Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OU0-Lx8-EkA4Tk4TtmJdAgOtQfY.roa
File:                     OU0-Lx8-EkA4Tk4TtmJdAgOtQfY.roa (raw, json)
Hash identifier:          AAm0tT2WwqlSATKPRfdm6i3dT5WbBIojacAdtV42wMk=
Subject key identifier:   39:4D:3E:2F:1F:3E:12:40:38:4E:4E:13:B6:62:5D:02:03:AD:41:F6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1362A9C3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OU0-Lx8-EkA4Tk4TtmJdAgOtQfY.roa
Signing time:             Fri 01 Apr 2022 23:07:48 +0000
ROA not before:           Fri 01 Apr 2022 23:07:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206569
IP address blocks:        2a0e:b107:19b0::/48 maxlen: 48
                          2a0e:b107:19b1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 325233091 (0x1362a9c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr  1 23:07:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=394d3e2f1f3e1240384e4e13b6625d0203ad41f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0d:41:00:76:e5:dd:5b:24:72:33:e9:df:2a:
                    2c:52:60:9c:b7:38:cd:5a:82:b0:f1:93:84:79:72:
                    98:f7:8a:3c:f4:fe:c2:56:10:05:43:7a:21:84:09:
                    32:a2:82:b9:48:9f:95:49:1b:ab:57:02:a8:91:da:
                    92:6f:5d:be:09:bf:9c:5b:ac:da:83:72:be:e0:ba:
                    ee:ed:c4:58:a9:50:2b:27:eb:82:a2:f2:3f:0c:78:
                    aa:8b:29:36:f4:b9:1f:ac:2f:32:fd:b8:a8:79:0f:
                    b4:62:6c:b4:60:f3:7e:a4:7a:b5:8c:6c:04:ac:6c:
                    e8:ba:dd:80:4e:4f:25:4b:3d:32:29:aa:ae:79:08:
                    64:ea:fd:9a:1d:b1:38:f9:af:b1:e3:e8:3d:4e:38:
                    fc:8d:37:32:21:b5:ab:e1:7b:20:1d:61:79:f7:9b:
                    64:88:84:45:23:a6:d8:c1:d8:c7:da:c8:b6:3f:26:
                    4d:cb:33:f3:1c:be:98:e3:93:06:67:2c:c7:03:3a:
                    46:1c:7a:16:be:6e:ac:7c:bb:5e:f1:9d:58:ed:6a:
                    06:2f:ae:a2:e6:b5:13:7b:00:0a:93:6e:18:a7:c0:
                    3c:cc:6d:60:24:fa:c4:1c:60:b8:88:37:b6:d6:c6:
                    b8:23:2d:d4:8d:03:70:dd:c6:ca:59:f0:ae:c5:83:
                    42:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:4D:3E:2F:1F:3E:12:40:38:4E:4E:13:B6:62:5D:02:03:AD:41:F6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OU0-Lx8-EkA4Tk4TtmJdAgOtQfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19b0::/47

    Signature Algorithm: sha256WithRSAEncryption
         9a:4f:cc:ea:cd:ba:45:1a:70:90:39:01:e9:26:86:e1:9a:d7:
         ac:09:e9:89:93:17:38:84:b5:0b:ee:af:ad:3f:2b:db:ac:ba:
         81:29:4f:6f:cb:41:c9:0b:5a:6f:d7:85:f8:f7:40:dd:92:fa:
         85:d9:ea:4a:7a:93:3f:e9:aa:36:ef:82:d1:e2:1c:d1:9b:9e:
         32:d6:86:1f:06:02:b5:1a:95:83:f1:cc:1a:0b:b4:cd:6e:77:
         0d:66:1e:3a:5a:01:45:c9:c1:c7:fd:15:60:f7:db:3c:2e:f3:
         0f:06:cf:b8:f9:f4:02:dd:41:fe:e3:7e:d0:23:7f:92:3c:58:
         95:30:86:59:f6:83:c3:8b:17:1e:46:43:20:8a:6d:1c:63:2e:
         a6:9e:af:d5:03:2c:46:65:13:57:2b:16:ae:d5:19:57:d3:e0:
         2a:32:cd:5a:ce:5c:bc:47:df:0d:b6:25:65:6c:8e:f3:36:0f:
         2e:8c:c7:f8:c8:0d:bb:39:97:8c:92:45:8d:3a:a7:5f:4f:30:
         b4:5e:04:45:15:6c:84:3f:a8:bf:a3:d4:61:8d:db:ef:ff:e4:
         8a:0e:5a:97:57:50:bd:b3:8a:f4:22:a5:6c:64:56:05:e3:3a:
         dc:9b:f3:5d:ab:3a:43:32:10:27:4a:77:dd:27:fd:5a:78:4a:
         59:0e:5c:1f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE2KpwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
MTIzMDc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk0ZDNlMmYxZjNl
MTI0MDM4NGU0ZTEzYjY2MjVkMDIwM2FkNDFmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMANQQB25d1bJHIz6d8qLFJgnLc4zVqCsPGThHlymPeKPPT+
wlYQBUN6IYQJMqKCuUiflUkbq1cCqJHakm9dvgm/nFus2oNyvuC67u3EWKlQKyfr
gqLyPwx4qospNvS5H6wvMv24qHkPtGJstGDzfqR6tYxsBKxs6LrdgE5PJUs9Mimq
rnkIZOr9mh2xOPmvsePoPU44/I03MiG1q+F7IB1hefebZIiERSOm2MHYx9rItj8m
Tcsz8xy+mOOTBmcsxwM6Rhx6Fr5urHy7XvGdWO1qBi+uoua1E3sACpNuGKfAPMxt
YCT6xBxguIg3ttbGuCMt1I0DcN3GylnwrsWDQqsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ5TT4vHz4SQDhOThO2Yl0CA61B9jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L09VMC1MeDgtRWtBNFRrNFR0bUpkQWdPdFFmWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoOsQcZsDANBgkqhkiG9w0BAQsF
AAOCAQEAmk/M6s26RRpwkDkB6SaG4ZrXrAnpiZMXOIS1C+6vrT8r26y6gSlPb8tB
yQtab9eF+PdA3ZL6hdnqSnqTP+mqNu+C0eIc0ZueMtaGHwYCtRqVg/HMGgu0zW53
DWYeOloBRcnBx/0VYPfbPC7zDwbPuPn0At1B/uN+0CN/kjxYlTCGWfaDw4sXHkZD
IIptHGMupp6v1QMsRmUTVysWrtUZV9PgKjLNWs5cvEffDbYlZWyO8zYPLozH+MgN
uzmXjJJFjTqnX08wtF4ERRVshD+ov6PUYY3b7//kig5al1dQvbOK9CKlbGRWBeM6
3JvzXas6QzIQJ0p33Sf9WnhKWQ5cHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org