Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1dV2tRKrlwMp_a0qWaH4fGipTJA.roa
File:                     1dV2tRKrlwMp_a0qWaH4fGipTJA.roa (raw, json)
Hash identifier:          tYTsdJTxqOloVY7cU7nJlcI6C2MjyQBVSZ7zZcJ1BNM=
Subject key identifier:   D5:D5:76:B5:12:AB:97:03:29:FD:AD:2A:59:A1:F8:7C:68:A9:4C:90
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       107F656D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1dV2tRKrlwMp_a0qWaH4fGipTJA.roa
Signing time:             Sat 01 Jan 2022 09:04:50 +0000
ROA not before:           Sat 01 Jan 2022 09:04:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60998
IP address blocks:        2a0e:b107:6e9::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 276784493 (0x107f656d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d5d576b512ab970329fdad2a59a1f87c68a94c90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:6c:ad:74:e0:0c:57:30:7f:5a:30:4f:0e:56:
                    cf:eb:96:e7:c7:ab:c2:b9:53:77:52:5b:1e:c9:d0:
                    e9:83:b3:26:6a:20:54:1f:86:b0:ae:d5:68:0e:ca:
                    66:65:8e:84:a2:7d:6e:0f:bb:0a:94:fa:63:66:50:
                    f6:6f:0e:0a:02:1a:62:ed:b5:c9:6a:77:c0:3a:b4:
                    86:04:3c:5d:22:ce:3e:f0:2e:5b:be:06:c6:ea:3f:
                    8e:83:2e:de:4f:0a:1b:eb:18:cf:4d:88:f5:11:50:
                    82:78:35:f1:be:1c:99:a1:41:ed:21:5c:20:c8:02:
                    bb:0c:69:f5:d6:99:ea:22:e2:89:d4:c4:f5:55:de:
                    ef:f8:cf:c2:f2:bb:91:0f:75:07:d0:08:ff:d6:4a:
                    10:a3:37:95:9e:79:f4:3e:40:b1:d3:26:93:b9:f5:
                    1d:07:98:8f:0d:29:35:cf:ac:03:4d:50:24:be:9a:
                    c4:53:c7:a8:ea:77:9d:01:56:ba:c3:8c:01:4b:2c:
                    4f:42:59:7f:21:dd:2d:3b:3b:34:84:45:79:d5:cd:
                    71:10:f6:c1:ef:83:2f:dd:c5:81:1c:85:a8:ce:67:
                    54:04:18:c0:e2:78:72:6b:13:aa:49:57:8d:f7:c8:
                    55:d3:84:f3:53:98:d6:67:d8:22:4e:fa:28:6d:12:
                    70:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D5:76:B5:12:AB:97:03:29:FD:AD:2A:59:A1:F8:7C:68:A9:4C:90
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1dV2tRKrlwMp_a0qWaH4fGipTJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:6e9::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:74:fe:a1:2b:16:0d:65:16:5e:30:10:61:40:11:03:27:ea:
         a3:87:7e:6a:f6:40:f0:87:6e:f0:2a:7b:23:5d:cd:c7:17:60:
         9b:c5:23:b9:0c:00:43:e7:c8:ff:1d:51:82:ad:9f:22:a8:5e:
         1b:71:e2:25:20:a5:98:10:18:f0:3a:37:7d:02:95:60:97:3a:
         a6:e3:b4:3d:95:13:62:c5:ca:7a:48:ff:26:8b:1f:dd:b7:e5:
         ee:8c:1b:5e:c2:6c:62:54:69:d0:38:cc:42:8a:30:58:a3:56:
         04:e0:7b:25:f8:ce:1f:4c:73:aa:4e:1b:33:97:17:91:58:3d:
         fe:ce:9a:19:fb:5a:35:2e:a8:04:5d:96:55:27:e9:eb:72:89:
         91:37:1d:07:fe:79:61:9b:d3:8a:75:1b:00:76:67:06:37:de:
         84:06:70:4f:cf:c7:98:0d:ca:78:36:b5:10:01:7b:47:52:94:
         9c:41:f6:65:98:84:12:8c:dc:26:5d:f6:6f:0c:97:17:ea:d9:
         a0:9b:2b:1e:59:a1:4d:3b:4e:46:19:7d:e4:5b:4b:0d:c2:92:
         85:3d:84:79:95:43:28:ed:48:5a:ea:2b:bb:bb:b6:46:f0:4a:
         a8:20:0b:15:10:d5:4c:8d:f5:bd:aa:88:e6:79:94:df:47:89:
         f0:35:b0:15
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEH9lbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVkNTc2YjUxMmFi
OTcwMzI5ZmRhZDJhNTlhMWY4N2M2OGE5NGM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIRsrXTgDFcwf1owTw5Wz+uW58erwrlTd1JbHsnQ6YOzJmog
VB+GsK7VaA7KZmWOhKJ9bg+7CpT6Y2ZQ9m8OCgIaYu21yWp3wDq0hgQ8XSLOPvAu
W74Gxuo/joMu3k8KG+sYz02I9RFQgng18b4cmaFB7SFcIMgCuwxp9daZ6iLiidTE
9VXe7/jPwvK7kQ91B9AI/9ZKEKM3lZ559D5AsdMmk7n1HQeYjw0pNc+sA01QJL6a
xFPHqOp3nQFWusOMAUssT0JZfyHdLTs7NIRFedXNcRD2we+DL93FgRyFqM5nVAQY
wOJ4cmsTqklXjffIVdOE81OY1mfYIk76KG0ScKkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTV1Xa1EquXAyn9rSpZofh8aKlMkDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzFkVjJ0UktybHdNcF9hMHFXYUg0ZkdpcFRKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcG6TANBgkqhkiG9w0BAQsF
AAOCAQEAhnT+oSsWDWUWXjAQYUARAyfqo4d+avZA8Idu8Cp7I13Nxxdgm8UjuQwA
Q+fI/x1Rgq2fIqheG3HiJSClmBAY8Do3fQKVYJc6puO0PZUTYsXKekj/Josf3bfl
7owbXsJsYlRp0DjMQoowWKNWBOB7JfjOH0xzqk4bM5cXkVg9/s6aGftaNS6oBF2W
VSfp63KJkTcdB/55YZvTinUbAHZnBjfehAZwT8/HmA3KeDa1EAF7R1KUnEH2ZZiE
EozcJl32bwyXF+rZoJsrHlmhTTtORhl95FtLDcKShT2EeZVDKO1IWuoru7u2RvBK
qCALFRDVTI31vaqI5nmU30eJ8DWwFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org