Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rz5ZOodNE_2XwzZGkmNXTqfNO4A.roa
File:                     Rz5ZOodNE_2XwzZGkmNXTqfNO4A.roa (raw, json)
Hash identifier:          ZsuVTYwaMkMWwU2Ry23v9O3DMsbKSahEluQSNxfYSkU=
Subject key identifier:   47:3E:59:3A:87:4D:13:FD:97:C3:36:46:92:63:57:4E:A7:CD:3B:80
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10BCE0ED
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rz5ZOodNE_2XwzZGkmNXTqfNO4A.roa
Signing time:             Sat 01 Jan 2022 09:05:24 +0000
ROA not before:           Sat 01 Jan 2022 09:05:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211042
IP address blocks:        2a0e:b107:14c0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 280813805 (0x10bce0ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=473e593a874d13fd97c336469263574ea7cd3b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:f5:26:b7:bd:f6:22:5e:ac:c5:f2:72:54:c7:
                    4f:83:ab:94:84:55:bf:2d:d9:94:d6:81:34:d8:a2:
                    c4:fc:7a:fb:8c:8d:1a:4d:23:b1:ae:d5:25:e1:c6:
                    3d:0b:01:91:44:2f:4f:c8:2d:fa:d6:1a:41:aa:ca:
                    34:ac:e0:27:30:75:b3:9e:a0:55:7e:9d:29:2d:9d:
                    85:a0:88:f0:f2:9e:c8:1c:3f:2a:7c:e8:1d:df:73:
                    49:0b:30:7f:0e:2c:ab:71:8b:6e:27:35:f6:89:ef:
                    f3:88:7a:04:b9:12:6a:a0:97:38:e6:0c:c6:83:d0:
                    0e:16:91:ae:a8:86:24:58:1e:51:d9:04:f0:78:02:
                    40:4f:2a:5a:00:3a:42:da:11:f7:d5:73:5b:e9:5b:
                    79:97:ae:a8:fc:63:e0:27:47:7f:eb:6a:af:06:a3:
                    42:46:0f:83:b9:bc:14:fc:be:16:2f:71:fd:dc:47:
                    7e:e8:2d:a3:c0:8b:ef:89:db:b1:4e:ee:00:7e:ef:
                    76:5c:43:12:7c:93:e5:c6:ed:a0:4e:72:3a:d6:3f:
                    49:c9:69:ee:fe:f3:d8:52:ff:ed:3a:47:49:89:4e:
                    a3:ab:1d:07:09:13:17:3d:ed:be:b5:56:74:46:ab:
                    7b:58:e8:c4:8b:14:0a:40:e1:c3:48:d1:ce:28:40:
                    25:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:3E:59:3A:87:4D:13:FD:97:C3:36:46:92:63:57:4E:A7:CD:3B:80
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rz5ZOodNE_2XwzZGkmNXTqfNO4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:14c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         09:65:3a:d9:f3:83:c9:5b:0e:df:11:66:a6:90:cf:89:d9:f4:
         a7:62:e4:f4:3d:20:09:81:a9:8a:aa:b7:b0:77:86:e5:64:8e:
         3e:8a:94:3d:42:21:44:3f:d3:9d:35:cd:97:e4:91:15:c6:4a:
         f6:cb:6e:60:17:29:d6:64:ee:ba:ec:91:bd:ea:36:94:ce:59:
         d5:98:d3:ef:54:fe:ae:96:3e:96:52:3c:95:af:15:c6:8b:c2:
         3e:77:82:7a:c0:68:da:88:0c:4a:99:2b:c7:e5:63:53:65:50:
         3e:6e:59:e9:3f:ec:18:93:b9:c7:36:3a:a4:e2:7e:4e:34:f8:
         21:9f:4f:d7:9d:e3:16:c3:d0:c1:f4:66:1e:f0:f3:c8:17:35:
         9a:a9:93:8d:c3:8f:9b:d5:cd:23:75:c3:9b:02:f6:2b:d8:32:
         24:22:12:35:4e:67:90:2e:1d:0d:a0:4e:31:e6:22:71:44:40:
         60:43:f4:02:e0:da:34:3e:0b:76:f3:fe:68:40:96:80:c3:94:
         05:4d:e9:1a:04:fd:8c:58:9b:e0:6a:ae:9b:15:9c:75:8a:a5:
         09:e7:c9:0b:83:62:76:4c:85:ca:1b:1d:cd:bc:37:20:de:ec:
         1b:78:a0:9a:2d:2b:33:f6:9c:15:8b:8c:b2:69:00:74:84:79:
         e5:f8:c3:a1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEELzg7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDczZTU5M2E4NzRk
MTNmZDk3YzMzNjQ2OTI2MzU3NGVhN2NkM2I4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPf1Jre99iJerMXyclTHT4OrlIRVvy3ZlNaBNNiixPx6+4yN
Gk0jsa7VJeHGPQsBkUQvT8gt+tYaQarKNKzgJzB1s56gVX6dKS2dhaCI8PKeyBw/
KnzoHd9zSQswfw4sq3GLbic19onv84h6BLkSaqCXOOYMxoPQDhaRrqiGJFgeUdkE
8HgCQE8qWgA6QtoR99VzW+lbeZeuqPxj4CdHf+tqrwajQkYPg7m8FPy+Fi9x/dxH
fugto8CL74nbsU7uAH7vdlxDEnyT5cbtoE5yOtY/Sclp7v7z2FL/7TpHSYlOo6sd
BwkTFz3tvrVWdEare1joxIsUCkDhw0jRzihAJT8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRHPlk6h00T/ZfDNkaSY1dOp807gDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1J6NVpPb2RORV8yWHd6WkdrbU5YVHFmTk80QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcUwDANBgkqhkiG9w0BAQsF
AAOCAQEACWU62fODyVsO3xFmppDPidn0p2Lk9D0gCYGpiqq3sHeG5WSOPoqUPUIh
RD/TnTXNl+SRFcZK9stuYBcp1mTuuuyRveo2lM5Z1ZjT71T+rpY+llI8la8VxovC
PneCesBo2ogMSpkrx+VjU2VQPm5Z6T/sGJO5xzY6pOJ+TjT4IZ9P153jFsPQwfRm
HvDzyBc1mqmTjcOPm9XNI3XDmwL2K9gyJCISNU5nkC4dDaBOMeYicURAYEP0AuDa
ND4LdvP+aECWgMOUBU3pGgT9jFib4GqumxWcdYqlCefJC4NidkyFyhsdzbw3IN7s
G3igmi0rM/acFYuMsmkAdIR55fjDoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org