Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FVi2kDluRZbjLaHnS_jHlKhpboE.roa
File:                     FVi2kDluRZbjLaHnS_jHlKhpboE.roa (raw, json)
Hash identifier:          WfedL5L0WwXyKfhEtbefNRXQ9sWvlUGkgUmlmYGY0qY=
Subject key identifier:   15:58:B6:90:39:6E:45:96:E3:2D:A1:E7:4B:F8:C7:94:A8:69:6E:81
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1071C8AC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FVi2kDluRZbjLaHnS_jHlKhpboE.roa
Signing time:             Sat 01 Jan 2022 09:04:39 +0000
ROA not before:           Sat 01 Jan 2022 09:04:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     38281
IP address blocks:        2a10:cc44:100::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 275892396 (0x1071c8ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1558b690396e4596e32da1e74bf8c794a8696e81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d5:42:2f:15:98:19:87:3a:4a:84:7b:89:16:
                    a4:13:a1:76:b7:5a:af:38:8f:e5:80:1f:6b:72:72:
                    cc:2b:c9:c5:fe:ac:9f:c3:ac:05:ee:95:24:2a:bb:
                    2d:4b:af:9f:6a:40:55:25:cb:69:f0:02:7d:f2:c7:
                    b8:53:f2:37:2a:2f:31:ec:d0:19:ba:3f:cc:3c:33:
                    9a:e2:e2:26:a1:da:64:3a:81:5c:db:dc:35:38:42:
                    1e:dc:62:aa:9e:bf:a0:56:8d:ab:48:dc:f3:81:7e:
                    af:ee:da:96:1a:a3:80:b8:52:d2:db:b0:ce:16:22:
                    65:02:d2:e2:49:70:ab:26:73:39:d2:a1:17:15:16:
                    d9:5f:ad:2b:1d:c8:24:8d:76:f2:78:7b:98:cc:14:
                    be:1a:74:e1:c2:f1:8a:ca:b4:f9:33:82:56:30:9e:
                    5f:f0:a7:60:1b:c4:3b:1b:9d:44:1d:62:79:21:cf:
                    f2:42:28:66:24:d7:a2:5f:57:e2:cb:f2:bb:af:74:
                    97:ab:bb:c0:30:3c:c8:b3:18:5b:c8:97:72:d6:11:
                    22:cc:21:8f:73:8b:a9:48:97:d9:86:73:79:e6:e6:
                    96:bc:d5:0e:23:25:21:ca:75:0c:04:d8:8c:83:4b:
                    e9:76:f6:c4:f5:8f:3b:b7:37:09:1a:b0:e4:f4:1d:
                    7e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:58:B6:90:39:6E:45:96:E3:2D:A1:E7:4B:F8:C7:94:A8:69:6E:81
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FVi2kDluRZbjLaHnS_jHlKhpboE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc44:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         be:2f:31:95:3c:4f:9d:a7:4a:72:21:b7:57:8f:15:bd:4f:86:
         63:8b:9c:cb:1f:86:de:ff:d4:a0:82:ac:6c:3f:ec:a3:82:4a:
         2e:95:18:5f:26:9a:9a:83:7c:84:21:70:98:f7:cd:99:e9:4e:
         36:fe:c8:da:ee:7f:55:81:b4:1a:e3:18:5b:a1:e1:ee:6f:34:
         e5:85:79:15:73:55:2f:70:d7:1a:8e:58:3a:9d:06:53:2c:b1:
         95:43:b8:57:b9:f3:1c:86:5e:cb:12:eb:c0:c8:f4:f1:9a:e4:
         ea:1e:16:7a:7a:6c:83:b0:8b:72:d4:70:aa:29:74:41:60:dd:
         c0:db:25:ca:ef:ee:a0:3a:32:bb:d8:66:a0:d0:4c:3e:e2:5b:
         df:83:ab:ce:7c:8e:8c:56:8c:cb:91:16:3f:5d:b1:d5:36:f7:
         d4:13:34:8f:e7:9f:66:12:87:8d:52:7c:f6:6c:db:c2:35:19:
         32:a3:81:aa:e0:64:95:a5:92:19:12:8b:37:2e:e6:5c:7d:c7:
         44:25:93:a5:11:46:f9:10:f6:a0:b2:59:75:00:4f:86:ad:7b:
         75:32:57:cc:37:f2:e8:bf:d4:2e:39:5a:24:93:af:67:c3:1b:
         39:35:76:15:29:12:31:d5:7b:13:10:c7:0e:ab:be:87:57:14:
         2e:ee:ea:97
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEHHIrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU1OGI2OTAzOTZl
NDU5NmUzMmRhMWU3NGJmOGM3OTRhODY5NmU4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3VQi8VmBmHOkqEe4kWpBOhdrdarziP5YAfa3JyzCvJxf6s
n8OsBe6VJCq7LUuvn2pAVSXLafACffLHuFPyNyovMezQGbo/zDwzmuLiJqHaZDqB
XNvcNThCHtxiqp6/oFaNq0jc84F+r+7alhqjgLhS0tuwzhYiZQLS4klwqyZzOdKh
FxUW2V+tKx3IJI128nh7mMwUvhp04cLxisq0+TOCVjCeX/CnYBvEOxudRB1ieSHP
8kIoZiTXol9X4svyu690l6u7wDA8yLMYW8iXctYRIswhj3OLqUiX2YZzeebmlrzV
DiMlIcp1DATYjINL6Xb2xPWPO7c3CRqw5PQdft8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQVWLaQOW5FluMtoedL+MeUqGlugTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0ZWaTJrRGx1UlpiakxhSG5TX2pIbEtocGJvRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQzEQBADANBgkqhkiG9w0BAQsF
AAOCAQEAvi8xlTxPnadKciG3V48VvU+GY4ucyx+G3v/UoIKsbD/so4JKLpUYXyaa
moN8hCFwmPfNmelONv7I2u5/VYG0GuMYW6Hh7m805YV5FXNVL3DXGo5YOp0GUyyx
lUO4V7nzHIZeyxLrwMj08Zrk6h4Wenpsg7CLctRwqil0QWDdwNslyu/uoDoyu9hm
oNBMPuJb34OrznyOjFaMy5EWP12x1Tb31BM0j+efZhKHjVJ89mzbwjUZMqOBquBk
laWSGRKLNy7mXH3HRCWTpRFG+RD2oLJZdQBPhq17dTJXzDfy6L/ULjlaJJOvZ8Mb
OTV2FSkSMdV7ExDHDqu+h1cULu7qlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org