Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3wz6cjWZ4ATELn32f-Z00S9WB1o.roa
File:                     3wz6cjWZ4ATELn32f-Z00S9WB1o.roa (raw, json)
Hash identifier:          fIPphWLGbOEpiKei5wV5ajY/1VNpPCLFRT6bo4hltjE=
Subject key identifier:   DF:0C:FA:72:35:99:E0:04:C4:2E:7D:F6:7F:E6:74:D1:2F:56:07:5A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       13EFD920
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3wz6cjWZ4ATELn32f-Z00S9WB1o.roa
Signing time:             Thu 21 Apr 2022 22:10:16 +0000
ROA not before:           Thu 21 Apr 2022 22:10:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208223
IP address blocks:        2a0e:b107:1a30::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 334485792 (0x13efd920)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 21 22:10:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df0cfa723599e004c42e7df67fe674d12f56075a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0e:46:a9:1b:b5:82:b3:49:6e:1d:61:32:d2:
                    db:95:ff:50:8f:d6:31:66:e4:be:36:01:a5:28:44:
                    57:c7:36:71:62:31:35:a8:95:da:f4:63:af:ca:20:
                    f0:c4:f3:38:f0:d0:9c:ef:90:f8:c9:1a:cf:1c:57:
                    ba:61:73:9f:31:e5:39:e1:fa:94:b0:9b:76:b2:cb:
                    d3:08:97:0c:43:8e:57:ee:fe:6e:59:8c:72:14:57:
                    a7:a5:59:2d:3f:aa:81:bd:03:0b:50:19:64:c6:c4:
                    77:24:c1:bf:d0:fe:e7:20:9e:84:78:bc:c2:d9:cc:
                    c2:fd:d3:a3:b7:45:01:c0:17:92:28:a2:42:03:80:
                    92:d1:c0:f4:c2:59:d0:62:1b:38:12:32:20:78:b7:
                    77:05:46:e3:a0:b6:da:39:1f:08:50:b2:46:4e:1f:
                    d6:db:c2:42:52:7b:d5:db:c9:1b:36:c1:5a:a0:7f:
                    67:53:19:63:52:fb:7b:9c:20:25:e0:45:d3:de:02:
                    48:a1:cd:b5:51:3d:ef:3b:4c:83:c6:b0:9b:c3:ac:
                    fb:b0:d1:cf:9d:18:f0:21:c8:65:92:9e:b5:ee:c6:
                    42:e1:5d:94:af:59:ee:22:5d:97:9a:cf:ce:f9:92:
                    8f:c8:46:02:04:81:a5:66:08:14:60:e7:26:61:08:
                    8d:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:0C:FA:72:35:99:E0:04:C4:2E:7D:F6:7F:E6:74:D1:2F:56:07:5A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3wz6cjWZ4ATELn32f-Z00S9WB1o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1a30::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:9d:bb:5f:ef:61:2a:5f:d1:4f:83:11:1f:b4:f3:28:4b:a9:
         6e:c1:bf:48:d2:ed:03:a7:fb:d6:42:8b:96:96:c5:56:7c:48:
         b0:84:a2:ad:67:b5:ed:9c:85:1b:89:5f:8e:64:47:e0:3b:6e:
         71:52:5e:20:76:e3:89:80:b6:71:3a:87:28:05:be:ff:d4:af:
         3a:98:5b:e7:13:4f:0f:0b:ff:ed:7c:36:73:5c:be:80:8e:cf:
         7b:14:d7:ef:05:29:a4:a8:48:4b:4d:37:8f:4f:d5:84:f6:7b:
         1d:e3:f0:67:5e:c7:f6:ff:a1:2f:f3:91:d0:03:6e:f1:34:27:
         7f:82:85:af:2f:fd:a2:89:02:a5:a6:8d:73:d3:54:31:06:ea:
         0a:dd:df:cb:67:fd:24:ae:86:88:e4:80:e8:90:7b:09:de:74:
         e1:e0:73:81:e4:e4:94:cd:91:e8:7e:bc:25:d0:af:a7:d8:04:
         33:7c:07:c4:9d:b7:07:47:69:19:2a:f2:8b:4f:2b:d7:ac:32:
         48:42:c4:49:68:9b:2d:6d:d6:6a:49:d7:d8:33:51:92:2f:8b:
         99:20:21:32:fd:01:4c:3b:a7:73:8d:75:f1:29:59:79:bd:07:
         39:45:66:0c:1b:c3:aa:c9:7d:77:e3:e4:a2:75:45:02:a5:00:
         15:7c:63:a9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE+/ZIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQy
MTIyMTAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGYwY2ZhNzIzNTk5
ZTAwNGM0MmU3ZGY2N2ZlNjc0ZDEyZjU2MDc1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUORqkbtYKzSW4dYTLS25X/UI/WMWbkvjYBpShEV8c2cWIx
NaiV2vRjr8og8MTzOPDQnO+Q+MkazxxXumFznzHlOeH6lLCbdrLL0wiXDEOOV+7+
blmMchRXp6VZLT+qgb0DC1AZZMbEdyTBv9D+5yCehHi8wtnMwv3To7dFAcAXkiii
QgOAktHA9MJZ0GIbOBIyIHi3dwVG46C22jkfCFCyRk4f1tvCQlJ71dvJGzbBWqB/
Z1MZY1L7e5wgJeBF094CSKHNtVE97ztMg8awm8Os+7DRz50Y8CHIZZKete7GQuFd
lK9Z7iJdl5rPzvmSj8hGAgSBpWYIFGDnJmEIjU8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTfDPpyNZngBMQuffZ/5nTRL1YHWjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzN3ejZjaldaNEFURUxuMzJmLVowMFM5V0Ixby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcaMDANBgkqhkiG9w0BAQsF
AAOCAQEAEp27X+9hKl/RT4MRH7TzKEupbsG/SNLtA6f71kKLlpbFVnxIsISirWe1
7ZyFG4lfjmRH4DtucVJeIHbjiYC2cTqHKAW+/9SvOphb5xNPDwv/7Xw2c1y+gI7P
exTX7wUppKhIS003j0/VhPZ7HePwZ17H9v+hL/OR0ANu8TQnf4KFry/9ookCpaaN
c9NUMQbqCt3fy2f9JK6GiOSA6JB7Cd504eBzgeTklM2R6H68JdCvp9gEM3wHxJ23
B0dpGSryi08r16wySELESWibLW3WaknX2DNRki+LmSAhMv0BTDunc4118SlZeb0H
OUVmDBvDqsl9d+PkonVFAqUAFXxjqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org