Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UoahdqQbS5ipqhtEIMPFs3qDl8E.roa
File:                     UoahdqQbS5ipqhtEIMPFs3qDl8E.roa (raw, json)
Hash identifier:          uzEddPJqYDBxxKEAcFFEEffYMy6XgaBHx7FXeysYeU8=
Subject key identifier:   52:86:A1:76:A4:1B:4B:98:A9:AA:1B:44:20:C3:C5:B3:7A:83:97:C1
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01846C06697BBD28E766ABF92042258A8E7E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UoahdqQbS5ipqhtEIMPFs3qDl8E.roa
Signing time:             Sat 12 Nov 2022 13:27:50 +0000
ROA not before:           Sat 12 Nov 2022 13:27:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204611
IP address blocks:        2a0e:b107:19cd::/48 maxlen: 48
                          2a0e:b107:1b9b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:6c:06:69:7b:bd:28:e7:66:ab:f9:20:42:25:8a:8e:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 12 13:27:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5286a176a41b4b98a9aa1b4420c3c5b37a8397c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:68:8a:ae:45:02:d9:85:a3:74:63:c6:ca:5d:
                    ce:ad:89:f8:b6:21:9b:41:8f:eb:f5:ac:a0:b9:aa:
                    38:65:fc:b6:43:03:a3:13:35:a3:1a:93:0a:67:8a:
                    5b:6d:5f:3d:5f:f2:f2:07:71:ec:0d:81:b4:f1:e4:
                    ef:60:29:a1:23:fd:52:e5:1f:3d:31:b9:e5:22:b1:
                    e8:77:d1:7b:35:96:c1:55:68:60:8b:0a:8a:d2:31:
                    bc:24:40:31:8f:f8:9a:b9:72:60:37:88:1c:3a:d4:
                    f5:58:8b:ef:5a:84:1a:c2:08:4e:b6:de:90:21:7a:
                    25:23:c6:41:3c:1a:6e:0b:7c:53:11:af:89:a5:65:
                    82:66:42:07:de:a4:4e:97:9d:38:db:b4:3c:8f:ba:
                    87:a2:7e:e5:f7:a1:cf:70:10:54:25:c5:e3:ad:31:
                    32:00:66:e9:42:99:08:09:ce:82:36:26:7d:78:02:
                    82:b7:c5:b2:9e:50:23:4c:2c:05:31:0f:37:79:11:
                    fc:79:48:43:5b:c2:61:e0:ef:3a:da:29:44:06:43:
                    95:09:e4:66:95:2e:57:d8:16:d6:88:32:2f:3a:fe:
                    e0:bf:62:88:b2:15:cd:3b:b6:5e:cb:c2:3d:f0:f3:
                    71:91:3e:90:81:4d:10:23:b1:3f:d2:68:ae:d3:00:
                    d6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:86:A1:76:A4:1B:4B:98:A9:AA:1B:44:20:C3:C5:B3:7A:83:97:C1
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UoahdqQbS5ipqhtEIMPFs3qDl8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:19cd::/48
                  2a0e:b107:1b9b::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:93:fd:29:d2:a8:7d:7b:95:a2:3a:e1:c6:8a:c5:22:38:63:
         16:60:ec:7b:10:11:62:ff:2b:51:41:6f:61:32:31:34:1c:a9:
         c0:87:9e:6e:a4:a3:ad:01:c3:65:fa:f3:24:af:82:82:22:6f:
         5a:d3:15:f1:2a:fd:6e:c2:29:20:d9:f1:5b:53:8e:7c:25:b2:
         4f:a7:bf:3e:36:8a:e7:4d:01:f0:bd:56:25:a0:94:89:7b:f2:
         cf:e5:4a:64:18:29:2e:dc:4a:0e:56:2e:e6:a2:9f:b9:cf:ae:
         5b:b3:5f:86:57:a7:ec:63:b2:6a:f9:38:2e:c5:ac:01:75:b0:
         bd:04:64:4f:84:7c:f7:02:f2:e1:4b:28:89:7d:2a:21:7b:7c:
         85:62:42:ef:44:2b:b5:ec:d4:f7:9e:3c:05:f3:95:56:9c:e3:
         55:b2:06:9e:73:b1:26:cd:f5:20:45:67:3b:6b:0f:4e:7a:6c:
         4a:8f:58:38:18:28:b8:56:39:1c:0f:36:df:a1:b0:29:6f:5c:
         c4:fc:58:cb:22:6f:28:96:17:ad:2d:07:52:73:9e:f3:68:18:
         e9:8b:7e:db:d8:91:9a:ae:c7:b0:c1:48:21:51:14:9a:58:aa:
         30:63:f0:e2:ae:70:bc:2c:b6:f6:1f:60:e7:d5:f2:a4:ed:e3:
         83:3e:fa:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRsBml7vSjnZqv5IEIlio5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEyMTMyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg2YTE3NmE0MWI0Yjk4YTlhYTFiNDQyMGMzYzViMzdhODM5N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmiKrkUC2YWjdGPGyl3OrYn4tiGb
QY/r9ayguao4Zfy2QwOjEzWjGpMKZ4pbbV89X/LyB3HsDYG08eTvYCmhI/1S5R89
MbnlIrHod9F7NZbBVWhgiwqK0jG8JEAxj/iauXJgN4gcOtT1WIvvWoQawghOtt6Q
IXolI8ZBPBpuC3xTEa+JpWWCZkIH3qROl50427Q8j7qHon7l96HPcBBUJcXjrTEy
AGbpQpkICc6CNiZ9eAKCt8WynlAjTCwFMQ83eRH8eUhDW8Jh4O862ilEBkOVCeRm
lS5X2BbWiDIvOv7gv2KIshXNO7Zey8I98PNxkT6QgU0QI7E/0miu0wDWdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFKGoXakG0uYqaobRCDDxbN6g5fBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVW9haGRxUWJTNWlwcWh0RUlNUEZzM3FEbDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxnN
AwcAKg6xBxubMA0GCSqGSIb3DQEBCwUAA4IBAQBwk/0p0qh9e5WiOuHGisUiOGMW
YOx7EBFi/ytRQW9hMjE0HKnAh55upKOtAcNl+vMkr4KCIm9a0xXxKv1uwikg2fFb
U458JbJPp78+NornTQHwvVYloJSJe/LP5UpkGCku3EoOVi7mop+5z65bs1+GV6fs
Y7Jq+TguxawBdbC9BGRPhHz3AvLhSyiJfSohe3yFYkLvRCu17NT3njwF85VWnONV
sgaec7EmzfUgRWc7aw9OemxKj1g4GCi4VjkcDzbfobApb1zE/FjLIm8olhetLQdS
c57zaBjpi37b2JGarsewwUghURSaWKowY/DirnC8LLb2H2Dn1fKk7eODPvpW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org