Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/99oRymMc8QXrEUYd3LAJNMDJayI.roa
File:                     99oRymMc8QXrEUYd3LAJNMDJayI.roa (raw, json)
Hash identifier:          ohtIZe0rSjKg/g3o9iXtsHe0k3+enCBdUldvR3pcGB0=
Subject key identifier:   F7:DA:11:CA:63:1C:F1:05:EB:11:46:1D:DC:B0:09:34:C0:C9:6B:22
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1121237C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/99oRymMc8QXrEUYd3LAJNMDJayI.roa
Signing time:             Thu 06 Jan 2022 10:44:19 +0000
ROA not before:           Thu 06 Jan 2022 10:44:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210633
IP address blocks:        2a0e:b107:1880::/44 maxlen: 48
                          2a0e:b107:1888::/45 maxlen: 48
                          2a0e:b107:1880::/45 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 287384444 (0x1121237c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  6 10:44:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7da11ca631cf105eb11461ddcb00934c0c96b22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:54:8d:bf:b7:b5:79:be:41:1c:ef:d7:b6:78:
                    82:68:67:bd:f0:4e:25:f0:84:f9:c0:44:df:3a:33:
                    84:6c:62:7a:98:f4:da:38:1e:55:2a:d2:4c:af:7f:
                    12:b0:d8:84:2e:4e:0a:d5:d1:5a:43:d0:24:bf:7e:
                    8b:15:f6:06:b4:55:93:5a:9b:0d:45:a1:5c:5a:51:
                    13:c4:95:25:b1:6c:96:46:21:d7:35:a9:a2:e1:1b:
                    06:30:8b:cc:19:53:ad:f5:a7:11:a7:83:19:9a:3e:
                    2a:9b:a7:35:01:98:3d:78:89:01:00:5b:e2:a5:02:
                    ce:32:ed:74:9e:34:30:69:7f:b3:e6:29:d9:10:17:
                    2c:24:6a:c1:f5:51:6f:6e:d4:c2:5d:05:db:fc:8e:
                    52:d0:36:25:e0:a0:f1:8c:a8:b0:93:cd:37:88:c4:
                    30:e4:84:98:7f:50:e6:b7:7d:ae:f8:4b:88:47:3b:
                    18:0d:8d:23:e0:6d:a6:4b:a9:f6:2e:80:bc:07:4e:
                    a8:86:fc:21:66:20:d8:b0:18:18:ee:10:62:d8:94:
                    d7:92:dc:9b:20:10:18:28:23:98:f0:28:25:55:b6:
                    3d:c8:cd:8f:7e:a0:ac:a7:cf:ca:22:06:dc:90:f3:
                    4e:41:9b:e5:2d:a9:cb:3c:4a:95:3d:ab:79:bc:64:
                    b6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:DA:11:CA:63:1C:F1:05:EB:11:46:1D:DC:B0:09:34:C0:C9:6B:22
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/99oRymMc8QXrEUYd3LAJNMDJayI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1880::/44

    Signature Algorithm: sha256WithRSAEncryption
         9e:b9:f1:33:2c:eb:26:53:24:a2:4e:6b:3a:23:72:bf:d9:56:
         eb:f3:52:e2:52:e9:ee:4e:a6:fe:43:85:1a:0c:66:4e:86:96:
         5c:58:ab:5d:f7:e1:0c:2c:e7:1f:d3:85:bb:98:2c:63:53:9b:
         bd:73:ef:8c:0d:db:1d:ac:70:5f:f9:8a:f3:22:c9:45:14:15:
         67:1d:72:bb:fa:07:df:0f:4a:5a:76:58:28:f1:a8:ea:fb:42:
         96:45:00:fd:b6:59:3e:dc:06:24:aa:26:dc:0c:4c:fa:b6:6a:
         d9:1b:4f:6b:ac:dd:57:ff:76:49:24:dd:84:8d:5b:77:5f:fb:
         8a:25:9d:ba:bb:c7:d2:c1:0f:08:a6:5d:a7:79:f2:16:ff:e6:
         51:06:83:47:67:12:21:d8:a5:ad:0c:16:19:e8:ba:4b:0f:8b:
         60:ae:90:d9:19:81:4f:78:bd:a7:02:73:45:ff:a5:83:0e:29:
         b0:bc:e8:11:f8:1a:98:65:b1:82:fc:05:e4:4c:91:00:91:c5:
         5d:35:ed:49:7c:e7:2c:f1:72:20:c9:ab:33:76:23:f3:cf:84:
         12:a6:9d:04:5e:7e:aa:fe:8a:7f:cd:63:f6:2f:56:86:e0:13:
         2e:ef:93:a2:d5:c6:81:5b:01:7c:0c:03:53:70:17:70:aa:00:
         27:31:38:f9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEESEjfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
NjEwNDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdkYTExY2E2MzFj
ZjEwNWViMTE0NjFkZGNiMDA5MzRjMGM5NmIyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBUjb+3tXm+QRzv17Z4gmhnvfBOJfCE+cBE3zozhGxiepj0
2jgeVSrSTK9/ErDYhC5OCtXRWkPQJL9+ixX2BrRVk1qbDUWhXFpRE8SVJbFslkYh
1zWpouEbBjCLzBlTrfWnEaeDGZo+KpunNQGYPXiJAQBb4qUCzjLtdJ40MGl/s+Yp
2RAXLCRqwfVRb27Uwl0F2/yOUtA2JeCg8YyosJPNN4jEMOSEmH9Q5rd9rvhLiEc7
GA2NI+Btpkup9i6AvAdOqIb8IWYg2LAYGO4QYtiU15LcmyAQGCgjmPAoJVW2PcjN
j36grKfPyiIG3JDzTkGb5S2pyzxKlT2rebxktkcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT32hHKYxzxBesRRh3csAk0wMlrIjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
Lzk5b1J5bU1jOFFYckVVWWQzTEFKTk1ESmF5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcYgDANBgkqhkiG9w0BAQsF
AAOCAQEAnrnxMyzrJlMkok5rOiNyv9lW6/NS4lLp7k6m/kOFGgxmToaWXFirXffh
DCznH9OFu5gsY1ObvXPvjA3bHaxwX/mK8yLJRRQVZx1yu/oH3w9KWnZYKPGo6vtC
lkUA/bZZPtwGJKom3AxM+rZq2RtPa6zdV/92SSTdhI1bd1/7iiWdurvH0sEPCKZd
p3nyFv/mUQaDR2cSIdilrQwWGei6Sw+LYK6Q2RmBT3i9pwJzRf+lgw4psLzoEfga
mGWxgvwF5EyRAJHFXTXtSXznLPFyIMmrM3Yj88+EEqadBF5+qv6Kf81j9i9WhuAT
Lu+TotXGgVsBfAwDU3AXcKoAJzE4+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org