Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2wUva9SgtbJyX5ITywVNiff0qN0.roa
File:                     2wUva9SgtbJyX5ITywVNiff0qN0.roa (raw, json)
Hash identifier:          y3+5H323ybMLAZzcsktGQF54CyLlC7DfAy4xqzEHKDA=
Subject key identifier:   DB:05:2F:6B:D4:A0:B5:B2:72:5F:92:13:CB:05:4D:89:F7:F4:A8:DD
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183FEA7CB020233637454E5ECCE4027F7DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2wUva9SgtbJyX5ITywVNiff0qN0.roa
Signing time:             Sat 22 Oct 2022 07:45:52 +0000
ROA not before:           Sat 22 Oct 2022 07:45:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211685
IP address blocks:        2a0e:97c0:250::/44 maxlen: 48
                          2a0e:97c0:250::/48 maxlen: 48
                          2a0e:97c0:251::/48 maxlen: 48
                          2a0e:97c0:252::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:fe:a7:cb:02:02:33:63:74:54:e5:ec:ce:40:27:f7:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 22 07:45:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db052f6bd4a0b5b2725f9213cb054d89f7f4a8dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ec:18:26:fd:1c:1e:0b:38:ba:8f:ca:d5:5b:
                    72:48:79:b7:ab:f9:c0:c3:06:d9:cc:db:74:16:e2:
                    30:09:84:ce:10:26:37:98:3b:17:17:10:f5:69:36:
                    c9:ac:5f:cf:ae:b7:43:2a:7a:bf:a0:65:df:54:6b:
                    5a:ac:f6:b8:71:1d:fd:d6:b7:db:6f:b0:2a:50:67:
                    d2:66:da:b2:a3:49:5c:95:cf:37:fd:ac:f5:f0:4f:
                    6c:06:df:2b:0d:0c:44:43:94:7d:aa:a3:e5:9c:63:
                    22:c5:ac:45:eb:ad:4d:dc:b6:8e:ef:c4:54:ba:c4:
                    7f:41:d7:c5:e4:fb:b1:ca:d4:c3:ec:7a:92:3b:60:
                    14:c1:a3:57:5b:f5:dc:89:8c:e7:cc:15:95:e3:96:
                    45:0e:a9:6d:1d:86:5c:71:89:e1:69:c1:47:7e:7b:
                    8f:df:d5:e4:2a:83:c6:43:26:77:02:9f:44:b6:85:
                    0c:aa:b8:70:70:16:7d:98:25:42:3e:59:21:5c:9c:
                    cc:88:e2:17:8e:8c:b9:12:11:f5:80:ca:df:1a:ea:
                    2a:09:3a:82:b5:92:b3:52:a1:f2:22:15:aa:01:0c:
                    af:34:e1:4b:28:d0:95:c0:1a:a0:4e:3f:58:9d:76:
                    54:8b:da:14:36:52:14:96:cc:77:c6:0c:fd:8e:98:
                    a0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:05:2F:6B:D4:A0:B5:B2:72:5F:92:13:CB:05:4D:89:F7:F4:A8:DD
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2wUva9SgtbJyX5ITywVNiff0qN0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:250::/44

    Signature Algorithm: sha256WithRSAEncryption
         93:8a:09:85:82:a2:95:b3:a6:07:83:3c:75:6c:c0:22:08:f3:
         64:3f:ee:83:7c:e3:7d:94:d7:54:2b:1b:51:66:f4:68:9b:b4:
         eb:ad:e0:d9:61:dc:8c:f8:96:80:1b:69:4d:f3:49:1f:58:ff:
         ad:8e:61:07:2e:03:b3:58:27:bb:da:52:99:d2:22:dd:a5:f3:
         27:8d:89:2b:0b:b7:b9:6b:10:3e:c0:70:06:08:8f:36:47:92:
         aa:fc:ed:10:07:68:07:0a:74:8d:f0:7d:bf:fa:7b:aa:e9:b8:
         6e:01:7a:cb:71:e7:fa:b9:bd:2a:da:7c:98:9e:5b:cd:3a:e6:
         05:e7:a2:ec:1f:b1:42:40:a0:ce:b9:e6:bd:35:85:5c:89:2b:
         0f:34:8f:2d:eb:fe:17:c6:5a:2b:b9:65:dc:99:43:15:3b:eb:
         e4:a3:d4:92:b6:40:32:1a:5b:f0:25:4f:06:53:39:02:ad:2e:
         f0:49:48:a7:07:d0:76:29:b6:73:53:59:05:23:5c:01:c0:59:
         c8:6e:40:47:68:96:1d:10:70:81:d6:9f:e3:98:3b:cf:63:df:
         71:52:5f:19:27:f4:f8:dd:b5:98:8a:a0:36:1f:6a:31:4d:d3:
         a3:33:9a:75:35:48:fc:73:9a:ac:b3:b7:9a:48:8c:d0:fc:93:
         43:60:b5:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYP+p8sCAjNjdFTl7M5AJ/fdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIyMDc0NTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjA1MmY2YmQ0YTBiNWIyNzI1ZjkyMTNjYjA1NGQ4OWY3ZjRhOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+wYJv0cHgs4uo/K1VtySHm3q/nA
wwbZzNt0FuIwCYTOECY3mDsXFxD1aTbJrF/PrrdDKnq/oGXfVGtarPa4cR391rfb
b7AqUGfSZtqyo0lclc83/az18E9sBt8rDQxEQ5R9qqPlnGMixaxF661N3LaO78RU
usR/QdfF5PuxytTD7HqSO2AUwaNXW/XciYznzBWV45ZFDqltHYZccYnhacFHfnuP
39XkKoPGQyZ3Ap9EtoUMqrhwcBZ9mCVCPlkhXJzMiOIXjoy5EhH1gMrfGuoqCTqC
tZKzUqHyIhWqAQyvNOFLKNCVwBqgTj9YnXZUi9oUNlIUlsx3xgz9jpigPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNsFL2vUoLWycl+SE8sFTYn39KjdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMndVdmE5U2d0Ykp5WDVJVHl3Vk5pZmYwcU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCTigmFgqKVs6YHgzx1bMAiCPNkP+6DfON9lNdU
KxtRZvRom7TrreDZYdyM+JaAG2lN80kfWP+tjmEHLgOzWCe72lKZ0iLdpfMnjYkr
C7e5axA+wHAGCI82R5Kq/O0QB2gHCnSN8H2/+nuq6bhuAXrLcef6ub0q2nyYnlvN
OuYF56LsH7FCQKDOuea9NYVciSsPNI8t6/4XxloruWXcmUMVO+vko9SStkAyGlvw
JU8GUzkCrS7wSUinB9B2KbZzU1kFI1wBwFnIbkBHaJYdEHCB1p/jmDvPY99xUl8Z
J/T43bWYiqA2H2oxTdOjM5p1NUj8c5qss7eaSIzQ/JNDYLXk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org