Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EtXkVB6A58W4ZgkUI5ERPUQaeqw.roa
File:                     EtXkVB6A58W4ZgkUI5ERPUQaeqw.roa (raw, json)
Hash identifier:          RZkL5CFeuWJyJqirC3ixMnRXC+9alzZDWG+LjBBb3pE=
Subject key identifier:   12:D5:E4:54:1E:80:E7:C5:B8:66:09:14:23:91:11:3D:44:1A:7A:AC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       11F2B358
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EtXkVB6A58W4ZgkUI5ERPUQaeqw.roa
Signing time:             Fri 11 Feb 2022 12:53:25 +0000
ROA not before:           Fri 11 Feb 2022 12:53:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211139
IP address blocks:        2a0e:b107:1910::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 301118296 (0x11f2b358)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 11 12:53:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=12d5e4541e80e7c5b86609142391113d441a7aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:eb:bc:52:c6:9e:70:6c:c8:48:3e:0d:3a:26:
                    b4:89:83:5d:6a:43:78:eb:8f:93:3e:77:3e:ab:d8:
                    ad:af:7b:c1:e9:37:80:05:a8:83:b5:13:89:d7:45:
                    b3:1f:2d:ef:39:b4:a4:d2:b6:da:3d:14:02:31:3e:
                    ae:83:9f:25:56:d4:3b:fc:d2:93:26:f4:12:e9:05:
                    96:9a:37:a9:ea:39:bd:ae:f4:4c:b6:13:cc:b7:b7:
                    ed:2a:c4:39:d4:ff:65:92:b2:a8:2f:b9:15:50:fc:
                    52:e8:93:11:d5:98:98:df:7e:82:c9:46:3c:47:bd:
                    a8:3e:3b:1c:2e:c8:11:4d:c4:d4:8c:d6:86:cb:6b:
                    dc:05:a2:18:d6:fe:eb:89:1b:c4:0b:25:91:5d:ac:
                    04:b9:23:d5:c4:2c:ee:ca:a9:12:a8:ee:ca:52:94:
                    a4:5c:17:b6:ad:60:56:97:03:b5:0b:5a:b4:79:78:
                    31:97:c2:36:dd:19:49:d0:2d:1d:e9:96:fe:32:47:
                    f4:91:20:f0:73:72:1c:f1:cb:6a:a9:2a:5a:45:ab:
                    6d:1f:91:b3:6e:a2:51:bb:72:2a:0d:74:c1:41:3c:
                    09:8c:3e:8e:d4:f9:74:4d:a7:db:cf:b5:89:f8:78:
                    1f:ea:8c:a1:48:92:8d:60:4f:98:51:8f:a1:82:82:
                    6e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:D5:E4:54:1E:80:E7:C5:B8:66:09:14:23:91:11:3D:44:1A:7A:AC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EtXkVB6A58W4ZgkUI5ERPUQaeqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1910::/44

    Signature Algorithm: sha256WithRSAEncryption
         8b:db:27:42:0d:7f:f9:5b:d4:56:74:b2:00:fc:5a:81:91:ca:
         8c:1a:8a:2a:24:a4:ee:a7:81:25:7c:6d:df:c6:94:38:5a:1a:
         a3:66:83:08:84:09:ed:2e:31:2a:58:a3:f5:aa:eb:17:1c:33:
         8b:8c:6d:84:30:a6:74:07:b9:f6:1c:6f:66:3e:94:a9:03:f6:
         af:1b:6e:c6:7d:9e:40:99:8e:19:58:8d:48:2e:90:7f:59:a9:
         78:91:40:26:9f:33:5a:d6:4c:e8:4c:91:57:cc:68:9c:bd:51:
         83:00:88:b5:ad:14:2a:7f:a7:44:e3:3c:5e:d7:40:34:e0:2f:
         b7:ec:b1:a7:e9:e9:a2:93:8a:cc:9b:3f:0d:33:87:44:e4:c5:
         60:2a:96:58:08:0d:5c:76:9b:7b:f2:10:02:87:9e:6c:1b:7a:
         1e:ba:e5:2f:dc:ff:33:44:15:d8:d0:82:43:d3:b8:06:51:7b:
         33:2e:b0:71:bf:12:e9:82:f4:25:01:57:4d:d4:01:a9:cf:1d:
         48:61:a3:08:dd:ad:3e:2f:10:f6:4c:5a:7c:94:52:4b:af:6c:
         8b:01:fb:ca:81:2d:14:3e:a5:13:56:a0:3a:f5:6f:ad:b0:34:
         30:26:9f:4b:12:5e:5b:49:d5:91:4f:cf:a4:9c:ef:07:5a:75:
         ed:64:49:f2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEfKzWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MTEyNTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJkNWU0NTQxZTgw
ZTdjNWI4NjYwOTE0MjM5MTExM2Q0NDFhN2FhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO3rvFLGnnBsyEg+DTomtImDXWpDeOuPkz53PqvYra97wek3
gAWog7UTiddFsx8t7zm0pNK22j0UAjE+roOfJVbUO/zSkyb0EukFlpo3qeo5va70
TLYTzLe37SrEOdT/ZZKyqC+5FVD8UuiTEdWYmN9+gslGPEe9qD47HC7IEU3E1IzW
hstr3AWiGNb+64kbxAslkV2sBLkj1cQs7sqpEqjuylKUpFwXtq1gVpcDtQtatHl4
MZfCNt0ZSdAtHemW/jJH9JEg8HNyHPHLaqkqWkWrbR+Rs26iUbtyKg10wUE8CYw+
jtT5dE2n28+1ifh4H+qMoUiSjWBPmFGPoYKCbtkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQS1eRUHoDnxbhmCRQjkRE9RBp6rDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0V0WGtWQjZBNThXNFpna1VJNUVSUFVRYWVxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcZEDANBgkqhkiG9w0BAQsF
AAOCAQEAi9snQg1/+VvUVnSyAPxagZHKjBqKKiSk7qeBJXxt38aUOFoao2aDCIQJ
7S4xKlij9arrFxwzi4xthDCmdAe59hxvZj6UqQP2rxtuxn2eQJmOGViNSC6Qf1mp
eJFAJp8zWtZM6EyRV8xonL1RgwCIta0UKn+nROM8XtdANOAvt+yxp+npopOKzJs/
DTOHROTFYCqWWAgNXHabe/IQAoeebBt6HrrlL9z/M0QV2NCCQ9O4BlF7My6wcb8S
6YL0JQFXTdQBqc8dSGGjCN2tPi8Q9kxafJRSS69siwH7yoEtFD6lE1agOvVvrbA0
MCafSxJeW0nVkU/PpJzvB1p17WRJ8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:58 2024 by rpki-client on console-ams.rpki-client.org