Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/34JbCRQdjiAWPzRDlJyfyibU3Zw.roa
File:                     34JbCRQdjiAWPzRDlJyfyibU3Zw.roa (raw, json)
Hash identifier:          dABJOdG7PZtmkUbzexJqzI/g/UQkvOlDhuvIAwy/e8s=
Subject key identifier:   DF:82:5B:09:14:1D:8E:20:16:3F:34:43:94:9C:9F:CA:26:D4:DD:9C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       11D777BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/34JbCRQdjiAWPzRDlJyfyibU3Zw.roa
Signing time:             Wed 09 Feb 2022 17:37:24 +0000
ROA not before:           Wed 09 Feb 2022 17:37:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210732
IP address blocks:        2a0e:b107:9b0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 299333562 (0x11d777ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  9 17:37:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df825b09141d8e20163f3443949c9fca26d4dd9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2a:d9:a7:81:54:ec:3f:4c:c6:d7:ab:a1:57:
                    44:6f:a7:8e:c5:ac:26:07:98:b2:e7:b8:95:cb:51:
                    4d:18:39:0e:3a:48:f7:b4:7f:9a:01:7f:ae:9a:91:
                    49:ff:5f:6c:4b:ca:0b:91:27:00:93:61:e3:bf:75:
                    27:21:18:06:94:6a:a6:57:1a:c0:2d:5d:75:5f:58:
                    6e:11:76:2f:5c:ee:cb:ec:48:a2:37:75:89:15:5b:
                    44:a5:d9:59:e4:cb:a3:8c:f2:bb:3f:49:21:8c:43:
                    3a:32:b6:e4:7b:9d:bb:b7:f8:d8:5e:b2:be:a7:2d:
                    9b:fb:88:f2:a4:0a:c6:d8:98:0b:e4:bb:91:97:ae:
                    af:a4:29:03:5b:51:b9:b9:e2:73:97:7d:4b:e3:be:
                    95:b8:52:9f:41:70:95:8a:d9:e4:9f:04:98:32:1f:
                    80:49:fb:2b:2b:66:60:d5:e6:b4:27:44:97:ee:44:
                    38:3e:5b:c1:9e:0f:db:8b:0e:ca:17:3d:50:cd:aa:
                    07:76:d0:ac:31:25:83:7a:e3:34:ca:1f:bf:fa:3a:
                    96:d8:f5:8c:45:dc:d9:90:19:b3:2b:68:61:97:b7:
                    a6:00:7e:93:a9:9e:63:ec:28:fe:2c:45:07:64:bc:
                    0a:2b:29:be:dd:a8:bd:8c:4b:70:02:75:9f:65:9e:
                    b2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:82:5B:09:14:1D:8E:20:16:3F:34:43:94:9C:9F:CA:26:D4:DD:9C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/34JbCRQdjiAWPzRDlJyfyibU3Zw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:9b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         16:69:e8:f6:8d:4b:12:c0:f7:8f:93:24:ff:a5:74:cc:87:65:
         fc:ae:18:a7:6e:8b:1a:ef:05:58:88:19:50:7d:07:ed:d3:3b:
         b6:a2:30:e3:4a:e7:cb:f3:b4:47:98:66:eb:20:7a:1d:3f:41:
         43:68:0c:3c:4e:c4:82:63:e7:8d:4c:9e:5f:e7:99:3a:9d:9a:
         f0:a0:ed:5e:4b:42:0c:a9:51:9a:c2:a9:86:a4:f3:eb:55:4d:
         57:6b:81:1a:e8:95:7b:2f:f2:84:b8:f8:8d:a4:86:41:dc:ef:
         f4:45:d9:b4:1a:9b:dd:e0:16:4f:e3:1e:a6:b0:84:44:b2:61:
         1a:53:3b:67:81:68:97:d0:8e:20:f3:65:08:a8:7f:be:ba:e1:
         d3:1d:31:e5:88:cf:df:86:58:1d:22:2c:b3:45:65:bb:aa:95:
         b1:f0:03:8e:c7:e6:3b:60:28:a2:d4:15:7c:be:0b:ab:2d:3d:
         9a:af:74:6c:80:15:1a:d0:f3:79:e4:31:ff:8b:fd:03:32:ad:
         b7:6c:f3:2c:fd:65:c8:cf:ac:38:62:24:29:ef:cb:d6:15:d4:
         f1:39:d8:d4:c3:42:cb:55:36:54:87:a5:56:7f:56:7a:d8:0f:
         c9:bb:bc:78:1d:db:8c:52:d1:b3:63:31:c6:55:57:a1:fd:5b:
         28:79:39:8f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEdd3ujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIw
OTE3MzcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY4MjViMDkxNDFk
OGUyMDE2M2YzNDQzOTQ5YzlmY2EyNmQ0ZGQ5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUq2aeBVOw/TMbXq6FXRG+njsWsJgeYsue4lctRTRg5DjpI
97R/mgF/rpqRSf9fbEvKC5EnAJNh4791JyEYBpRqplcawC1ddV9YbhF2L1zuy+xI
ojd1iRVbRKXZWeTLo4zyuz9JIYxDOjK25Hudu7f42F6yvqctm/uI8qQKxtiYC+S7
kZeur6QpA1tRubnic5d9S+O+lbhSn0FwlYrZ5J8EmDIfgEn7KytmYNXmtCdEl+5E
OD5bwZ4P24sOyhc9UM2qB3bQrDElg3rjNMofv/o6ltj1jEXc2ZAZsytoYZe3pgB+
k6meY+wo/ixFB2S8Cispvt2ovYxLcAJ1n2WespsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTfglsJFB2OIBY/NEOUnJ/KJtTdnDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzM0SmJDUlFkamlBV1B6UkRsSnlmeWliVTNady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcJsDANBgkqhkiG9w0BAQsF
AAOCAQEAFmno9o1LEsD3j5Mk/6V0zIdl/K4Yp26LGu8FWIgZUH0H7dM7tqIw40rn
y/O0R5hm6yB6HT9BQ2gMPE7EgmPnjUyeX+eZOp2a8KDtXktCDKlRmsKphqTz61VN
V2uBGuiVey/yhLj4jaSGQdzv9EXZtBqb3eAWT+MeprCERLJhGlM7Z4Fol9COIPNl
CKh/vrrh0x0x5YjP34ZYHSIss0Vlu6qVsfADjsfmO2AootQVfL4Lqy09mq90bIAV
GtDzeeQx/4v9AzKtt2zzLP1lyM+sOGIkKe/L1hXU8TnY1MNCy1U2VIelVn9WetgP
ybu8eB3bjFLRs2MxxlVXof1bKHk5jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org