Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M5wLlGBf0nVuILRWkLV6vpCY3gA.roa
File:                     M5wLlGBf0nVuILRWkLV6vpCY3gA.roa (raw, json)
Hash identifier:          foBMPBgk4IYdzpewm3unQhHjbZLPh38Bo5Pco2gEU10=
Subject key identifier:   33:9C:0B:94:60:5F:D2:75:6E:20:B4:56:90:B5:7A:BE:90:98:DE:00
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01832D8BDDCBF6874C56D49FC8D6AED44D3D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M5wLlGBf0nVuILRWkLV6vpCY3gA.roa
Signing time:             Sun 11 Sep 2022 17:14:44 +0000
ROA not before:           Sun 11 Sep 2022 17:14:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61218
IP address blocks:        2a0f:e400::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:2d:8b:dd:cb:f6:87:4c:56:d4:9f:c8:d6:ae:d4:4d:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Sep 11 17:14:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=339c0b94605fd2756e20b45690b57abe9098de00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:41:01:05:bb:74:7b:cb:66:be:9f:29:25:56:
                    0c:06:b6:cf:2a:9b:83:4c:d0:ae:82:0f:45:18:59:
                    24:77:d2:ad:82:f0:61:66:e3:43:c3:a6:8a:6b:26:
                    4b:b8:aa:bf:50:30:dd:f6:84:88:cf:3a:49:0f:3f:
                    62:e9:ae:7e:94:77:0f:5a:4c:d2:01:50:99:71:58:
                    b6:d5:78:6f:d4:a3:9b:a7:d5:e7:40:aa:2b:36:fb:
                    53:3d:03:ba:12:6c:43:85:fb:ed:2d:a2:24:ca:65:
                    96:8a:21:fb:f3:00:6c:95:07:f0:50:91:d8:04:5c:
                    4c:61:93:19:83:c7:38:2d:41:ee:c9:27:d0:78:ac:
                    88:36:be:71:28:84:b9:5b:f9:a7:b4:32:36:67:b3:
                    84:9c:ff:93:cc:e0:8a:89:7a:d7:01:14:92:52:34:
                    66:41:6c:25:93:40:88:67:14:07:a3:40:46:39:45:
                    86:be:49:10:34:06:8e:93:96:bd:05:1e:30:21:0e:
                    5d:b6:42:96:eb:70:5a:f7:bf:a1:2f:be:76:84:97:
                    28:d2:1f:41:13:bc:91:b2:36:d3:8a:ce:8b:57:fd:
                    72:00:89:f4:68:75:2f:00:51:ec:17:c4:23:c8:7a:
                    bf:62:d3:46:1a:26:3a:61:9b:df:1c:7f:b1:43:08:
                    28:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:9C:0B:94:60:5F:D2:75:6E:20:B4:56:90:B5:7A:BE:90:98:DE:00
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M5wLlGBf0nVuILRWkLV6vpCY3gA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:e400::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:51:3c:f1:d4:a5:03:42:f3:7c:d0:4a:cf:82:46:85:42:bd:
         6b:b3:9c:06:d8:ac:4f:04:d3:00:7c:cc:f5:86:ce:40:8c:55:
         0e:51:68:0a:1c:25:5b:d9:15:a9:07:b4:8a:79:bf:90:a6:ef:
         e0:5e:8c:c1:06:0e:08:f8:da:88:e8:42:93:b0:c9:a2:fe:fa:
         af:5a:5c:2a:78:66:7b:c7:de:bb:2f:5e:48:0b:2f:98:ad:64:
         8c:cc:90:87:df:93:aa:f9:a3:10:67:c2:f2:18:d1:89:d2:ff:
         b4:65:68:eb:93:7f:d6:ac:02:59:76:94:f2:27:cc:87:2a:49:
         9c:b9:41:fe:1f:f4:c7:4b:7c:0d:e8:27:87:fe:29:4b:58:1f:
         0e:da:10:ee:3d:d7:e9:6c:0e:15:16:e9:f1:95:bb:2d:4e:8d:
         4c:63:a3:70:c1:d7:e2:b0:6c:76:17:46:d4:9d:2e:91:b2:f8:
         4f:34:e6:d8:91:48:d8:c5:89:45:c4:b5:07:81:fc:b4:86:f6:
         e7:53:23:ed:08:12:c2:04:46:ba:e4:80:f9:c0:14:42:92:45:
         f7:5d:6b:5a:a6:d7:c2:66:3d:df:72:2e:4b:9c:b8:ee:c8:ca:
         ad:6b:54:81:1b:b1:57:66:e9:ee:b3:11:16:bf:cb:40:c1:c4:
         75:78:87:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMti93L9odMVtSfyNau1E09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTExMTcxNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzljMGI5NDYwNWZkMjc1NmUyMGI0NTY5MGI1N2FiZTkwOThkZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0EBBbt0e8tmvp8pJVYMBrbPKpuD
TNCugg9FGFkkd9KtgvBhZuNDw6aKayZLuKq/UDDd9oSIzzpJDz9i6a5+lHcPWkzS
AVCZcVi21Xhv1KObp9XnQKorNvtTPQO6EmxDhfvtLaIkymWWiiH78wBslQfwUJHY
BFxMYZMZg8c4LUHuySfQeKyINr5xKIS5W/mntDI2Z7OEnP+TzOCKiXrXARSSUjRm
QWwlk0CIZxQHo0BGOUWGvkkQNAaOk5a9BR4wIQ5dtkKW63Ba97+hL752hJco0h9B
E7yRsjbTis6LV/1yAIn0aHUvAFHsF8QjyHq/YtNGGiY6YZvfHH+xQwgoAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDOcC5RgX9J1biC0VpC1er6QmN4AMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTTV3TGxHQmYwblZ1SUxSV2tMVjZ2cENZM2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/kADAN
BgkqhkiG9w0BAQsFAAOCAQEAm1E88dSlA0LzfNBKz4JGhUK9a7OcBtisTwTTAHzM
9YbOQIxVDlFoChwlW9kVqQe0inm/kKbv4F6MwQYOCPjaiOhCk7DJov76r1pcKnhm
e8feuy9eSAsvmK1kjMyQh9+TqvmjEGfC8hjRidL/tGVo65N/1qwCWXaU8ifMhypJ
nLlB/h/0x0t8Degnh/4pS1gfDtoQ7j3X6WwOFRbp8ZW7LU6NTGOjcMHX4rBsdhdG
1J0ukbL4TzTm2JFI2MWJRcS1B4H8tIb251Mj7QgSwgRGuuSA+cAUQpJF911rWqbX
wmY933IuS5y47sjKrWtUgRuxV2bp7rMRFr/LQMHEdXiHSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:00 2024 by rpki-client on console-ams.rpki-client.org