Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6hE8r29_rQB--ORJTFg1lrka_Is.roa
File:                     6hE8r29_rQB--ORJTFg1lrka_Is.roa (raw, json)
Hash identifier:          GoOgBBKQodGPfL3O01EQpY4797PiAU/rzNuUGR+zgJg=
Subject key identifier:   EA:11:3C:AF:6F:7F:AD:00:7E:F8:E4:49:4C:58:35:96:B9:1A:FC:8B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018471EFFC9AD05118D34BB3D3555B315F64
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6hE8r29_rQB--ORJTFg1lrka_Is.roa
Signing time:             Sun 13 Nov 2022 17:01:03 +0000
ROA not before:           Sun 13 Nov 2022 17:01:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201412
IP address blocks:        2a0e:97c0:c70::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:71:ef:fc:9a:d0:51:18:d3:4b:b3:d3:55:5b:31:5f:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 13 17:01:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea113caf6f7fad007ef8e4494c583596b91afc8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e9:d3:b6:63:9a:eb:19:e1:b6:eb:c1:11:21:
                    31:99:03:37:e6:62:9b:17:e3:29:c2:1b:1f:d0:e9:
                    c8:b7:4c:ff:3c:e1:c1:d7:37:96:b6:f4:e7:8a:66:
                    29:dc:c6:a5:69:a2:b2:9d:8e:53:a5:bf:58:d0:58:
                    f7:e6:33:25:b9:77:1c:b1:a1:f0:00:6c:59:72:df:
                    cf:91:a4:6e:62:28:fd:4f:41:a4:9d:0b:c0:a1:6e:
                    17:b8:80:e4:87:95:f3:1a:63:a6:e5:3e:27:cd:8b:
                    5a:2f:4c:17:ae:a7:d0:27:fe:13:3a:d2:ae:e1:7c:
                    d7:36:a7:68:4e:71:9f:19:5d:a7:96:3d:e9:90:7b:
                    56:c4:3d:ae:d9:45:3d:80:dc:71:5a:51:80:03:f0:
                    58:e8:6c:01:29:b9:59:d3:0c:d6:3c:bf:ce:9d:c8:
                    e7:46:67:33:f6:61:3a:d6:81:b6:80:dc:36:f1:4b:
                    40:8f:c5:6a:8f:88:ae:70:50:d3:41:a1:0d:91:18:
                    59:46:d9:26:91:98:f0:49:63:84:c3:e4:b0:ee:fa:
                    3f:23:4a:db:0a:c1:5e:63:60:26:83:6f:5a:00:1b:
                    ab:8c:a7:aa:22:eb:94:a2:3a:73:31:3c:15:f0:f0:
                    0a:b1:7c:04:85:fe:b8:0b:0c:7f:d7:c3:1d:42:53:
                    d4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:11:3C:AF:6F:7F:AD:00:7E:F8:E4:49:4C:58:35:96:B9:1A:FC:8B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6hE8r29_rQB--ORJTFg1lrka_Is.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:c70::/44

    Signature Algorithm: sha256WithRSAEncryption
         0a:df:4a:91:17:e9:ae:14:27:35:ab:a0:59:98:b4:5c:39:f6:
         af:03:bd:ab:5e:bd:38:eb:84:a0:f7:99:e6:36:20:ee:39:ee:
         cd:0f:ee:30:73:27:f9:91:50:25:f4:89:44:a6:85:61:e4:38:
         5d:69:32:31:ef:85:54:38:45:af:58:b1:26:38:13:f3:d1:25:
         36:ce:ad:86:b1:c6:ec:1f:f1:bc:04:a8:ce:9b:82:fa:2f:e2:
         6d:6c:0a:6b:73:14:64:30:b4:82:07:20:6b:90:75:5c:04:b9:
         c0:d5:07:85:6f:ab:ea:a5:de:58:3d:0f:56:2b:15:bf:9f:ce:
         f9:d9:26:ec:e5:97:91:5c:19:84:f1:24:37:68:40:a3:6a:48:
         37:ab:65:b7:84:1f:98:0c:c4:03:24:fc:92:bf:d4:7e:ab:88:
         86:0c:10:fd:a8:f7:17:81:6f:2d:82:2a:92:ca:73:e0:7d:b3:
         3a:40:95:95:e2:01:0a:fd:55:46:8e:99:50:cd:9e:33:5a:3e:
         09:0e:1d:59:14:ee:bf:62:0d:70:af:dc:9b:43:d0:39:42:0c:
         16:33:f5:92:c5:7c:2f:10:79:80:f9:b6:e2:cb:87:bf:2c:d8:
         de:4c:b6:76:3e:9f:38:e6:96:5a:96:6e:52:20:17:c4:a4:91:
         3e:d0:3b:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYRx7/ya0FEY00uz01VbMV9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEzMTcwMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTExM2NhZjZmN2ZhZDAwN2VmOGU0NDk0YzU4MzU5NmI5MWFmYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmenTtmOa6xnhtuvBESExmQM35mKb
F+Mpwhsf0OnIt0z/POHB1zeWtvTnimYp3MalaaKynY5Tpb9Y0Fj35jMluXccsaHw
AGxZct/PkaRuYij9T0GknQvAoW4XuIDkh5XzGmOm5T4nzYtaL0wXrqfQJ/4TOtKu
4XzXNqdoTnGfGV2nlj3pkHtWxD2u2UU9gNxxWlGAA/BY6GwBKblZ0wzWPL/Oncjn
Rmcz9mE61oG2gNw28UtAj8Vqj4iucFDTQaENkRhZRtkmkZjwSWOEw+Sw7vo/I0rb
CsFeY2Amg29aABurjKeqIuuUojpzMTwV8PAKsXwEhf64Cwx/18MdQlPUsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOoRPK9vf60AfvjkSUxYNZa5GvyLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNmhFOHIyOV9yUUItLU9SSlRGZzFscmthX0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAxw
MA0GCSqGSIb3DQEBCwUAA4IBAQAK30qRF+muFCc1q6BZmLRcOfavA72rXr0464Sg
95nmNiDuOe7ND+4wcyf5kVAl9IlEpoVh5DhdaTIx74VUOEWvWLEmOBPz0SU2zq2G
scbsH/G8BKjOm4L6L+JtbAprcxRkMLSCByBrkHVcBLnA1QeFb6vqpd5YPQ9WKxW/
n8752Sbs5ZeRXBmE8SQ3aECjakg3q2W3hB+YDMQDJPySv9R+q4iGDBD9qPcXgW8t
giqSynPgfbM6QJWV4gEK/VVGjplQzZ4zWj4JDh1ZFO6/Yg1wr9ybQ9A5QgwWM/WS
xXwvEHmA+bbiy4e/LNjeTLZ2Pp845pZalm5SIBfEpJE+0DsE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:54 2024 by rpki-client on console-ams.rpki-client.org