Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UzkB3IMGuGNV87qjraNXhkf65pM.roa
File:                     UzkB3IMGuGNV87qjraNXhkf65pM.roa (raw, json)
Hash identifier:          akyCKtXf1jDO5XcX1TkQ5jL88gg8YLccC1nUT0Q9S7E=
Subject key identifier:   53:39:01:DC:83:06:B8:63:55:F3:BA:A3:AD:A3:57:86:47:FA:E6:93
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01844F78DA653E099BCBB218814DB0D7D4FF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UzkB3IMGuGNV87qjraNXhkf65pM.roa
Signing time:             Mon 07 Nov 2022 00:23:51 +0000
ROA not before:           Mon 07 Nov 2022 00:23:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202827
IP address blocks:        2a0e:b107:1ce1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:4f:78:da:65:3e:09:9b:cb:b2:18:81:4d:b0:d7:d4:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov  7 00:23:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=533901dc8306b86355f3baa3ada3578647fae693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:88:d9:53:3c:f8:10:ce:92:6a:a3:52:91:28:
                    1a:af:6a:f7:f0:75:b6:93:a6:90:62:ee:d2:a0:51:
                    47:d0:26:c4:31:b1:a3:c0:3e:0d:9c:4f:c8:55:9a:
                    0e:a6:32:43:52:4f:79:ef:5d:ac:27:9c:a4:e0:f6:
                    48:75:5f:5a:d8:7b:6d:cf:4a:11:5c:c6:da:36:e0:
                    24:08:e1:bf:7a:82:c7:08:74:24:dd:bc:6d:f6:5b:
                    e9:c3:61:4e:ee:19:3b:d4:99:1e:ec:ac:e5:ab:30:
                    bf:b7:4e:12:fc:4b:eb:72:ec:81:50:32:58:e3:4c:
                    4d:ee:1c:1a:49:49:c0:1d:32:6b:14:00:f8:fe:8f:
                    17:ca:76:e6:83:2b:bf:6b:9c:9d:03:6a:d4:b4:4b:
                    5a:e3:2b:80:a6:e4:09:b9:d9:81:07:cc:40:4c:7d:
                    97:69:0f:29:9a:3c:af:6e:98:a3:00:c9:6e:4c:9e:
                    97:9d:a5:97:90:4d:b7:01:02:1c:3c:00:94:ca:06:
                    c5:6e:79:b0:6a:bd:ec:01:5c:9b:1b:82:34:56:22:
                    13:2c:c2:66:2d:c5:43:f4:2b:ce:67:e0:ae:2e:5d:
                    fa:0d:3d:b1:c3:94:33:25:d0:61:4e:f3:6e:b4:f8:
                    1e:78:10:9b:74:13:a0:6e:b5:5f:b2:78:82:88:23:
                    99:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:39:01:DC:83:06:B8:63:55:F3:BA:A3:AD:A3:57:86:47:FA:E6:93
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UzkB3IMGuGNV87qjraNXhkf65pM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1ce1::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:97:48:56:e7:9c:7d:9c:86:72:cc:de:3d:9a:9d:c6:87:c2:
         c0:41:d2:59:93:a0:f4:f1:d8:c3:3e:d8:65:0f:70:d9:c7:68:
         b4:a8:e6:07:b1:58:58:a2:ba:1c:aa:e1:ae:a6:b7:e3:ba:3e:
         b7:25:a8:88:c3:b5:bf:3b:49:bc:2b:aa:16:9b:13:e5:17:a4:
         6e:79:27:e6:b1:e9:93:c4:df:8d:e6:c7:8e:a3:98:47:a7:46:
         86:8a:43:6f:3b:5b:bc:8d:21:3e:8a:ba:de:4f:6e:bb:65:e2:
         19:4f:02:fb:ad:f2:a7:fb:3c:57:f8:28:95:58:8c:e4:f0:3a:
         ea:60:49:5e:78:c9:a6:dd:0b:95:f1:3f:ad:0e:04:10:ad:e9:
         88:ac:df:4a:5c:ca:b0:f1:40:2e:6f:a5:5c:b1:ef:f9:24:e5:
         00:c5:69:f5:05:97:21:55:33:37:e3:dd:00:46:a2:4d:22:b6:
         42:eb:b1:09:cb:cd:06:83:89:85:2b:fe:83:2a:13:6b:28:ae:
         11:23:c1:d1:45:d7:e5:88:22:8c:30:aa:74:a0:f9:48:29:1c:
         33:31:9e:d6:c7:68:c7:43:5d:8e:ae:98:2e:9a:60:03:f7:b0:
         5b:18:6b:3c:37:ce:97:db:df:1f:88:a1:ca:06:8a:26:3d:70:
         e5:2e:0a:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYRPeNplPgmby7IYgU2w19T/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA3MDAyMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM5MDFkYzgzMDZiODYzNTVmM2JhYTNhZGEzNTc4NjQ3ZmFlNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIjZUzz4EM6SaqNSkSgar2r38HW2
k6aQYu7SoFFH0CbEMbGjwD4NnE/IVZoOpjJDUk95712sJ5yk4PZIdV9a2Httz0oR
XMbaNuAkCOG/eoLHCHQk3bxt9lvpw2FO7hk71Jke7KzlqzC/t04S/EvrcuyBUDJY
40xN7hwaSUnAHTJrFAD4/o8Xynbmgyu/a5ydA2rUtEta4yuApuQJudmBB8xATH2X
aQ8pmjyvbpijAMluTJ6XnaWXkE23AQIcPACUygbFbnmwar3sAVybG4I0ViITLMJm
LcVD9CvOZ+CuLl36DT2xw5QzJdBhTvNutPgeeBCbdBOgbrVfsniCiCOZewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFM5AdyDBrhjVfO6o62jV4ZH+uaTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVXprQjNJTUd1R05WODdxanJhTlhoa2Y2NXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxzh
MA0GCSqGSIb3DQEBCwUAA4IBAQBsl0hW55x9nIZyzN49mp3Gh8LAQdJZk6D08djD
PthlD3DZx2i0qOYHsVhYorocquGuprfjuj63JaiIw7W/O0m8K6oWmxPlF6RueSfm
semTxN+N5seOo5hHp0aGikNvO1u8jSE+irreT267ZeIZTwL7rfKn+zxX+CiVWIzk
8DrqYEleeMmm3QuV8T+tDgQQremIrN9KXMqw8UAub6Vcse/5JOUAxWn1BZchVTM3
490ARqJNIrZC67EJy80Gg4mFK/6DKhNrKK4RI8HRRdfliCKMMKp0oPlIKRwzMZ7W
x2jHQ12OrpgummAD97BbGGs8N86X298fiKHKBoomPXDlLgox
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org