Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VCUjvYoW3AI01qBFuxm7buIm3C4.roa
File:                     VCUjvYoW3AI01qBFuxm7buIm3C4.roa (raw, json)
Hash identifier:          AH1CV1ly2Pv+8f49r029gG3njg2ZoWnaIXmzDiiS0Po=
Subject key identifier:   54:25:23:BD:8A:16:DC:02:34:D6:A0:45:BB:19:BB:6E:E2:26:DC:2E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10DB5D40
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VCUjvYoW3AI01qBFuxm7buIm3C4.roa
Signing time:             Sat 01 Jan 2022 09:05:43 +0000
ROA not before:           Sat 01 Jan 2022 09:05:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212227
IP address blocks:        2a0e:b107:139::/48 maxlen: 48
                          2a10:2f00:15e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 282811712 (0x10db5d40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=542523bd8a16dc0234d6a045bb19bb6ee226dc2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7c:ba:06:2c:6d:25:f6:26:ef:53:08:d9:83:
                    50:29:35:41:ba:79:98:b5:b2:1b:f5:db:31:dd:8d:
                    ec:82:0c:a4:a8:99:32:0c:a7:36:ac:d1:7d:ac:81:
                    0b:3c:b0:7a:1f:47:a4:de:17:e1:8b:24:ba:1a:48:
                    79:70:3c:a1:47:d3:50:17:0d:f5:6b:ea:de:d3:e5:
                    fa:3a:15:9b:3a:d6:53:36:be:e0:36:d8:47:6c:cb:
                    9c:5f:da:43:c8:5f:9b:5d:cd:0e:91:c1:91:d9:9d:
                    8b:84:fe:b9:f1:1e:2a:aa:fa:ed:4e:4c:5c:5c:d5:
                    ba:60:5d:e8:53:d3:c1:4d:b4:9a:23:c0:82:d8:1d:
                    5d:88:70:bc:d4:08:f7:0e:34:9d:4a:7d:17:5e:f2:
                    95:d8:98:15:18:ad:63:ea:84:c0:f5:46:07:b5:87:
                    fe:47:85:b9:31:3d:6f:a9:e3:1d:e3:ac:83:eb:19:
                    50:60:a5:78:c0:73:5c:ba:aa:bd:d6:51:cf:f5:f9:
                    fc:d2:0b:80:ff:cb:f8:28:5a:a2:5c:98:bd:df:fc:
                    4c:14:cb:2f:5d:10:37:82:6a:43:fd:c3:32:0b:16:
                    d5:df:c6:f9:e6:6a:fd:29:38:a5:a5:d2:5b:ef:ea:
                    db:67:ae:50:d2:c7:7c:e5:41:d2:f3:ec:94:49:3c:
                    1a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:25:23:BD:8A:16:DC:02:34:D6:A0:45:BB:19:BB:6E:E2:26:DC:2E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VCUjvYoW3AI01qBFuxm7buIm3C4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:139::/48
                  2a10:2f00:15e::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:5e:52:64:4f:8c:d5:4d:4a:cb:d2:50:b2:1c:d4:ae:ba:f6:
         b7:64:9d:0d:46:be:b5:60:f0:43:30:ad:65:09:16:55:6b:e6:
         91:a5:e5:b5:ca:5b:e0:ff:30:92:a8:8d:05:0d:39:61:fa:74:
         20:f8:58:95:8b:a0:b6:c3:5d:29:1d:0a:d1:d4:c3:80:09:06:
         1c:74:c8:68:6f:ea:6c:68:7e:aa:5a:26:dc:52:d3:41:c4:f4:
         18:a8:d1:ee:8c:45:14:a1:0b:36:0b:f4:72:96:04:68:21:b7:
         b9:2c:9d:11:a7:77:ae:02:a5:4e:79:19:1f:96:b2:23:a1:f8:
         99:d3:f7:8e:23:0c:82:3e:e4:92:b7:17:a8:d2:14:41:88:9a:
         40:8a:2e:11:24:6d:38:28:03:e6:8d:37:cf:bc:7f:25:a0:c8:
         06:d9:21:0f:7c:59:32:3b:4c:dc:77:66:d7:24:1f:39:bb:28:
         3f:e8:94:38:d0:91:3d:b5:a9:66:84:f9:55:4d:54:35:7e:5c:
         5a:78:ef:fb:e3:43:9e:0a:28:ec:46:7b:7e:08:53:c7:e1:02:
         cf:d8:bc:da:3f:5a:e1:ec:06:27:2c:10:8a:cd:6a:05:08:8d:
         83:73:62:e9:37:ea:e0:29:b2:a7:a9:a7:5a:a5:5f:a1:ce:e5:
         90:99:4c:29
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEENtdQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQyNTIzYmQ4YTE2
ZGMwMjM0ZDZhMDQ1YmIxOWJiNmVlMjI2ZGMyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh8ugYsbSX2Ju9TCNmDUCk1Qbp5mLWyG/XbMd2N7IIMpKiZ
MgynNqzRfayBCzyweh9HpN4X4YskuhpIeXA8oUfTUBcN9Wvq3tPl+joVmzrWUza+
4DbYR2zLnF/aQ8hfm13NDpHBkdmdi4T+ufEeKqr67U5MXFzVumBd6FPTwU20miPA
gtgdXYhwvNQI9w40nUp9F17yldiYFRitY+qEwPVGB7WH/keFuTE9b6njHeOsg+sZ
UGCleMBzXLqqvdZRz/X5/NILgP/L+ChaolyYvd/8TBTLL10QN4JqQ/3DMgsW1d/G
+eZq/Sk4paXSW+/q22euUNLHfOVB0vPslEk8GhECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRUJSO9ihbcAjTWoEW7Gbtu4ibcLjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1ZDVWp2WW9XM0FJMDFxQkZ1eG03YnVJbTNDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOsQcBOQMHACoQLwABXjANBgkq
hkiG9w0BAQsFAAOCAQEAqV5SZE+M1U1Ky9JQshzUrrr2t2SdDUa+tWDwQzCtZQkW
VWvmkaXltcpb4P8wkqiNBQ05Yfp0IPhYlYugtsNdKR0K0dTDgAkGHHTIaG/qbGh+
qlom3FLTQcT0GKjR7oxFFKELNgv0cpYEaCG3uSydEad3rgKlTnkZH5ayI6H4mdP3
jiMMgj7kkrcXqNIUQYiaQIouESRtOCgD5o03z7x/JaDIBtkhD3xZMjtM3Hdm1yQf
ObsoP+iUONCRPbWpZoT5VU1UNX5cWnjv++NDngoo7EZ7fghTx+ECz9i82j9a4ewG
JywQis1qBQiNg3Ni6Tfq4Cmyp6mnWqVfoc7lkJlMKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org