Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DOEI1rcLGrYDwIvz7OcqxxFp3FE.roa
File:                     DOEI1rcLGrYDwIvz7OcqxxFp3FE.roa (raw, json)
Hash identifier:          jOJ6+2qtIgXWmRrBqlWd6LabVEUJkticmm9PIydJp0A=
Subject key identifier:   0C:E1:08:D6:B7:0B:1A:B6:03:C0:8B:F3:EC:E7:2A:C7:11:69:DC:51
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       113F72DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DOEI1rcLGrYDwIvz7OcqxxFp3FE.roa
Signing time:             Mon 10 Jan 2022 00:23:33 +0000
ROA not before:           Mon 10 Jan 2022 00:23:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142553
IP address blocks:        2a0e:b107:17f0::/44 maxlen: 48
                          2a0e:b107:1787::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 289370845 (0x113f72dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 10 00:23:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0ce108d6b70b1ab603c08bf3ece72ac71169dc51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:23:7a:26:e2:e6:69:c5:f5:28:05:e3:a6:00:
                    d1:7f:5e:4c:86:81:94:88:28:36:9c:ab:70:5f:23:
                    67:52:43:d1:b0:1e:31:8a:3e:cc:33:aa:3d:9a:24:
                    8b:cd:f7:75:55:aa:b4:4d:e3:af:af:45:31:eb:50:
                    93:cf:e6:7f:42:36:20:c0:25:d1:9c:27:9d:06:6b:
                    fb:c4:ec:4d:e8:7b:23:d8:c4:8f:23:3c:dd:fa:9f:
                    25:e1:51:6a:f5:56:c4:ca:78:90:c6:f0:7e:f8:6b:
                    35:b1:0b:ff:4b:94:9a:a5:23:61:26:81:07:b1:ab:
                    31:da:d2:2b:ab:b7:37:80:40:c3:28:d7:c4:6c:e7:
                    94:5d:c2:60:22:4a:56:bb:ec:53:b6:03:17:91:ff:
                    db:37:7f:d3:b5:d5:59:d8:70:c2:51:76:ec:0e:99:
                    c8:24:c5:3e:47:3b:f9:bf:a9:17:ba:50:53:d1:3e:
                    2c:fa:88:9c:42:e4:63:10:dd:d9:db:a4:89:c3:8b:
                    17:b1:d1:da:35:37:c3:ee:f1:2c:81:47:b1:0b:0a:
                    d0:22:78:59:70:40:e4:26:bd:72:f5:c0:1a:76:0c:
                    8a:dc:59:82:f8:be:51:22:fb:23:99:f4:a0:47:c9:
                    e2:c6:b8:c2:6c:03:66:4f:10:54:c4:b2:26:45:76:
                    58:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E1:08:D6:B7:0B:1A:B6:03:C0:8B:F3:EC:E7:2A:C7:11:69:DC:51
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DOEI1rcLGrYDwIvz7OcqxxFp3FE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1787::/48
                  2a0e:b107:17f0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8f:f9:c9:32:40:7d:21:53:f6:ca:0b:e7:bf:21:d2:38:aa:b8:
         b8:7d:0e:5f:5d:08:bb:be:2e:d4:47:7d:1c:54:13:77:01:e0:
         8c:7e:a5:66:6d:8e:ad:72:b1:c8:c6:aa:4c:b4:4c:39:0e:ba:
         34:34:16:8e:68:cc:50:bb:a6:e8:c3:07:ae:73:32:cd:04:e9:
         d5:8c:bd:74:1f:52:33:04:8a:ea:55:ae:a4:34:51:b5:77:38:
         e3:ed:eb:54:2d:df:0d:41:e6:f4:89:c0:23:c8:9a:4f:76:a0:
         13:c2:08:75:ca:46:d7:34:f7:f2:c2:f7:f4:26:13:58:02:0c:
         54:53:db:a1:5a:98:21:2d:1a:f9:13:05:3d:1d:1c:94:9a:19:
         df:cf:20:22:93:42:29:57:47:5f:17:7d:32:d3:b9:b6:72:a9:
         db:80:34:14:9f:fc:8e:98:38:72:84:37:87:dd:bb:bb:94:4d:
         95:55:2e:74:b3:7a:e9:5c:88:e2:a8:ea:0f:22:4a:20:71:f0:
         0f:ad:7a:0b:53:7f:fa:3f:14:09:e7:56:cc:a0:e5:75:7c:c0:
         03:88:df:db:71:8d:5c:5b:52:e5:cd:6f:8c:fa:61:12:b0:01:
         49:9c:81:ad:c6:0c:06:72:95:7c:6c:4f:d4:f8:05:ea:f6:01:
         64:ee:16:77
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEET9y3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEx
MDAwMjMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNlMTA4ZDZiNzBi
MWFiNjAzYzA4YmYzZWNlNzJhYzcxMTY5ZGM1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQjeibi5mnF9SgF46YA0X9eTIaBlIgoNpyrcF8jZ1JD0bAe
MYo+zDOqPZoki833dVWqtE3jr69FMetQk8/mf0I2IMAl0ZwnnQZr+8TsTeh7I9jE
jyM83fqfJeFRavVWxMp4kMbwfvhrNbEL/0uUmqUjYSaBB7GrMdrSK6u3N4BAwyjX
xGznlF3CYCJKVrvsU7YDF5H/2zd/07XVWdhwwlF27A6ZyCTFPkc7+b+pF7pQU9E+
LPqInELkYxDd2dukicOLF7HR2jU3w+7xLIFHsQsK0CJ4WXBA5Ca9cvXAGnYMitxZ
gvi+USL7I5n0oEfJ4sa4wmwDZk8QVMSyJkV2WBcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQM4QjWtwsatgPAi/Ps5yrHEWncUTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0RPRUkxcmNMR3JZRHdJdno3T2NxeHhGcDNGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOsQcXhwMHBCoOsQcX8DANBgkq
hkiG9w0BAQsFAAOCAQEAj/nJMkB9IVP2ygvnvyHSOKq4uH0OX10Iu74u1Ed9HFQT
dwHgjH6lZm2OrXKxyMaqTLRMOQ66NDQWjmjMULum6MMHrnMyzQTp1Yy9dB9SMwSK
6lWupDRRtXc44+3rVC3fDUHm9InAI8iaT3agE8IIdcpG1zT38sL39CYTWAIMVFPb
oVqYIS0a+RMFPR0clJoZ388gIpNCKVdHXxd9MtO5tnKp24A0FJ/8jpg4coQ3h927
u5RNlVUudLN66VyI4qjqDyJKIHHwD616C1N/+j8UCedWzKDldXzAA4jf23GNXFtS
5c1vjPphErABSZyBrcYMBnKVfGxP1PgF6vYBZO4Wdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:57 2024 by rpki-client on console-ams.rpki-client.org