Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9oYY6LRrsBjYqNSl1bW8fSfRARI.roa
File:                     9oYY6LRrsBjYqNSl1bW8fSfRARI.roa (raw, json)
Hash identifier:          cacagVRA5QMJ6lTvFRAnJHFQIXROvryje0qJPAF/hUY=
Subject key identifier:   F6:86:18:E8:B4:6B:B0:18:D8:A8:D4:A5:D5:B5:BC:7D:27:D1:01:12
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       108D520D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9oYY6LRrsBjYqNSl1bW8fSfRARI.roa
Signing time:             Sat 01 Jan 2022 09:04:56 +0000
ROA not before:           Sat 01 Jan 2022 09:04:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142382
IP address blocks:        2a0e:b107:1790::/48 maxlen: 48
                          2a0e:b107:1798::/48 maxlen: 48
                          2a0e:b107:1795::/48 maxlen: 48
                          2a0e:b107:1792::/48 maxlen: 48
                          2a0e:b107:1794::/48 maxlen: 48
                          2a0e:b107:1799::/48 maxlen: 48
                          2a0e:b107:1791::/48 maxlen: 48
                          2a0e:b107:1793::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277697037 (0x108d520d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f68618e8b46bb018d8a8d4a5d5b5bc7d27d10112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d3:7b:4b:79:0e:18:12:2b:60:7a:e9:fe:3f:
                    b7:0d:ad:60:45:3c:66:8f:aa:24:d9:43:58:35:24:
                    24:81:01:ba:6f:aa:61:c1:b8:ab:3a:f9:21:0d:03:
                    86:f1:56:0e:07:cc:5b:cd:e7:93:7a:dc:9d:fd:d5:
                    a0:90:84:1a:7c:06:66:5f:4a:dc:0f:b0:9d:f4:09:
                    3a:39:a6:95:08:e7:1a:21:2a:ab:9b:71:bd:5b:d9:
                    83:10:39:db:ff:28:37:2b:08:6c:2b:45:e3:21:20:
                    c3:d4:34:64:00:59:a6:1a:ee:aa:b9:9d:fa:0a:9d:
                    2a:4f:de:c3:2b:87:dd:d3:52:ac:c7:9b:92:9a:f3:
                    0a:34:17:b4:f5:90:73:1b:51:27:93:71:33:62:45:
                    e8:03:32:95:8b:fb:a6:85:6e:1c:45:c5:2a:d3:13:
                    5d:99:9f:9c:d2:11:dc:0d:5f:d0:da:b8:10:5d:d8:
                    76:0d:75:13:18:3d:ac:06:3f:d1:51:a9:fc:18:8a:
                    e7:ad:db:71:65:1a:7b:83:61:84:46:28:25:3f:e3:
                    8c:91:7d:75:b2:25:43:3e:15:94:04:7e:ce:11:ff:
                    4b:ea:60:52:ed:c4:28:81:a1:ba:4a:ac:0c:34:d6:
                    1a:6e:d9:66:3d:ac:ef:56:c8:a9:1c:23:4b:d2:5c:
                    6e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:86:18:E8:B4:6B:B0:18:D8:A8:D4:A5:D5:B5:BC:7D:27:D1:01:12
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9oYY6LRrsBjYqNSl1bW8fSfRARI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1790::-2a0e:b107:1795:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:1798::/47

    Signature Algorithm: sha256WithRSAEncryption
         09:1f:bb:e7:d5:21:b8:c5:af:96:ea:9b:67:60:ff:ba:89:18:
         32:95:d3:e8:24:3b:86:a9:d6:ad:05:bf:62:18:9e:2b:56:84:
         0e:dd:83:dd:07:45:42:95:87:9d:3d:e2:e7:73:12:3e:01:52:
         16:a5:ac:b3:1d:c8:a8:09:e9:f5:98:36:ac:8f:5b:2a:53:7f:
         e5:15:03:f6:10:3d:82:65:13:cb:31:9c:ae:24:05:3d:8d:3a:
         e9:74:dc:4c:5f:0b:f4:f5:08:94:6f:d8:48:20:eb:5d:d8:f9:
         be:52:58:f5:15:15:f6:f9:4e:32:b2:e6:fb:41:3a:de:b8:d0:
         a9:3d:0e:83:09:b8:12:8b:53:a9:6b:f5:95:00:45:24:6a:d4:
         cd:f8:b4:f5:1e:71:68:7d:b3:74:6d:de:a3:11:42:5e:31:ef:
         d4:e5:e7:e9:f2:fb:08:da:63:2d:f7:22:d3:e1:a1:5f:c6:75:
         77:42:c4:d0:f6:47:6a:52:04:35:21:45:08:98:31:47:94:35:
         31:a6:86:8c:b6:b1:cd:6d:41:87:f7:e3:a9:e1:ef:db:15:e4:
         d7:6c:fb:1f:8d:75:bb:67:ab:e2:35:f1:59:66:d9:5d:14:ba:
         ab:a3:45:50:10:a0:e4:45:c6:1e:8f:27:38:d1:83:33:b2:b2:
         fa:02:92:f8
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEEI1SDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY4NjE4ZThiNDZi
YjAxOGQ4YThkNGE1ZDViNWJjN2QyN2QxMDExMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnTe0t5DhgSK2B66f4/tw2tYEU8Zo+qJNlDWDUkJIEBum+q
YcG4qzr5IQ0DhvFWDgfMW83nk3rcnf3VoJCEGnwGZl9K3A+wnfQJOjmmlQjnGiEq
q5txvVvZgxA52/8oNysIbCtF4yEgw9Q0ZABZphruqrmd+gqdKk/ewyuH3dNSrMeb
kprzCjQXtPWQcxtRJ5NxM2JF6AMylYv7poVuHEXFKtMTXZmfnNIR3A1f0Nq4EF3Y
dg11Exg9rAY/0VGp/BiK563bcWUae4NhhEYoJT/jjJF9dbIlQz4VlAR+zhH/S+pg
Uu3EKIGhukqsDDTWGm7ZZj2s71bIqRwjS9JcbqECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBT2hhjotGuwGNio1KXVtbx9J9EBEjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzlvWVk2TFJyc0JqWXFOU2wxYlc4ZlNmUkFSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwIwQCAAIwHTASAwcEKg6xBxeQAwcBKg6xBxeUAwcB
Kg6xBxeYMA0GCSqGSIb3DQEBCwUAA4IBAQAJH7vn1SG4xa+W6ptnYP+6iRgyldPo
JDuGqdatBb9iGJ4rVoQO3YPdB0VClYedPeLncxI+AVIWpayzHcioCen1mDasj1sq
U3/lFQP2ED2CZRPLMZyuJAU9jTrpdNxMXwv09QiUb9hIIOtd2Pm+Ulj1FRX2+U4y
sub7QTreuNCpPQ6DCbgSi1Opa/WVAEUkatTN+LT1HnFofbN0bd6jEUJeMe/U5efp
8vsI2mMt9yLT4aFfxnV3QsTQ9kdqUgQ1IUUImDFHlDUxpoaMtrHNbUGH9+Op4e/b
FeTXbPsfjXW7Z6viNfFZZtldFLqro0VQEKDkRcYejyc40YMzsrL6ApL4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org