Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RkIO41MEoNSCNRoq9fprIRlhacM.roa
File:                     RkIO41MEoNSCNRoq9fprIRlhacM.roa (raw, json)
Hash identifier:          8Px4ROv/VyKR2HbDiDiaeoei0CPq6ZwZmTbz9TH/soc=
Subject key identifier:   46:42:0E:E3:53:04:A0:D4:82:35:1A:2A:F5:FA:6B:21:19:61:69:C3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10992A92
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RkIO41MEoNSCNRoq9fprIRlhacM.roa
Signing time:             Sat 01 Jan 2022 09:05:06 +0000
ROA not before:           Sat 01 Jan 2022 09:05:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207632
IP address blocks:        2a0e:b107:ae0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 278473362 (0x10992a92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46420ee35304a0d482351a2af5fa6b21196169c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:63:06:4f:3b:ea:84:58:c6:0d:62:58:54:41:
                    c1:d2:6a:88:d3:3c:ee:80:ec:38:2b:07:9f:f5:bc:
                    43:8f:28:3d:1f:b2:e0:e0:06:8e:31:84:9e:ef:d8:
                    e5:82:35:8e:10:4f:05:7e:03:65:36:a8:76:60:93:
                    ad:b3:e3:56:2c:53:3d:22:6a:c1:23:73:f6:4a:82:
                    9e:56:fc:2b:1e:cd:03:4f:b4:86:d8:25:cf:29:b8:
                    89:b1:19:9a:bc:49:1f:35:7e:d9:87:df:b3:f8:95:
                    0e:1c:83:06:b1:34:3b:ed:7e:d2:e1:84:4f:fd:55:
                    c0:ba:b2:b9:50:91:5e:12:fd:06:f3:6d:1c:6a:b8:
                    15:b1:38:88:8f:79:f6:84:bc:72:47:33:fe:c1:bd:
                    96:79:d1:d4:e6:2c:74:8b:06:c8:c8:54:c9:83:eb:
                    85:a5:62:28:45:89:84:2d:eb:79:16:93:96:fe:94:
                    01:66:73:b1:13:28:9e:4b:2c:48:eb:e5:45:7f:f0:
                    8d:49:5e:ae:fc:bf:72:61:ef:2e:1f:3b:c7:71:a3:
                    46:ac:82:29:9f:76:58:a1:53:3b:4b:35:f6:49:a3:
                    d2:fe:8b:80:00:26:5a:64:ef:1a:9d:2d:6a:c4:74:
                    bd:f3:e8:26:25:7e:66:4f:c5:53:7f:70:e4:52:cb:
                    22:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:42:0E:E3:53:04:A0:D4:82:35:1A:2A:F5:FA:6B:21:19:61:69:C3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RkIO41MEoNSCNRoq9fprIRlhacM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:ae0::/44

    Signature Algorithm: sha256WithRSAEncryption
         59:40:31:e4:7d:bc:b6:8c:97:5b:8f:74:23:b0:32:72:21:77:
         57:f1:2e:0f:c9:c8:81:d5:5a:a7:a0:ed:eb:68:e3:e3:97:52:
         06:35:e7:e4:c2:f1:65:ed:5f:09:2d:e0:6b:12:b6:e6:d0:da:
         b4:65:c1:f7:66:65:34:6d:a9:88:96:b6:0f:f3:1f:bd:84:5f:
         c9:6f:da:fc:da:22:76:09:54:39:ca:48:7b:ca:ea:19:93:22:
         d9:5e:29:32:4f:97:06:01:0c:39:93:e6:c3:4f:36:58:08:4b:
         0f:ff:28:d8:97:dd:30:cd:28:7e:41:e2:6c:e9:75:a9:9c:5b:
         49:fe:e8:a1:7d:96:d6:b4:8c:0d:ad:68:c5:b3:a0:51:0c:67:
         83:70:7e:7a:81:9d:e0:24:c7:99:d8:87:90:84:0d:51:b2:10:
         39:42:55:11:b0:38:ea:b7:5f:14:60:7d:34:9a:18:8d:f5:85:
         f4:83:24:6d:81:84:a9:5f:8b:33:45:8e:b3:07:eb:de:28:ac:
         7c:df:dd:fb:16:23:1f:5d:11:45:e7:93:a5:e3:7e:cc:d7:87:
         8f:2a:e1:01:4a:c1:a6:3c:20:a8:6e:dd:0b:27:30:5d:7a:4b:
         b7:b4:7b:c8:bd:6b:35:f9:fc:88:90:10:8b:2a:02:1b:f0:ce:
         c4:4d:a7:4d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEJkqkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY0MjBlZTM1MzA0
YTBkNDgyMzUxYTJhZjVmYTZiMjExOTYxNjljMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1jBk876oRYxg1iWFRBwdJqiNM87oDsOCsHn/W8Q48oPR+y
4OAGjjGEnu/Y5YI1jhBPBX4DZTaodmCTrbPjVixTPSJqwSNz9kqCnlb8Kx7NA0+0
htglzym4ibEZmrxJHzV+2Yffs/iVDhyDBrE0O+1+0uGET/1VwLqyuVCRXhL9BvNt
HGq4FbE4iI959oS8ckcz/sG9lnnR1OYsdIsGyMhUyYPrhaViKEWJhC3reRaTlv6U
AWZzsRMonkssSOvlRX/wjUlervy/cmHvLh87x3GjRqyCKZ92WKFTO0s19kmj0v6L
gAAmWmTvGp0tasR0vfPoJiV+Zk/FU39w5FLLIiMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRGQg7jUwSg1II1Gir1+mshGWFpwzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1JrSU80MU1Fb05TQ05Sb3E5ZnBySVJsaGFjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcK4DANBgkqhkiG9w0BAQsF
AAOCAQEAWUAx5H28toyXW490I7AyciF3V/EuD8nIgdVap6Dt62jj45dSBjXn5MLx
Ze1fCS3gaxK25tDatGXB92ZlNG2piJa2D/MfvYRfyW/a/NoidglUOcpIe8rqGZMi
2V4pMk+XBgEMOZPmw082WAhLD/8o2JfdMM0ofkHibOl1qZxbSf7ooX2W1rSMDa1o
xbOgUQxng3B+eoGd4CTHmdiHkIQNUbIQOUJVEbA46rdfFGB9NJoYjfWF9IMkbYGE
qV+LM0WOswfr3iisfN/d+xYjH10RReeTpeN+zNeHjyrhAUrBpjwgqG7dCycwXXpL
t7R7yL1rNfn8iJAQiyoCG/DOxE2nTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org