Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO1E7s55u0e-dDo9uQ48JBHEp6w.roa
File:                     SO1E7s55u0e-dDo9uQ48JBHEp6w.roa (raw, json)
Hash identifier:          rSgHEdHXmUOxlwm7jKs9PvKr9v803GGWIKJRM1IpUSY=
Subject key identifier:   48:ED:44:EE:CE:79:BB:47:BE:74:3A:3D:B9:0E:3C:24:11:C4:A7:AC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0182EA36A9F1FDF8365C589C09FC9464CC2E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO1E7s55u0e-dDo9uQ48JBHEp6w.roa
Signing time:             Mon 29 Aug 2022 15:27:07 +0000
ROA not before:           Mon 29 Aug 2022 15:27:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209460
IP address blocks:        2a0e:b107:19a1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ea:36:a9:f1:fd:f8:36:5c:58:9c:09:fc:94:64:cc:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 29 15:27:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48ed44eece79bb47be743a3db90e3c2411c4a7ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1c:cb:90:3a:34:65:1a:62:62:3a:98:50:dc:
                    7c:88:db:72:aa:63:75:07:2f:18:41:5b:b0:b5:13:
                    91:ef:f0:f1:49:cb:6a:22:dd:44:7a:50:37:50:6d:
                    74:1c:c8:65:53:b0:7a:01:15:cd:82:e7:24:68:71:
                    eb:52:37:f8:86:df:2a:a0:83:c2:64:4c:55:ef:63:
                    3f:4f:86:a5:62:54:26:e9:54:cc:6a:e6:20:1b:70:
                    8c:d5:93:46:9e:fe:2c:00:5b:f6:77:51:aa:ff:f8:
                    38:94:27:f0:53:5c:1a:36:a2:7d:4c:57:d8:3a:32:
                    3d:a1:da:79:1e:a1:fb:e4:38:af:12:e4:a4:71:7b:
                    39:2d:a3:f9:59:25:a6:df:9d:3f:77:6c:25:58:21:
                    80:70:47:17:56:a7:cb:af:ef:34:c6:2f:34:70:c5:
                    48:4e:bb:c0:9f:72:37:6f:20:7d:7b:3e:b6:13:f5:
                    0e:bd:78:76:5d:17:3c:b7:c5:cb:59:07:66:35:5b:
                    95:8a:92:96:a7:60:fd:d3:e7:b5:05:20:2a:62:13:
                    d8:b9:fe:dc:62:90:1e:73:fa:bf:ae:66:0e:4d:b7:
                    57:f1:50:ee:dd:48:e1:bd:75:3d:ac:eb:f2:74:7b:
                    cc:f1:08:a8:93:50:61:15:7c:89:a7:e8:f1:c9:fc:
                    0e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:ED:44:EE:CE:79:BB:47:BE:74:3A:3D:B9:0E:3C:24:11:C4:A7:AC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO1E7s55u0e-dDo9uQ48JBHEp6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19a1::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:e3:dc:c8:f5:75:00:92:cc:d5:79:26:ad:d1:33:95:1a:da:
         24:fa:bc:da:d5:4c:a8:73:87:6d:ec:ed:5f:70:35:dc:31:46:
         45:d3:6f:08:66:f8:1e:a5:40:31:8c:55:40:ee:6b:17:3d:ab:
         df:79:37:38:32:68:70:bc:79:12:d8:03:33:30:5f:b0:1f:48:
         95:88:5f:98:08:fb:dd:ac:2d:c8:4b:e6:0c:dd:9d:19:9a:c2:
         04:18:e7:51:f1:8b:f9:09:94:d9:1b:18:37:aa:b2:6b:0f:af:
         ac:15:f3:12:71:db:d5:94:1b:2c:4c:51:4b:b5:87:5c:b6:7b:
         60:83:6c:9b:88:da:6e:23:25:09:56:ef:ac:5c:d6:e2:b5:1a:
         39:78:f1:59:22:79:fc:a6:17:f3:70:46:4e:ac:e1:17:f4:0b:
         ed:62:9d:5e:38:83:5a:95:10:c8:b3:cc:eb:1a:fd:e1:54:c4:
         8a:6e:73:dc:49:a6:db:e9:ac:62:41:21:c8:1c:4a:eb:9e:25:
         0c:6d:0b:24:a1:6d:4b:b1:55:17:e1:ba:67:c9:3f:70:b0:42:
         74:da:b4:d6:5e:c5:d3:ce:e8:33:af:db:0e:6e:23:c3:03:5b:
         6e:2e:bb:85:3c:58:a2:6b:5b:7a:67:fd:3a:57:59:0e:6c:a0:
         86:4a:77:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLqNqnx/fg2XFicCfyUZMwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI5MTUyNzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVkNDRlZWNlNzliYjQ3YmU3NDNhM2RiOTBlM2MyNDExYzRhN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxzLkDo0ZRpiYjqYUNx8iNtyqmN1
By8YQVuwtROR7/DxSctqIt1EelA3UG10HMhlU7B6ARXNguckaHHrUjf4ht8qoIPC
ZExV72M/T4alYlQm6VTMauYgG3CM1ZNGnv4sAFv2d1Gq//g4lCfwU1waNqJ9TFfY
OjI9odp5HqH75DivEuSkcXs5LaP5WSWm350/d2wlWCGAcEcXVqfLr+80xi80cMVI
TrvAn3I3byB9ez62E/UOvXh2XRc8t8XLWQdmNVuVipKWp2D90+e1BSAqYhPYuf7c
YpAec/q/rmYOTbdX8VDu3UjhvXU9rOvydHvM8Qiok1BhFXyJp+jxyfwO+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEjtRO7OebtHvnQ6PbkOPCQRxKesMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU08xRTdzNTV1MGUtZERvOXVRNDhKQkhFcDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxmh
MA0GCSqGSIb3DQEBCwUAA4IBAQBA49zI9XUAkszVeSat0TOVGtok+rza1Uyoc4dt
7O1fcDXcMUZF028IZvgepUAxjFVA7msXPavfeTc4MmhwvHkS2AMzMF+wH0iViF+Y
CPvdrC3IS+YM3Z0ZmsIEGOdR8Yv5CZTZGxg3qrJrD6+sFfMScdvVlBssTFFLtYdc
tntgg2ybiNpuIyUJVu+sXNbitRo5ePFZInn8phfzcEZOrOEX9AvtYp1eOINalRDI
s8zrGv3hVMSKbnPcSabb6axiQSHIHErrniUMbQskoW1LsVUX4bpnyT9wsEJ02rTW
XsXTzugzr9sObiPDA1tuLruFPFiia1t6Z/06V1kObKCGSnfA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org