47:dc:6e:
         9a:5b:eb:dc:cd:74:83:38:c5:98:15:ee:c2:61:01:1b:01:04:
         2c:60:b4:83:33:9e:1b:82:b3:a1:a4:63:dc:68:15:8c:05:e7:
         54:da:b8:58:36:8a:93:40:d5:8d:b6:7b:4d:0e:c4:4d:45:17:
         17:01:51:38:05:9d:65:af:cf:c1:26:2b:97:6d:cd:a0:31:0d:
         dd:99:00:1e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEx/IkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
MzIxMTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEwMjZjYzJhNjBi
MjZkYjEzZTkwZjRjOGMxZTZmZjJjZjFlOTU4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGpBDOO6AMPQjN4pGTX5YzwSdVA4frIhbjE0O0LgxhBBhpM
/YUrtTcWWX6BOzkB120uRCKVwbwN3rMtZYKmcCA0JoA3JP8LUmewwH3MJ1PXk8tz
WEjGCQnARCWItK0BUMK7gZ9JEuZfKbz+Mc6mXoK3v8sQOILBQDo8L/hR0kreHQpC
TbAdYDnDmiUKEEl3Dr33Rf4tXk9OCmfl6glWLYMtfvZXkztCbhAdJDXcEO9F70iw
P7ZJ+kvjLDMJDfD8K/yH8ZUrlksVPpOzuIcROcf9XPGahATv4Pld6AqZQirlYSzN
fv8cI04neBlO9y3Zfa8TPMxjuJxnd0oeo9TgHSMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTRAmzCpgsm2xPpD0yMHm/yzx6VjjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzBRSnN3cVlMSnRzVDZROU1qQjV2OHM4ZWxZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOl8AKEAMHACoQzEABXjANBgkq
hkiG9w0BAQsFAAOCAQEAtzHqon5mtdiWHBW1O/KpgEAKquSgp8sVJjt+VdgPnsWx
/yBRcTIbqayGU1bzwWoLxX6bsGPeFxOVbTjP/Ds13jvrgVnPUkU1dmU5vYfBaF6H
BoE3b8pxSEdrFdGZa/NSI2v6Q8kdJfqV4miwNQ3CefkfzssPFggjL9z2yOKXr4LR
MycRdy9VWFYTCLQ0/cNhXrfUhlUtsAFb03vs2f0ZL9ilRKKqAqLjyTyct1rtaFZN
R9xumlvr3M10gzjFmBXuwmEBGwEELGC0gzOeG4KzoaRj3GgVjAXnVNq4WDaKk0DV
jbZ7TQ7ETUUXFwFROAWdZa/PwSYrl23NoDEN3ZkAHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org