Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Ho_SKpC-qY44Gx95YiJzMy62Po.roa
File:                     7Ho_SKpC-qY44Gx95YiJzMy62Po.roa (raw, json)
Hash identifier:          oQwBQlTbUUhNMAoye/mXiqqY9JvCX6QEF1AOhpNY1Nw=
Subject key identifier:   EC:7A:3F:48:AA:42:FA:A6:38:E0:6C:7D:E5:88:89:CC:CC:BA:D8:FA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       11E23AA6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Ho_SKpC-qY44Gx95YiJzMy62Po.roa
Signing time:             Thu 10 Feb 2022 13:40:04 +0000
ROA not before:           Thu 10 Feb 2022 13:40:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208690
IP address blocks:        2a0e:97c0:6d0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 300038822 (0x11e23aa6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 10 13:40:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec7a3f48aa42faa638e06c7de58889ccccbad8fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:79:75:03:8c:4e:27:b5:d7:b1:96:7a:0d:aa:
                    a4:92:63:dd:b6:e3:9c:f0:f6:ff:b5:08:c1:94:75:
                    24:fc:a8:8d:25:7e:d8:53:f0:87:8c:c5:15:43:79:
                    25:a3:10:2a:3c:3a:05:8a:a8:1e:c9:c2:4f:30:55:
                    e6:85:2c:15:0d:db:95:49:3b:cd:93:21:2a:d7:2c:
                    62:8a:cd:a6:df:f7:d3:73:c2:75:f9:d6:ca:72:1e:
                    07:df:a5:13:e0:c9:0f:ca:85:c3:68:45:33:c1:45:
                    73:c9:e4:4a:22:7f:9e:ae:59:a4:cc:4a:8d:4a:fb:
                    bc:d0:23:eb:09:6e:c4:3d:0c:51:35:23:4f:fc:b9:
                    32:a0:2d:76:6d:f9:89:8e:b5:90:06:53:a7:1c:99:
                    17:5c:d6:31:03:80:7d:ca:01:bd:51:5c:33:c8:e0:
                    62:0b:28:ca:3b:c0:68:9d:22:af:2f:e7:10:9d:c1:
                    16:7e:f8:70:fe:82:1d:71:52:5b:5b:97:49:dd:c9:
                    ca:0d:f6:e1:e3:82:91:6e:83:81:1d:fd:3c:02:99:
                    85:14:4c:40:05:fc:9b:15:79:b5:a4:a1:4c:3a:86:
                    9f:65:ee:ae:66:72:51:c1:3b:4b:e6:37:5b:3a:ca:
                    4c:0e:30:65:82:94:f3:f4:29:d7:f2:ec:4d:bc:4f:
                    1f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7A:3F:48:AA:42:FA:A6:38:E0:6C:7D:E5:88:89:CC:CC:BA:D8:FA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Ho_SKpC-qY44Gx95YiJzMy62Po.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:6d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         a2:cb:11:a5:77:58:b4:a5:43:d8:e7:5d:09:50:12:3f:c3:4b:
         dd:5f:f8:b8:33:d6:9d:22:03:57:e1:01:eb:ac:eb:74:a7:ea:
         03:fc:55:60:6a:9d:00:53:0d:a9:24:21:d2:14:60:5c:70:2c:
         62:c8:ab:bd:b7:c2:55:1b:71:7b:27:0f:f5:80:4d:4f:85:36:
         e1:f5:12:9d:82:41:77:7a:29:d7:f5:e8:ea:e2:fb:7d:b2:94:
         4c:e2:02:75:47:01:a4:66:98:88:a4:c0:81:69:0d:a9:c6:22:
         e7:ad:eb:5a:67:1d:fb:19:6a:e2:7a:cf:bf:b1:ad:78:e1:17:
         c5:60:a7:2b:85:f0:0a:df:33:fd:13:16:a8:8c:de:14:64:1d:
         45:2c:8f:47:0b:b5:f3:b9:a3:6a:c9:98:31:ca:17:7a:7e:03:
         8e:71:eb:a0:1a:1f:b9:de:2b:07:7b:f8:20:54:27:41:43:19:
         39:33:c4:c8:f9:e0:da:44:07:e1:38:62:1c:c0:6b:1f:2d:28:
         9f:34:85:f2:64:1d:8f:3e:e2:90:ec:c8:7c:69:25:5e:1d:bb:
         02:b2:ba:4a:b9:eb:2a:fc:6f:dd:ec:f5:50:ac:4b:56:5b:62:
         97:70:c9:83:26:0e:6e:33:f4:e0:ad:a2:37:b5:31:0d:3a:d9:
         26:21:93:c0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEeI6pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MDEzNDAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM3YTNmNDhhYTQy
ZmFhNjM4ZTA2YzdkZTU4ODg5Y2NjY2JhZDhmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOB5dQOMTie117GWeg2qpJJj3bbjnPD2/7UIwZR1JPyojSV+
2FPwh4zFFUN5JaMQKjw6BYqoHsnCTzBV5oUsFQ3blUk7zZMhKtcsYorNpt/303PC
dfnWynIeB9+lE+DJD8qFw2hFM8FFc8nkSiJ/nq5ZpMxKjUr7vNAj6wluxD0MUTUj
T/y5MqAtdm35iY61kAZTpxyZF1zWMQOAfcoBvVFcM8jgYgsoyjvAaJ0iry/nEJ3B
Fn74cP6CHXFSW1uXSd3Jyg324eOCkW6DgR39PAKZhRRMQAX8mxV5taShTDqGn2Xu
rmZyUcE7S+Y3WzrKTA4wZYKU8/Qp1/LsTbxPHxECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTsej9IqkL6pjjgbH3liInMzLrY+jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzdIb19TS3BDLXFZNDRHeDk1WWlKek15NjJQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AG0DANBgkqhkiG9w0BAQsF
AAOCAQEAossRpXdYtKVD2OddCVASP8NL3V/4uDPWnSIDV+EB66zrdKfqA/xVYGqd
AFMNqSQh0hRgXHAsYsirvbfCVRtxeycP9YBNT4U24fUSnYJBd3op1/Xo6uL7fbKU
TOICdUcBpGaYiKTAgWkNqcYi563rWmcd+xlq4nrPv7GteOEXxWCnK4XwCt8z/RMW
qIzeFGQdRSyPRwu187mjasmYMcoXen4DjnHroBofud4rB3v4IFQnQUMZOTPEyPng
2kQH4ThiHMBrHy0onzSF8mQdjz7ikOzIfGklXh27ArK6SrnrKvxv3ez1UKxLVlti
l3DJgyYObjP04K2iN7UxDTrZJiGTwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org