Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AZ1mrGyq8kYpS3ZBC6t_hN8i9nI.roa
File:                     AZ1mrGyq8kYpS3ZBC6t_hN8i9nI.roa (raw, json)
Hash identifier:          Gdr/iAko5+HVAO2jUBh97PGR8KVIdtCV5RLXL7/vY7g=
Subject key identifier:   01:9D:66:AC:6C:AA:F2:46:29:4B:76:41:0B:AB:7F:84:DF:22:F6:72
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       12D38E95
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AZ1mrGyq8kYpS3ZBC6t_hN8i9nI.roa
Signing time:             Thu 10 Mar 2022 11:09:54 +0000
ROA not before:           Thu 10 Mar 2022 11:09:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207662
IP address blocks:        2a0e:97c0:760::/44 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 315854485 (0x12d38e95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 10 11:09:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=019d66ac6caaf246294b76410bab7f84df22f672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c5:97:bd:32:52:6e:d5:03:a0:13:e9:89:dd:
                    9e:b8:dd:6d:f8:dd:0f:c3:9c:6a:40:73:a7:61:27:
                    70:c2:38:2d:98:b8:f0:6a:69:00:21:e2:fd:82:fb:
                    15:37:9c:3b:61:9d:79:07:bb:7e:ed:b3:d7:e3:40:
                    76:43:0f:de:97:2b:6c:5e:2c:ca:1a:53:8e:2d:b3:
                    c2:fb:a4:3f:73:fe:ce:4d:31:86:0e:e6:9b:f1:8d:
                    92:f9:8b:0d:01:0a:7a:ef:8b:b2:02:f3:dd:3b:3d:
                    b2:6a:58:18:f0:98:18:4d:11:92:e6:9e:7b:09:e5:
                    ef:44:a6:01:c0:4f:8a:72:4d:70:d6:34:7f:fb:85:
                    e0:13:ac:3c:e6:4e:0b:aa:f2:eb:f3:5c:7f:81:e2:
                    7f:6f:37:c4:0d:4d:43:a2:f8:87:f7:41:af:6e:c1:
                    09:41:44:ad:2b:7d:43:71:52:73:67:df:e5:09:a8:
                    30:93:9d:5b:8c:06:c4:22:78:bb:10:71:99:29:f0:
                    6e:09:92:2f:3a:dc:c0:b9:7c:e9:49:38:03:9e:ac:
                    13:6b:d7:e3:61:aa:dc:6c:68:e4:fd:b4:48:28:69:
                    b6:a7:41:b6:a8:5f:06:b7:2a:62:c6:3b:78:2a:93:
                    91:f4:15:89:5a:7b:00:e8:bc:cd:58:3e:fc:e8:2a:
                    f5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:9D:66:AC:6C:AA:F2:46:29:4B:76:41:0B:AB:7F:84:DF:22:F6:72
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AZ1mrGyq8kYpS3ZBC6t_hN8i9nI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:760::/44

    Signature Algorithm: sha256WithRSAEncryption
         41:4b:df:8f:91:be:c5:ad:34:5c:a5:26:f3:11:bf:74:dc:4a:
         d0:af:dd:b4:e0:0d:27:5e:c2:85:ba:80:a8:cc:1e:db:f8:38:
         e8:61:4a:51:fa:46:12:19:79:7a:3e:1a:3e:d7:a8:37:8b:70:
         9a:e9:2e:32:90:0e:31:1b:85:e4:73:e5:6e:72:cb:90:e2:ba:
         72:d4:be:89:0c:97:e9:90:9f:ff:4c:fd:99:87:ca:6e:99:ff:
         16:3e:5c:c1:c8:76:2a:1b:48:5e:9e:10:5b:f8:9e:19:aa:2f:
         15:57:08:3e:4f:e0:1e:c3:22:a6:22:03:86:59:73:99:2a:75:
         70:46:07:b3:92:8d:11:8a:da:9e:1f:20:6d:7f:87:c0:ca:09:
         40:b7:64:9f:13:cc:84:ca:ad:7b:81:54:1c:db:25:15:a8:a9:
         65:d5:0f:fb:21:c6:d6:3d:4e:58:8b:44:0f:de:6c:37:51:57:
         ee:a7:66:be:d7:a0:f5:3a:7c:b1:f0:71:46:1f:ea:6c:8a:59:
         37:c1:62:36:fb:22:0a:48:40:fd:e8:5f:17:3b:59:e1:d3:f9:
         08:cd:43:22:3a:72:51:b9:4b:d9:15:5c:a8:3f:a0:a1:f4:b5:
         28:6e:89:4e:f6:2e:7f:45:52:3e:7a:fb:3e:be:ad:73:29:99:
         99:dc:00:a6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEtOOlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMx
MDExMDk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE5ZDY2YWM2Y2Fh
ZjI0NjI5NGI3NjQxMGJhYjdmODRkZjIyZjY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnFl70yUm7VA6AT6YndnrjdbfjdD8OcakBzp2EncMI4LZi4
8GppACHi/YL7FTecO2GdeQe7fu2z1+NAdkMP3pcrbF4syhpTji2zwvukP3P+zk0x
hg7mm/GNkvmLDQEKeu+LsgLz3Ts9smpYGPCYGE0Rkuaeewnl70SmAcBPinJNcNY0
f/uF4BOsPOZOC6ry6/Ncf4Hif283xA1NQ6L4h/dBr27BCUFErSt9Q3FSc2ff5Qmo
MJOdW4wGxCJ4uxBxmSnwbgmSLzrcwLl86Uk4A56sE2vX42Gq3Gxo5P20SChptqdB
tqhfBrcqYsY7eCqTkfQViVp7AOi8zVg+/Ogq9TcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQBnWasbKryRilLdkELq3+E3yL2cjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0FaMW1yR3lxOGtZcFMzWkJDNnRfaE44aTluSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AHYDANBgkqhkiG9w0BAQsF
AAOCAQEAQUvfj5G+xa00XKUm8xG/dNxK0K/dtOANJ17ChbqAqMwe2/g46GFKUfpG
Ehl5ej4aPteoN4twmukuMpAOMRuF5HPlbnLLkOK6ctS+iQyX6ZCf/0z9mYfKbpn/
Fj5cwch2KhtIXp4QW/ieGaovFVcIPk/gHsMipiIDhllzmSp1cEYHs5KNEYranh8g
bX+HwMoJQLdknxPMhMqte4FUHNslFaipZdUP+yHG1j1OWItED95sN1FX7qdmvteg
9Tp8sfBxRh/qbIpZN8FiNvsiCkhA/ehfFztZ4dP5CM1DIjpyUblL2RVcqD+gofS1
KG6JTvYuf0VSPnr7Pr6tcymZmdwApg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org