Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XEolWPvsulqlZcmplXR8MkaoMw.roa
File:                     1-XEolWPvsulqlZcmplXR8MkaoMw.roa (raw, json)
Hash identifier:          F+Y73rXp6Ym0w0yOqmLOk/0XYHISXmNrlo3aJKa+nIk=
Subject key identifier:   F9:71:28:95:63:EF:B2:E9:6A:95:97:26:A6:55:D1:F0:C9:1A:A0:CC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       108C0AC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XEolWPvsulqlZcmplXR8MkaoMw.roa
Signing time:             Sat 01 Jan 2022 09:04:56 +0000
ROA not before:           Sat 01 Jan 2022 09:04:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142282
IP address blocks:        2a0e:b107:120f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277613251 (0x108c0ac3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f971289563efb2e96a959726a655d1f0c91aa0cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c4:d3:2d:a7:7b:84:11:47:8e:5c:36:60:9d:
                    16:6d:13:38:ff:01:50:01:b8:e8:47:ce:31:e0:98:
                    52:f1:8b:6c:8a:24:fb:37:18:4c:a5:9a:c3:7c:3c:
                    73:00:c5:fe:c7:69:17:51:72:43:2c:6e:cf:6b:6c:
                    c8:d6:a2:a4:a7:11:64:69:3c:76:82:77:e0:6d:68:
                    62:be:55:d1:45:39:b1:6a:8b:54:b3:a4:18:b8:c2:
                    8d:41:44:73:25:5a:4a:58:db:0d:32:73:45:3b:a1:
                    57:98:a6:b3:13:03:32:74:09:16:d8:8a:cd:a2:8d:
                    5e:70:74:13:6a:30:f4:5d:28:70:6f:48:27:e4:a0:
                    45:86:7e:a1:44:a9:98:85:39:33:f1:7d:5c:27:76:
                    c0:e1:01:f9:ef:5f:83:0b:cb:f5:80:20:07:1a:50:
                    f5:bd:dd:34:01:fc:02:34:5f:c5:7e:a6:f8:dc:46:
                    a7:45:6e:42:23:cc:8a:3b:44:b8:26:f7:18:45:07:
                    f3:e8:ba:72:ea:b4:9e:29:9e:d8:e9:9d:92:69:df:
                    32:9d:2e:f9:39:1d:dd:6a:4f:84:10:e8:b2:2e:ea:
                    72:e3:c1:91:e0:0c:40:2e:9e:08:20:be:6d:50:74:
                    2e:fa:e2:99:9d:75:78:0d:7a:bd:01:71:15:9b:b1:
                    27:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:71:28:95:63:EF:B2:E9:6A:95:97:26:A6:55:D1:F0:C9:1A:A0:CC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XEolWPvsulqlZcmplXR8MkaoMw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:120f::/48

    Signature Algorithm: sha256WithRSAEncryption
         bc:30:28:69:38:cd:47:45:2c:21:2d:91:0b:15:2c:cb:7b:1a:
         22:83:fd:8d:da:b1:6d:52:57:e5:4c:33:af:9a:46:47:9b:2b:
         64:23:66:1c:fb:cf:ac:fe:0b:d1:79:9c:90:fe:e9:a5:d0:d1:
         3f:81:1a:3a:3f:cd:22:c9:ec:2a:30:ab:fb:a2:8c:86:94:ad:
         99:02:34:61:76:0c:51:a0:5e:f3:cd:49:db:d6:34:30:b0:c8:
         a8:03:59:f7:e4:25:c9:99:e7:ac:29:a1:16:7b:9d:3d:d8:ed:
         a9:16:f6:64:e8:53:93:e5:3a:2d:e6:58:6c:c4:65:ec:0a:d2:
         2a:57:90:74:0f:08:08:3c:4d:4c:3c:00:55:fa:5f:55:d0:61:
         e0:99:fe:cf:02:fe:da:c4:ec:39:95:cb:7c:30:c2:c2:b8:de:
         47:a6:16:3f:86:61:91:a9:bb:ea:b1:18:69:bb:80:b7:59:0e:
         b5:c9:20:73:99:e0:d4:1a:a9:85:11:35:0e:27:dd:f5:93:6a:
         a5:45:01:e1:4a:a2:ae:9f:18:dc:9d:27:14:38:1e:14:55:c6:
         20:db:70:df:29:56:93:fa:2c:06:45:61:0d:79:91:e2:6e:69:
         c7:03:99:64:9f:2e:27:32:51:75:3f:3d:7d:31:8a:5f:a3:fe:
         0e:ce:62:f3
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEEIwKwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk3MTI4OTU2M2Vm
YjJlOTZhOTU5NzI2YTY1NWQxZjBjOTFhYTBjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKLE0y2ne4QRR45cNmCdFm0TOP8BUAG46EfOMeCYUvGLbIok
+zcYTKWaw3w8cwDF/sdpF1FyQyxuz2tsyNaipKcRZGk8doJ34G1oYr5V0UU5sWqL
VLOkGLjCjUFEcyVaSljbDTJzRTuhV5imsxMDMnQJFtiKzaKNXnB0E2ow9F0ocG9I
J+SgRYZ+oUSpmIU5M/F9XCd2wOEB+e9fgwvL9YAgBxpQ9b3dNAH8AjRfxX6m+NxG
p0VuQiPMijtEuCb3GEUH8+i6cuq0nime2OmdkmnfMp0u+Tkd3WpPhBDosi7qcuPB
keAMQC6eCCC+bVB0LvrimZ11eA16vQFxFZuxJ3sCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBT5cSiVY++y6WqVlyamVdHwyRqgzDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzEtWEVvbFdQdnN1bHFsWmNtcGxYUjhNa2FvTXcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUx
LzQ5NTdhNC1jZTU5LTQzMTUtOTk3Ni1kYzVlYzc0OGY2YTUvMS9ZLWtXY1hxeEhN
enhIdkg3WEJMdVFaVVByWnMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
IgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqDrEHEg8wDQYJKoZIhvcNAQEL
BQADggEBALwwKGk4zUdFLCEtkQsVLMt7GiKD/Y3asW1SV+VMM6+aRkebK2QjZhz7
z6z+C9F5nJD+6aXQ0T+BGjo/zSLJ7Cowq/uijIaUrZkCNGF2DFGgXvPNSdvWNDCw
yKgDWffkJcmZ56wpoRZ7nT3Y7akW9mToU5PlOi3mWGzEZewK0ipXkHQPCAg8TUw8
AFX6X1XQYeCZ/s8C/trE7DmVy3wwwsK43kemFj+GYZGpu+qxGGm7gLdZDrXJIHOZ
4NQaqYURNQ4n3fWTaqVFAeFKoq6fGNydJxQ4HhRVxiDbcN8pVpP6LAZFYQ15keJu
accDmWSfLicyUXU/PX0xil+j/g7OYvM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org