Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2DwDJWcNSz_RFpfkjueREMe7Bk.roa
File:                     I2DwDJWcNSz_RFpfkjueREMe7Bk.roa (raw, json)
Hash identifier:          WxbfBKRw9xJQzH1yq9pFp2KpcRd5HPB7XJkTGIxG24U=
Subject key identifier:   23:60:F0:0C:95:9C:35:2C:FF:44:5A:5F:92:3B:9E:44:43:1E:EC:19
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       112C93FA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2DwDJWcNSz_RFpfkjueREMe7Bk.roa
Signing time:             Fri 07 Jan 2022 15:43:58 +0000
ROA not before:           Fri 07 Jan 2022 15:43:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207852
IP address blocks:        2a0e:b107:270::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 288134138 (0x112c93fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  7 15:43:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2360f00c959c352cff445a5f923b9e44431eec19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:89:07:ef:1d:0d:79:4c:90:0e:b1:8d:aa:16:
                    a4:a4:36:7a:fb:2a:f1:d6:25:86:23:5e:bb:01:1c:
                    4a:20:7b:32:23:db:00:05:52:83:4c:2a:59:e3:96:
                    4d:eb:f8:29:d0:e8:b7:33:61:59:c8:cf:6f:06:2a:
                    ea:98:65:50:0c:6d:a1:a4:90:fa:ca:01:d2:42:3b:
                    92:ce:bd:82:45:82:f4:19:18:13:35:99:87:e6:38:
                    eb:32:05:37:9d:bb:ad:61:9c:f9:35:85:2e:50:a8:
                    66:83:22:30:63:7d:63:e4:02:97:38:f2:f2:94:a2:
                    5b:20:2f:b9:9e:40:d9:3e:f8:d9:be:6d:bf:3c:06:
                    d2:57:9f:24:63:9b:4b:24:f1:a0:ac:0a:55:8b:34:
                    3b:a0:dd:42:fc:a6:7a:d1:7d:f4:63:90:38:f3:bb:
                    8b:c5:51:92:99:d5:41:95:f6:98:e3:bd:52:1a:75:
                    13:11:9e:06:22:a6:35:89:04:19:d5:24:f2:b8:a1:
                    95:94:8a:dd:9f:52:a7:e9:e6:bf:98:0b:a4:6f:f4:
                    19:ce:09:c6:ca:0f:39:71:2c:0a:db:1b:cf:4d:97:
                    22:a2:cb:8b:36:09:59:e9:6a:c3:ce:f9:4c:36:41:
                    65:72:d2:18:be:1c:82:d0:ef:12:e7:c1:ed:7e:a4:
                    69:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:60:F0:0C:95:9C:35:2C:FF:44:5A:5F:92:3B:9E:44:43:1E:EC:19
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2DwDJWcNSz_RFpfkjueREMe7Bk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:270::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:6e:0c:c4:68:d0:24:3f:10:93:b6:ee:67:37:33:4c:df:13:
         b2:e1:48:3a:73:9c:41:1f:96:06:81:9b:01:f9:db:a1:27:81:
         f2:0e:6c:2c:e3:c2:ac:dd:bf:11:91:96:be:d7:a1:77:30:dd:
         ef:6c:52:9e:3c:34:d8:8d:4c:11:75:e9:0e:83:b7:d6:37:df:
         6a:e4:94:1f:10:04:14:a5:81:fa:9e:2a:4e:c0:2e:ce:e9:f8:
         42:b2:31:d9:b2:fb:b8:06:44:0f:fa:a5:65:5d:57:ef:28:32:
         fc:cd:f5:36:62:17:51:73:cc:e0:41:ce:4f:ba:6d:e9:a9:28:
         06:2e:1e:4f:f0:1d:43:d8:cc:ef:88:23:cf:54:78:13:e7:08:
         9b:7a:c0:31:15:62:50:fb:55:c1:e2:0f:3e:0b:b0:6b:86:a8:
         38:56:19:27:eb:8e:c8:e8:e5:e1:99:26:c7:a2:2a:5a:3d:13:
         f4:40:53:45:fb:b0:55:5e:31:e7:34:45:3a:d2:89:19:f1:e6:
         9c:5b:18:1c:aa:24:b3:3a:2d:ab:4f:36:b6:2b:45:f0:ca:30:
         6d:e0:59:b0:cb:0c:d0:9a:45:f7:c8:ef:52:da:94:94:8d:10:
         87:46:69:86:c5:5e:dc:03:84:fc:c4:6e:ef:ad:64:76:0a:a6:
         fc:8c:36:3f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEESyT+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
NzE1NDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM2MGYwMGM5NTlj
MzUyY2ZmNDQ1YTVmOTIzYjllNDQ0MzFlZWMxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCJB+8dDXlMkA6xjaoWpKQ2evsq8dYlhiNeuwEcSiB7MiPb
AAVSg0wqWeOWTev4KdDotzNhWcjPbwYq6phlUAxtoaSQ+soB0kI7ks69gkWC9BkY
EzWZh+Y46zIFN527rWGc+TWFLlCoZoMiMGN9Y+QClzjy8pSiWyAvuZ5A2T742b5t
vzwG0lefJGObSyTxoKwKVYs0O6DdQvymetF99GOQOPO7i8VRkpnVQZX2mOO9Uhp1
ExGeBiKmNYkEGdUk8rihlZSK3Z9Sp+nmv5gLpG/0Gc4JxsoPOXEsCtsbz02XIqLL
izYJWelqw875TDZBZXLSGL4cgtDvEufB7X6kaQsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQjYPAMlZw1LP9EWl+SO55EQx7sGTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0kyRHdESldjTlN6X1JGcGZranVlUkVNZTdCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOsQcCcDANBgkqhkiG9w0BAQsF
AAOCAQEAjW4MxGjQJD8Qk7buZzczTN8TsuFIOnOcQR+WBoGbAfnboSeB8g5sLOPC
rN2/EZGWvtehdzDd72xSnjw02I1MEXXpDoO31jffauSUHxAEFKWB+p4qTsAuzun4
QrIx2bL7uAZED/qlZV1X7ygy/M31NmIXUXPM4EHOT7pt6akoBi4eT/AdQ9jM74gj
z1R4E+cIm3rAMRViUPtVweIPPguwa4aoOFYZJ+uOyOjl4Zkmx6IqWj0T9EBTRfuw
VV4x5zRFOtKJGfHmnFsYHKokszotq082titF8MowbeBZsMsM0JpF98jvUtqUlI0Q
h0ZphsVe3AOE/MRu761kdgqm/Iw2Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:59 2024 by rpki-client on console-ams.rpki-client.org