Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8Z1fTquOwFKHQ73hjtLXZKXrjeU.roa
File:                     8Z1fTquOwFKHQ73hjtLXZKXrjeU.roa (raw, json)
Hash identifier:          uaNmIYrp21IUzmCIIwmvRGqZ72DPAlYJgalgOx/Q5Sc=
Subject key identifier:   F1:9D:5F:4E:AB:8E:C0:52:87:43:BD:E1:8E:D2:D7:64:A5:EB:8D:E5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018534850859324D02209F05ED8602E32700
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8Z1fTquOwFKHQ73hjtLXZKXrjeU.roa
Signing time:             Wed 21 Dec 2022 11:50:11 +0000
ROA not before:           Wed 21 Dec 2022 11:50:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     133846
IP address blocks:        2a0e:b107:2c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:34:85:08:59:32:4d:02:20:9f:05:ed:86:02:e3:27:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 21 11:50:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f19d5f4eab8ec0528743bde18ed2d764a5eb8de5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f7:45:2d:11:57:17:86:d9:fc:f6:37:9a:76:
                    7a:e0:d5:52:7c:d8:6e:b1:49:b1:cc:08:c5:d9:5f:
                    69:f2:5a:ca:ba:29:5d:9b:98:9a:3d:6c:ea:d5:0b:
                    51:2a:2c:13:47:fc:0e:0e:3f:cf:9b:44:5b:b0:58:
                    1b:79:4f:20:69:1b:61:48:0e:dc:b6:cf:73:08:38:
                    8c:c9:a5:74:f9:d8:d9:66:d1:67:22:88:a7:b8:33:
                    2f:18:4c:24:88:2e:8b:ec:0f:cd:2e:e9:8c:0d:5d:
                    0e:67:d6:4f:34:27:9d:9b:5a:c6:c3:7c:e0:6e:50:
                    f4:bc:e1:b8:33:3a:53:fb:19:cd:b7:3f:11:b4:87:
                    e4:d9:9a:af:6c:66:22:e6:34:93:08:28:2d:18:85:
                    7b:aa:fd:27:75:d7:4f:96:e5:8e:a8:ef:15:92:ab:
                    e3:2f:56:61:6c:cf:90:43:56:0c:dd:5a:df:75:d0:
                    49:a1:5f:8d:8e:64:48:b4:e0:19:6e:5f:20:e3:61:
                    88:77:33:4c:ba:5e:4c:d3:23:e1:ea:10:34:b7:30:
                    dc:b2:a6:0b:33:a0:00:26:b0:3b:d9:11:b6:7f:45:
                    8a:05:c7:3c:b8:af:a6:81:62:41:26:3a:3b:c3:0c:
                    b2:0d:02:91:9d:51:ee:08:59:17:3d:4b:97:9b:7d:
                    b5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:9D:5F:4E:AB:8E:C0:52:87:43:BD:E1:8E:D2:D7:64:A5:EB:8D:E5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8Z1fTquOwFKHQ73hjtLXZKXrjeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:2c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         3f:64:40:34:3e:13:ad:fe:c2:4e:43:34:f5:17:94:6c:73:68:
         e7:be:7c:02:d4:e9:9c:57:32:64:e8:5b:29:3f:01:db:31:a7:
         fc:28:e9:14:8d:57:a1:d4:31:34:2e:02:9c:4a:84:61:0b:2a:
         a2:d7:33:9e:f9:93:b2:2b:b0:17:a3:ef:9c:1a:00:17:6c:06:
         bf:cf:a2:48:98:af:76:15:be:ee:38:89:2c:43:49:f5:b7:3a:
         e5:8b:23:79:4e:4c:bd:60:0d:f7:cb:74:55:31:77:9f:01:92:
         fa:78:9d:1c:c2:80:62:31:ac:5c:f4:19:88:fe:e3:a5:4f:1a:
         9a:a3:2c:e7:08:fe:61:58:35:69:aa:21:d7:7b:d1:70:62:0b:
         5d:c6:c4:e9:8b:7b:83:fe:ba:e4:c2:e8:3b:b3:95:d9:1f:4f:
         ad:af:71:0d:d6:b0:d1:97:30:1b:52:85:fc:0b:f9:3d:55:c8:
         7f:66:5d:5f:6e:c0:65:fb:5a:7a:e5:de:41:d5:48:eb:26:ab:
         a9:44:d0:bd:fa:d8:3e:0d:41:3d:7f:f9:ea:ad:e5:a3:8f:27:
         62:e1:47:d0:ac:3d:a1:f0:53:c0:98:69:c9:ea:3a:7e:3a:37:
         ec:d2:8b:a8:b2:96:11:84:4f:a6:f7:27:50:6e:a1:28:a3:5b:
         62:22:da:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYU0hQhZMk0CIJ8F7YYC4ycAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjIxMTE1MDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTlkNWY0ZWFiOGVjMDUyODc0M2JkZTE4ZWQyZDc2NGE1ZWI4ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfdFLRFXF4bZ/PY3mnZ64NVSfNhu
sUmxzAjF2V9p8lrKuildm5iaPWzq1QtRKiwTR/wODj/Pm0RbsFgbeU8gaRthSA7c
ts9zCDiMyaV0+djZZtFnIoinuDMvGEwkiC6L7A/NLumMDV0OZ9ZPNCedm1rGw3zg
blD0vOG4MzpT+xnNtz8RtIfk2ZqvbGYi5jSTCCgtGIV7qv0ndddPluWOqO8Vkqvj
L1ZhbM+QQ1YM3VrfddBJoV+NjmRItOAZbl8g42GIdzNMul5M0yPh6hA0tzDcsqYL
M6AAJrA72RG2f0WKBcc8uK+mgWJBJjo7wwyyDQKRnVHuCFkXPUuXm321cwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPGdX06rjsBSh0O94Y7S12Sl643lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOFoxZlRxdU93RktIUTczaGp0TFhaS1hyamVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwLA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/ZEA0PhOt/sJOQzT1F5Rsc2jnvnwC1OmcVzJk
6FspPwHbMaf8KOkUjVeh1DE0LgKcSoRhCyqi1zOe+ZOyK7AXo++cGgAXbAa/z6JI
mK92Fb7uOIksQ0n1tzrliyN5Tky9YA33y3RVMXefAZL6eJ0cwoBiMaxc9BmI/uOl
TxqaoyznCP5hWDVpqiHXe9FwYgtdxsTpi3uD/rrkwug7s5XZH0+tr3EN1rDRlzAb
UoX8C/k9Vch/Zl1fbsBl+1p65d5B1UjrJqupRNC9+tg+DUE9f/nqreWjjydi4UfQ
rD2h8FPAmGnJ6jp+Ojfs0ouospYRhE+m9ydQbqEoo1tiItoS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org