Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T1vSHfUwqmbfXcFy_4eL0zEpAdE.roa
File:                     T1vSHfUwqmbfXcFy_4eL0zEpAdE.roa (raw, json)
Hash identifier:          w9UTReSnzP0jdPpj348V2RkcVAqWo9ayyeFzl4fbCNs=
Subject key identifier:   4F:5B:D2:1D:F5:30:AA:66:DF:5D:C1:72:FF:87:8B:D3:31:29:01:D1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10742066
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T1vSHfUwqmbfXcFy_4eL0zEpAdE.roa
Signing time:             Sat 01 Jan 2022 09:04:42 +0000
ROA not before:           Sat 01 Jan 2022 09:04:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41732
IP address blocks:        2a0e:b107:ad0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 276045926 (0x10742066)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f5bd21df530aa66df5dc172ff878bd3312901d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7e:06:0f:f7:b5:16:54:50:5b:f9:6c:2d:75:
                    46:06:41:54:58:46:e6:4e:2f:f7:0f:86:30:d7:35:
                    ad:a0:af:42:b7:2e:b0:9b:68:4c:31:27:65:98:fa:
                    94:93:b1:a7:eb:e8:ab:ca:14:b6:19:50:06:9b:f9:
                    cb:08:78:34:82:a7:14:e3:30:01:c5:30:df:41:d1:
                    7e:19:a1:11:9f:7d:4c:ad:6b:c5:28:ac:a0:e6:f1:
                    de:73:76:18:be:26:84:7e:6c:41:8a:3d:d6:c6:11:
                    8e:56:17:c2:c7:9c:79:fb:a7:46:35:2b:d4:41:c9:
                    e9:c6:2b:da:82:c4:a8:89:fd:11:52:3f:ab:8f:cc:
                    72:9a:81:9d:d9:80:7a:3f:24:72:8e:3d:1e:73:99:
                    55:a4:74:92:e2:bf:bb:7a:f8:d3:8b:7c:d7:dd:0c:
                    f9:3e:c3:90:49:7e:6b:17:c8:52:74:3a:7b:8e:92:
                    cb:45:43:e5:8c:7b:a9:7b:29:4f:08:31:1d:26:03:
                    cb:ae:66:d2:1d:d5:3b:6a:74:e0:82:c4:34:9c:d1:
                    bf:9f:56:1e:90:d6:05:f2:d9:c7:fc:b0:00:bc:73:
                    22:aa:6c:29:9a:53:4d:22:cc:b4:d2:4f:6f:ba:b2:
                    c2:5e:94:ff:68:de:7c:98:b6:f0:e8:c7:7f:53:bc:
                    7c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:5B:D2:1D:F5:30:AA:66:DF:5D:C1:72:FF:87:8B:D3:31:29:01:D1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T1vSHfUwqmbfXcFy_4eL0zEpAdE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:ad0::/44

    Signature Algorithm: sha256WithRSAEncryption
         9f:26:3a:fe:e2:7a:79:4a:7b:6a:7e:a5:d0:53:ba:8f:96:2b:
         14:7f:a1:2b:a2:85:d7:5d:20:b6:ab:6a:41:f6:07:5a:ca:d3:
         78:ec:6e:22:db:52:c2:d2:21:f6:d0:d1:04:68:ad:94:6e:7e:
         8b:1c:e6:07:ef:8d:df:49:5c:16:a5:30:85:c2:75:41:14:ab:
         55:b8:5d:b9:18:9c:0f:4f:65:d0:9f:21:b1:50:43:13:90:cf:
         12:b5:a5:33:b7:f8:dd:a9:26:c9:d6:33:8b:41:5f:ca:17:d3:
         33:6f:dd:8d:74:e2:c9:2b:17:50:16:8b:25:4f:20:cb:59:c4:
         59:ec:cb:5f:ac:c2:fb:3c:c2:03:45:f8:36:ae:8b:09:44:23:
         c0:bc:a9:e0:cd:d7:a1:cd:74:63:fe:5a:c2:76:9f:8e:7e:d6:
         c6:66:e5:8c:4c:23:9e:12:73:3a:94:0b:a3:2f:5d:9e:4f:f1:
         c7:f5:dc:0d:90:1b:39:b2:78:88:01:4d:ab:18:5a:94:f1:94:
         41:c6:67:8c:e2:0c:13:6f:53:ab:3e:32:d4:1f:4c:73:52:26:
         cd:c8:b1:74:52:18:ff:86:2e:9c:f4:e6:70:8b:c3:fe:dd:b8:
         af:f7:01:ab:e9:a4:9d:d8:5e:05:1f:f6:ac:49:52:b2:36:85:
         e9:0b:8d:45
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEHQgZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY1YmQyMWRmNTMw
YWE2NmRmNWRjMTcyZmY4NzhiZDMzMTI5MDFkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALp+Bg/3tRZUUFv5bC11RgZBVFhG5k4v9w+GMNc1raCvQrcu
sJtoTDEnZZj6lJOxp+voq8oUthlQBpv5ywh4NIKnFOMwAcUw30HRfhmhEZ99TK1r
xSisoObx3nN2GL4mhH5sQYo91sYRjlYXwsecefunRjUr1EHJ6cYr2oLEqIn9EVI/
q4/McpqBndmAej8kco49HnOZVaR0kuK/u3r404t8190M+T7DkEl+axfIUnQ6e46S
y0VD5Yx7qXspTwgxHSYDy65m0h3VO2p04ILENJzRv59WHpDWBfLZx/ywALxzIqps
KZpTTSLMtNJPb7qywl6U/2jefJi28OjHf1O8fIsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRPW9Id9TCqZt9dwXL/h4vTMSkB0TAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1QxdlNIZlV3cW1iZlhjRnlfNGVMMHpFcEFkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcK0DANBgkqhkiG9w0BAQsF
AAOCAQEAnyY6/uJ6eUp7an6l0FO6j5YrFH+hK6KF110gtqtqQfYHWsrTeOxuIttS
wtIh9tDRBGitlG5+ixzmB++N30lcFqUwhcJ1QRSrVbhduRicD09l0J8hsVBDE5DP
ErWlM7f43akmydYzi0FfyhfTM2/djXTiySsXUBaLJU8gy1nEWezLX6zC+zzCA0X4
Nq6LCUQjwLyp4M3Xoc10Y/5awnafjn7WxmbljEwjnhJzOpQLoy9dnk/xx/XcDZAb
ObJ4iAFNqxhalPGUQcZnjOIME29Tqz4y1B9Mc1ImzcixdFIY/4YunPTmcIvD/t24
r/cBq+mkndheBR/2rElSsjaF6QuNRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org