Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6eobXIlIh-bN1atgJYZoxT7GvAo.roa
File:                     6eobXIlIh-bN1atgJYZoxT7GvAo.roa (raw, json)
Hash identifier:          O1+976fyllCwHYVb8siTxABQza4eGzqJjbWf3p5zK9g=
Subject key identifier:   E9:EA:1B:5C:89:48:87:E6:CD:D5:AB:60:25:86:68:C5:3E:C6:BC:0A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10907B56
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6eobXIlIh-bN1atgJYZoxT7GvAo.roa
Signing time:             Sat 01 Jan 2022 09:04:59 +0000
ROA not before:           Sat 01 Jan 2022 09:04:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142597
IP address blocks:        2a0e:b107:15aa::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277904214 (0x10907b56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9ea1b5c894887e6cdd5ab60258668c53ec6bc0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:50:65:01:92:87:4b:94:6c:bd:ca:be:3d:93:
                    fa:72:37:30:9a:3a:db:10:10:16:13:da:fb:4c:61:
                    e6:0a:5b:2b:75:3e:fc:6d:2e:1a:67:25:c9:1d:e9:
                    87:01:5c:f7:8c:72:69:19:4b:29:8a:f4:13:9b:c9:
                    7c:91:86:7c:40:d7:0c:51:c8:e4:f7:95:79:28:d2:
                    9a:97:67:d2:82:a0:8a:5a:3b:08:e5:48:ca:8d:e0:
                    a0:76:8a:55:65:42:a6:86:4e:69:4c:10:e6:fe:58:
                    8a:2f:52:c5:93:a3:80:0f:69:4c:33:37:bb:ac:cc:
                    ed:70:4d:f7:32:0b:38:a9:33:4c:e1:f5:55:e6:7b:
                    95:0d:25:8d:30:3b:4d:78:19:7c:f0:89:cd:bc:49:
                    22:1f:64:cd:e2:25:d9:3a:f9:3b:91:58:60:42:25:
                    c8:e6:74:2d:4c:1c:fe:a3:d6:43:95:af:ac:cf:49:
                    d5:80:e4:ff:da:e3:d7:63:b3:13:b6:cd:fa:e6:d5:
                    93:d0:26:c6:6a:5a:cc:58:96:72:1b:e7:a2:2e:1b:
                    11:6a:55:3a:3c:6e:4e:d1:d9:27:d2:de:62:10:5c:
                    e4:29:52:12:24:54:e1:41:61:72:c5:e8:af:e9:9b:
                    a3:50:62:a2:74:7a:2e:0e:c8:e0:4c:fe:96:37:f8:
                    8f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:EA:1B:5C:89:48:87:E6:CD:D5:AB:60:25:86:68:C5:3E:C6:BC:0A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6eobXIlIh-bN1atgJYZoxT7GvAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:15aa::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:54:68:19:6a:86:69:da:1d:f1:8e:a5:a7:2b:01:50:8f:b6:
         27:c0:94:be:61:f2:a4:44:96:34:90:94:01:f9:e2:a1:9d:e9:
         3c:47:07:6d:dc:da:0d:f9:47:7f:dc:b9:33:d6:17:91:94:3b:
         db:e1:b3:a1:ed:39:7c:bf:d0:05:d8:e0:e6:72:7f:a3:c5:5a:
         d7:75:93:86:9a:d0:68:6f:7d:06:4b:e7:21:14:dd:2b:fd:b5:
         6e:70:39:80:ff:68:44:66:7c:55:4b:b0:59:c2:38:cb:c1:aa:
         12:38:c2:02:38:7c:42:d0:7c:12:d5:ee:a5:5e:cc:25:bd:f3:
         a0:ca:17:00:ba:95:dc:29:28:07:f1:fd:52:0a:33:c0:1d:6f:
         1d:f5:c6:76:72:e1:03:45:3e:21:6a:18:3b:fc:8f:eb:c7:94:
         8f:ff:95:d6:3a:ce:e2:18:0d:00:2a:b2:ae:87:f6:5a:f3:68:
         ba:d7:92:90:41:24:93:b7:4e:7c:0c:ba:49:cd:fb:c0:a0:79:
         df:85:49:f1:ed:77:45:f8:bb:7c:21:68:8c:53:50:32:0f:4f:
         92:62:9a:bf:d9:82:ec:84:cf:c4:4e:87:9d:30:12:21:94:fa:
         15:3d:b9:3e:02:75:23:c2:e9:ab:57:69:b9:13:04:20:73:8b:
         5f:bb:b9:7e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJB7VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTllYTFiNWM4OTQ4
ODdlNmNkZDVhYjYwMjU4NjY4YzUzZWM2YmMwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPJQZQGSh0uUbL3Kvj2T+nI3MJo62xAQFhPa+0xh5gpbK3U+
/G0uGmclyR3phwFc94xyaRlLKYr0E5vJfJGGfEDXDFHI5PeVeSjSmpdn0oKgilo7
COVIyo3goHaKVWVCpoZOaUwQ5v5Yii9SxZOjgA9pTDM3u6zM7XBN9zILOKkzTOH1
VeZ7lQ0ljTA7TXgZfPCJzbxJIh9kzeIl2Tr5O5FYYEIlyOZ0LUwc/qPWQ5WvrM9J
1YDk/9rj12OzE7bN+ubVk9AmxmpazFiWchvnoi4bEWpVOjxuTtHZJ9LeYhBc5ClS
EiRU4UFhcsXor+mbo1BionR6Lg7I4Ez+ljf4j+UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTp6htciUiH5s3Vq2AlhmjFPsa8CjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzZlb2JYSWxJaC1iTjFhdGdKWVpveFQ3R3ZBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcVqjANBgkqhkiG9w0BAQsF
AAOCAQEAdlRoGWqGadod8Y6lpysBUI+2J8CUvmHypESWNJCUAfnioZ3pPEcHbdza
DflHf9y5M9YXkZQ72+Gzoe05fL/QBdjg5nJ/o8Va13WThprQaG99BkvnIRTdK/21
bnA5gP9oRGZ8VUuwWcI4y8GqEjjCAjh8QtB8EtXupV7MJb3zoMoXALqV3CkoB/H9
UgozwB1vHfXGdnLhA0U+IWoYO/yP68eUj/+V1jrO4hgNACqyrof2WvNouteSkEEk
k7dOfAy6Sc37wKB534VJ8e13Rfi7fCFojFNQMg9PkmKav9mC7ITPxE6HnTASIZT6
FT25PgJ1I8Lpq1dpuRMEIHOLX7u5fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org