Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CPLu-zRt2wdkuxQiRro8YZNxn4w.roa
File:                     CPLu-zRt2wdkuxQiRro8YZNxn4w.roa (raw, json)
Hash identifier:          CkF97Xet6rryQDJ05L4PLWdrsZruLmFtCTLfrVy1LoU=
Subject key identifier:   08:F2:EE:FB:34:6D:DB:07:64:BB:14:22:46:BA:3C:61:93:71:9F:8C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       13D88485
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CPLu-zRt2wdkuxQiRro8YZNxn4w.roa
Signing time:             Wed 20 Apr 2022 14:17:08 +0000
ROA not before:           Wed 20 Apr 2022 14:17:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206233
IP address blocks:        2a0e:b107:19c2::/48 maxlen: 48
                          2a10:2f00:183::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 332956805 (0x13d88485)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 20 14:17:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08f2eefb346ddb0764bb142246ba3c6193719f8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6e:3b:03:61:d3:fa:66:ba:3d:6d:8c:32:dc:
                    5f:93:7c:80:9d:65:31:84:8e:68:d9:d2:8b:d1:8e:
                    37:56:62:1e:ac:91:23:77:6b:44:1a:9e:03:1b:ba:
                    44:89:fc:36:74:77:a2:9f:a3:d8:a6:e0:21:b7:62:
                    26:88:bd:b7:96:25:50:dd:9b:33:f7:68:df:fa:2b:
                    48:5c:fd:43:da:c1:54:37:14:bc:f0:7d:1c:5d:0a:
                    40:3b:4b:07:fc:d2:85:f6:57:29:9d:10:e6:6a:1c:
                    2a:58:c6:f3:09:82:c7:8a:65:2f:4f:c7:dd:51:04:
                    f7:0a:aa:aa:89:59:c8:aa:c4:6f:c4:d8:3e:46:3d:
                    c3:61:af:fb:a6:a4:b9:80:57:e3:12:43:61:96:b3:
                    33:3b:6a:bb:d9:ab:a9:55:8f:5b:a1:ef:69:c7:ca:
                    dd:25:52:88:4b:df:74:d7:52:9f:9e:98:80:de:80:
                    48:1a:55:28:58:73:f2:47:2d:dd:af:1b:3f:11:69:
                    dd:e3:3a:d2:13:8e:40:a7:39:db:a2:e3:51:4c:7b:
                    06:ee:78:6a:0a:68:6e:6b:93:a8:31:b4:5a:b1:ac:
                    74:44:81:90:63:2b:1c:0a:8c:ce:e1:84:6d:ae:8b:
                    30:79:4d:82:6c:70:12:3f:ee:ce:39:79:c0:36:a5:
                    06:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:F2:EE:FB:34:6D:DB:07:64:BB:14:22:46:BA:3C:61:93:71:9F:8C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CPLu-zRt2wdkuxQiRro8YZNxn4w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19c2::/48
                  2a10:2f00:183::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:aa:96:3e:cd:cb:03:b0:86:c7:d0:43:7f:e0:f9:93:51:f4:
         10:bd:3d:50:8a:e8:15:2b:81:98:b4:01:fa:0b:7e:59:f6:11:
         37:39:50:d2:66:d5:de:49:b5:2d:9b:32:eb:04:57:56:dc:b3:
         56:f0:2c:26:88:26:0c:d8:fe:a2:58:0a:be:99:6c:aa:f9:ff:
         23:f2:e6:f2:d1:89:af:4a:82:7c:a5:4e:d3:b9:eb:47:23:5a:
         d1:be:77:0c:41:af:6e:63:69:eb:1c:c1:e5:7c:68:be:f9:08:
         fc:f4:20:a1:cd:5e:b9:96:a4:fe:0c:06:de:da:70:f4:3c:dc:
         7d:6c:a3:e9:41:74:7d:40:64:97:90:69:ab:57:48:c4:1c:5b:
         01:c9:fe:28:90:7e:88:28:59:7e:d6:ea:d4:cd:f2:c5:26:7d:
         e5:34:9d:b0:0a:33:4a:22:d6:83:76:10:54:e5:79:cd:96:97:
         9d:55:3c:f8:9f:76:34:0e:d2:0e:0a:bc:95:3a:63:b0:54:2a:
         70:00:a9:b8:49:55:31:cd:a7:c4:60:4c:dc:00:ff:58:26:df:
         a9:ce:e7:cb:ea:e3:20:81:ef:a4:86:ee:59:fa:fc:d4:2c:3e:
         b8:be:53:51:6d:bd:ff:76:5f:1c:16:61:e6:b6:9f:1d:43:5a:
         93:8f:0f:72
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEE9iEhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQy
MDE0MTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhmMmVlZmIzNDZk
ZGIwNzY0YmIxNDIyNDZiYTNjNjE5MzcxOWY4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1uOwNh0/pmuj1tjDLcX5N8gJ1lMYSOaNnSi9GON1ZiHqyR
I3drRBqeAxu6RIn8NnR3op+j2KbgIbdiJoi9t5YlUN2bM/do3/orSFz9Q9rBVDcU
vPB9HF0KQDtLB/zShfZXKZ0Q5mocKljG8wmCx4plL0/H3VEE9wqqqolZyKrEb8TY
PkY9w2Gv+6akuYBX4xJDYZazMztqu9mrqVWPW6HvacfK3SVSiEvfdNdSn56YgN6A
SBpVKFhz8kct3a8bPxFp3eM60hOOQKc526LjUUx7Bu54agpobmuTqDG0WrGsdESB
kGMrHAqMzuGEba6LMHlNgmxwEj/uzjl5wDalBjECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQI8u77NG3bB2S7FCJGujxhk3GfjDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0NQTHUtelJ0Mndka3V4UWlScm84WVpOeG40dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOsQcZwgMHACoQLwABgzANBgkq
hkiG9w0BAQsFAAOCAQEAFaqWPs3LA7CGx9BDf+D5k1H0EL09UIroFSuBmLQB+gt+
WfYRNzlQ0mbV3km1LZsy6wRXVtyzVvAsJogmDNj+olgKvplsqvn/I/Lm8tGJr0qC
fKVO07nrRyNa0b53DEGvbmNp6xzB5XxovvkI/PQgoc1euZak/gwG3tpw9DzcfWyj
6UF0fUBkl5Bpq1dIxBxbAcn+KJB+iChZftbq1M3yxSZ95TSdsAozSiLWg3YQVOV5
zZaXnVU8+J92NA7SDgq8lTpjsFQqcACpuElVMc2nxGBM3AD/WCbfqc7ny+rjIIHv
pIbuWfr81Cw+uL5TUW29/3ZfHBZh5rafHUNak48Pcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org