Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNiFkicUrIdPEUufldUTp_4Z3T0.roa
File:                     HNiFkicUrIdPEUufldUTp_4Z3T0.roa (raw, json)
Hash identifier:          JiQ9YiSCIKCQAvmMzyqfsQ8B9J7K2Eivv1kXOb9iKlk=
Subject key identifier:   1C:D8:85:92:27:14:AC:87:4F:11:4B:9F:95:D5:13:A7:FE:19:DD:3D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0182EA36A7FCCF4329381AE7F6043AE2320C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNiFkicUrIdPEUufldUTp_4Z3T0.roa
Signing time:             Mon 29 Aug 2022 15:27:06 +0000
ROA not before:           Mon 29 Aug 2022 15:27:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a0e:b107:19a0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ea:36:a7:fc:cf:43:29:38:1a:e7:f6:04:3a:e2:32:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 29 15:27:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cd885922714ac874f114b9f95d513a7fe19dd3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:59:a5:5b:e0:4c:33:44:d3:bf:d0:a9:ea:ef:
                    fa:c1:73:25:ef:3a:86:cb:92:6b:0d:07:0c:d1:86:
                    ed:cc:b4:2a:8f:86:9c:f9:41:e4:c5:77:24:50:4b:
                    34:5c:ad:3f:9a:b0:e5:cb:e0:7f:08:98:54:3f:30:
                    23:c1:86:54:84:b9:45:c2:94:ab:b1:7b:a6:8f:bc:
                    f0:ad:b6:bb:bd:e7:ef:92:38:a0:21:b3:fc:b7:01:
                    6d:c4:83:18:62:94:f7:77:57:3a:7b:f5:1b:34:01:
                    2d:b3:3c:db:18:b3:ca:d1:da:05:a0:a8:d6:7c:e0:
                    c8:62:64:92:2d:c3:d9:74:5c:7f:51:03:a2:4b:c5:
                    8f:75:46:06:57:44:00:38:55:25:a9:0d:da:12:11:
                    35:02:8e:e5:da:cc:db:2c:da:81:c9:b7:3f:4e:68:
                    47:c0:0b:c7:cc:1d:b9:fa:45:2f:48:24:ea:44:00:
                    e8:d6:d9:1f:b0:de:f5:21:9a:a5:ae:2e:f1:0f:7c:
                    4d:f9:02:e5:b8:67:d1:d0:07:bd:4a:42:0f:d3:27:
                    19:6c:ee:9e:56:c5:67:68:22:92:57:86:22:85:e1:
                    7f:07:b5:ed:bf:bb:7a:e6:ee:64:69:1a:2f:2e:0d:
                    9a:46:82:b2:46:58:fd:73:ad:8c:77:56:22:4e:97:
                    19:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:D8:85:92:27:14:AC:87:4F:11:4B:9F:95:D5:13:A7:FE:19:DD:3D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNiFkicUrIdPEUufldUTp_4Z3T0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:6b:89:56:bc:04:92:4e:d2:9a:fb:6a:bc:14:a0:96:2f:bd:
         a0:38:f7:0c:52:c3:da:61:2a:ab:9c:ce:17:95:ab:e0:a3:a6:
         2e:f6:0f:28:1d:af:6f:cc:f3:41:42:1e:67:6a:59:42:19:0e:
         16:e0:b2:f8:e8:ef:97:29:04:2d:4a:67:c4:3a:06:9f:ac:f4:
         58:9b:0e:bd:1a:52:01:ca:64:54:6e:86:81:4d:d8:9f:f5:ae:
         f6:9b:ae:e8:91:98:c4:c5:45:fb:f1:5f:4f:b7:3b:9a:f0:39:
         32:20:08:3b:4d:4c:8e:70:1f:62:af:d1:4b:49:41:04:21:e6:
         ce:d6:9d:b3:2f:9c:37:14:be:0c:3f:a1:25:8f:cc:a7:0d:2e:
         f7:ed:ce:99:3d:5a:6c:be:eb:01:c6:b6:3d:d0:38:6d:21:8d:
         42:bd:3c:5f:70:9f:e5:65:d7:3b:01:ca:c7:6d:4e:5f:03:9b:
         60:3a:74:d8:b0:86:04:77:c0:36:66:99:f5:1d:f5:04:68:85:
         ac:7e:f2:95:7f:1e:20:98:2c:ae:07:32:1d:de:08:0d:5d:ff:
         7b:2e:67:d4:fe:64:aa:fd:55:73:25:70:2d:96:5a:ef:11:d1:
         e3:52:26:d5:7a:18:44:31:91:6a:17:ae:57:fa:f8:aa:41:90:
         b3:11:c9:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLqNqf8z0MpOBrn9gQ64jIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI5MTUyNzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q4ODU5MjI3MTRhYzg3NGYxMTRiOWY5NWQ1MTNhN2ZlMTlkZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVmlW+BMM0TTv9Cp6u/6wXMl7zqG
y5JrDQcM0YbtzLQqj4ac+UHkxXckUEs0XK0/mrDly+B/CJhUPzAjwYZUhLlFwpSr
sXumj7zwrba7vefvkjigIbP8twFtxIMYYpT3d1c6e/UbNAEtszzbGLPK0doFoKjW
fODIYmSSLcPZdFx/UQOiS8WPdUYGV0QAOFUlqQ3aEhE1Ao7l2szbLNqBybc/TmhH
wAvHzB25+kUvSCTqRADo1tkfsN71IZqlri7xD3xN+QLluGfR0Ae9SkIP0ycZbO6e
VsVnaCKSV4YiheF/B7Xtv7t65u5kaRovLg2aRoKyRlj9c62Md1YiTpcZkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBzYhZInFKyHTxFLn5XVE6f+Gd09MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSE5pRmtpY1VySWRQRVV1ZmxkVVRwXzRaM1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxmg
MA0GCSqGSIb3DQEBCwUAA4IBAQAda4lWvASSTtKa+2q8FKCWL72gOPcMUsPaYSqr
nM4Xlavgo6Yu9g8oHa9vzPNBQh5nallCGQ4W4LL46O+XKQQtSmfEOgafrPRYmw69
GlIBymRUboaBTdif9a72m67okZjExUX78V9Ptzua8DkyIAg7TUyOcB9ir9FLSUEE
IebO1p2zL5w3FL4MP6Elj8ynDS737c6ZPVpsvusBxrY90DhtIY1CvTxfcJ/lZdc7
AcrHbU5fA5tgOnTYsIYEd8A2Zpn1HfUEaIWsfvKVfx4gmCyuBzId3ggNXf97LmfU
/mSq/VVzJXAtllrvEdHjUibVehhEMZFqF65X+viqQZCzEcmp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:59 2024 by rpki-client on console-ams.rpki-client.org