Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa
File:                     1-J3owwjrS_UAfpSqfvDHMbwMasE.roa (raw, json)
Hash identifier:          YD2ZP8SH3TqCGw45+i7c13luTnhVgNUITY9JCwzcLqk=
Subject key identifier:   F8:9D:E8:C3:08:EB:4B:F5:00:7E:94:AA:7E:F0:C7:31:BC:0C:6A:C1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01840D5AFDCF294B71F5F365CBACEC8CB461
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa
Signing time:             Tue 25 Oct 2022 04:16:17 +0000
ROA not before:           Tue 25 Oct 2022 04:16:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202256
IP address blocks:        2a0e:97c6:4000::/34 maxlen: 48
                          2a0e:97c1:800::/37 maxlen: 48
                          2a10:cc42:1000::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0d:5a:fd:cf:29:4b:71:f5:f3:65:cb:ac:ec:8c:b4:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 25 04:16:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f89de8c308eb4bf5007e94aa7ef0c731bc0c6ac1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fd:2c:97:5f:92:40:20:4f:18:c8:43:ab:ba:
                    cb:6c:e5:48:2d:fa:5c:e5:f7:dd:22:81:f6:49:af:
                    88:4f:fe:1a:ec:7a:92:9e:d1:50:7e:12:13:27:fe:
                    4f:c9:87:f6:60:21:a2:73:0f:de:d7:98:2b:94:1a:
                    04:f8:e9:61:0b:96:44:07:52:0f:0e:77:a6:71:75:
                    56:d2:e0:6c:ab:c0:e0:70:da:16:9b:33:bb:13:01:
                    41:df:bf:b0:76:6d:74:72:d2:f1:12:be:2c:8b:b3:
                    21:7e:1b:bf:85:9a:ba:26:0b:01:95:28:23:2b:42:
                    d6:e9:b3:94:32:d5:cc:cd:80:e0:e0:85:64:71:88:
                    bb:33:bc:d0:38:b4:c9:bc:ed:c4:03:a2:bb:76:fd:
                    98:c2:07:dc:6c:84:34:03:a6:cd:14:55:ca:2f:f0:
                    3e:b1:e3:40:5a:76:2a:6a:f5:39:a6:1d:b6:58:50:
                    47:cb:4b:c8:9b:ae:21:d0:ae:04:ee:cc:2d:73:85:
                    1a:a1:16:1d:48:4f:51:09:34:9e:8f:83:06:3e:c1:
                    6d:a9:0f:dc:72:a9:7e:d0:50:1e:12:c7:db:bf:21:
                    f6:80:0b:d4:f9:a7:9b:c9:79:a2:89:5e:f1:0d:26:
                    65:9a:0d:ec:d7:76:df:d1:72:91:1b:64:cf:cc:b9:
                    dc:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:9D:E8:C3:08:EB:4B:F5:00:7E:94:AA:7E:F0:C7:31:BC:0C:6A:C1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-J3owwjrS_UAfpSqfvDHMbwMasE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c1:800::/37
                  2a0e:97c6:4000::/34
                  2a10:cc42:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         96:3e:d5:5c:5e:f9:bb:04:b7:a1:f6:d0:35:23:d7:76:bb:6f:
         25:c9:1a:63:54:87:8d:01:74:55:41:01:69:4d:99:03:12:49:
         73:6d:bb:e4:7c:34:cf:09:6a:11:7c:dd:fe:8b:1a:2b:45:66:
         86:22:f1:87:98:ee:ad:0a:22:9a:78:e6:82:52:82:00:6f:22:
         55:77:f3:ff:d2:ed:1c:3b:3a:6a:38:86:49:ae:e1:4c:5a:39:
         2a:23:87:2e:e0:fd:03:1a:3e:70:6e:96:1e:2a:a5:88:95:a8:
         ea:a9:82:e8:3f:6c:a6:e6:10:4a:2c:88:ce:75:56:13:04:5f:
         0b:e4:b9:cd:4f:5d:64:8d:c1:49:45:31:79:b2:ee:2b:cf:65:
         76:5e:1c:e5:5a:4e:79:a7:e2:ba:fa:c6:da:0c:4d:5a:01:c9:
         a6:b3:02:07:2d:e7:e9:75:f5:66:8a:e2:d4:a9:6b:ef:57:b3:
         40:94:05:4c:ab:5b:20:bb:23:b4:38:57:9c:13:27:32:8c:4d:
         61:fd:7b:c2:26:93:24:24:9f:e3:ae:30:0f:ae:45:a0:ae:a0:
         c0:73:22:38:68:b5:0d:f9:0a:e6:55:e9:c6:13:53:3b:a1:4d:
         de:a9:0b:9f:9b:94:41:ef:a8:85:7c:48:c0:5c:3c:26:8d:01:
         63:61:bb:69
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYQNWv3PKUtx9fNly6zsjLRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MDQxNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODlkZThjMzA4ZWI0YmY1MDA3ZTk0YWE3ZWYwYzczMWJjMGM2YWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/0sl1+SQCBPGMhDq7rLbOVILfpc
5ffdIoH2Sa+IT/4a7HqSntFQfhITJ/5PyYf2YCGicw/e15grlBoE+OlhC5ZEB1IP
DnemcXVW0uBsq8DgcNoWmzO7EwFB37+wdm10ctLxEr4si7Mhfhu/hZq6JgsBlSgj
K0LW6bOUMtXMzYDg4IVkcYi7M7zQOLTJvO3EA6K7dv2YwgfcbIQ0A6bNFFXKL/A+
seNAWnYqavU5ph22WFBHy0vIm64h0K4E7swtc4UaoRYdSE9RCTSej4MGPsFtqQ/c
cql+0FAeEsfbvyH2gAvU+aebyXmiiV7xDSZlmg3s13bf0XKRG2TPzLncjQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPid6MMI60v1AH6Uqn7wxzG8DGrBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1KM293d2pyU19VQWZwU3FmdkRITWJ3TWFzRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAIwGAMGAyoOl8EI
AwYGKg6XxkADBgQqEMxCEDANBgkqhkiG9w0BAQsFAAOCAQEAlj7VXF75uwS3ofbQ
NSPXdrtvJckaY1SHjQF0VUEBaU2ZAxJJc2275Hw0zwlqEXzd/osaK0VmhiLxh5ju
rQoimnjmglKCAG8iVXfz/9LtHDs6ajiGSa7hTFo5KiOHLuD9Axo+cG6WHiqliJWo
6qmC6D9spuYQSiyIznVWEwRfC+S5zU9dZI3BSUUxebLuK89ldl4c5VpOeafiuvrG
2gxNWgHJprMCBy3n6XX1Zori1Klr71ezQJQFTKtbILsjtDhXnBMnMoxNYf17wiaT
JCSf464wD65FoK6gwHMiOGi1DfkK5lXpxhNTO6FN3qkLn5uUQe+ohXxIwFw8Jo0B
Y2G7aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org