Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VgKs-HdomxZtcV2eWJaywxPYRc0.roa
File:                     VgKs-HdomxZtcV2eWJaywxPYRc0.roa (raw, json)
Hash identifier:          jk12ajrs4k3dH9OuiPRyBeC15paflFNlsFUVx5xucl4=
Subject key identifier:   56:02:AC:F8:77:68:9B:16:6D:71:5D:9E:58:96:B2:C3:13:D8:45:CD
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018314891A65D64FAB1590DB8E2649069CC2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VgKs-HdomxZtcV2eWJaywxPYRc0.roa
Signing time:             Tue 06 Sep 2022 20:41:12 +0000
ROA not before:           Tue 06 Sep 2022 20:41:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206981
IP address blocks:        2a0e:97c0:6a0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:14:89:1a:65:d6:4f:ab:15:90:db:8e:26:49:06:9c:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Sep  6 20:41:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5602acf877689b166d715d9e5896b2c313d845cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0c:86:9f:ee:b6:57:b3:96:d9:ed:e9:e7:60:
                    29:83:23:8f:10:4e:76:af:3c:6d:ec:30:2d:3a:9b:
                    25:d2:1b:ac:98:84:3f:3d:a1:88:b1:6a:03:ab:19:
                    21:e1:60:eb:d3:b4:3c:c0:90:a0:d3:64:d7:2e:0b:
                    6a:7c:b6:6f:35:eb:2f:fd:11:b7:1c:32:00:60:9f:
                    31:1b:1e:cd:a5:59:0c:e3:37:cc:c0:6c:e0:ca:29:
                    ab:17:63:e6:4c:43:2f:cd:02:ac:1c:b3:89:f9:ba:
                    d2:a9:c3:f8:06:d7:f0:6a:8c:08:80:da:7a:06:df:
                    bf:30:e1:c9:d8:8e:29:50:e7:0d:6c:58:bd:fd:2b:
                    55:0c:37:ad:cb:38:44:7a:e4:75:e3:8f:48:ed:76:
                    74:12:88:ba:73:2e:1e:18:e3:03:cc:52:82:07:3d:
                    b0:cf:2e:a4:e5:7e:27:96:26:7a:81:6e:f4:8f:d4:
                    a4:67:30:11:17:cd:a8:33:23:a9:20:62:18:ad:48:
                    6d:4e:00:d0:5a:94:02:38:26:c2:b2:7e:03:4d:50:
                    e6:4a:40:91:a9:a1:f0:e4:97:2a:82:3c:21:d9:8b:
                    6f:0f:d0:b5:04:28:c0:9b:3c:0b:79:b9:e5:93:9e:
                    b4:9e:52:e4:7f:c0:8c:13:41:e0:8a:1a:33:d4:f7:
                    e4:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:02:AC:F8:77:68:9B:16:6D:71:5D:9E:58:96:B2:C3:13:D8:45:CD
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VgKs-HdomxZtcV2eWJaywxPYRc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:6a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         35:dc:03:1d:0c:9f:4f:0f:13:d2:40:c1:ed:56:8a:ca:4f:c3:
         d0:29:bc:ef:52:41:8e:87:28:90:e9:72:b6:1f:3a:ed:59:0b:
         81:bd:a6:12:48:3b:07:78:74:72:65:34:1d:78:64:58:35:de:
         24:35:d8:0d:7d:65:99:5b:0b:e5:4b:b8:18:62:97:c5:86:57:
         02:e2:9c:69:8b:7a:34:e3:34:67:bf:b1:23:2f:cf:f1:e7:9b:
         c5:7c:8c:5c:17:b6:e4:18:c6:4d:ac:b4:74:13:3f:95:db:7e:
         e4:89:9d:6a:79:e8:c8:fd:e8:5c:6e:e6:6c:25:52:03:09:1f:
         08:8d:f1:e4:5e:df:06:4c:6a:d4:70:d7:bc:36:4c:df:38:5a:
         90:0d:de:81:7e:ff:85:d2:77:16:fb:a2:63:07:07:86:1c:41:
         6a:56:88:f7:bd:7d:8f:a0:e7:95:ea:de:ed:12:77:2a:2a:1c:
         93:ca:0b:a0:c8:5c:44:6d:7b:d4:a9:07:f2:eb:e6:01:e3:7c:
         39:df:ad:e5:35:9c:b8:91:f4:f7:84:a9:d0:9e:73:75:67:57:
         76:4a:ac:fc:5b:38:2e:1e:f6:d0:26:8b:e0:21:12:bc:90:cd:
         fd:36:68:77:21:34:28:71:64:68:b0:0b:c8:92:1c:e5:63:a9:
         84:1c:bf:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMUiRpl1k+rFZDbjiZJBpzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTA2MjA0MTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjAyYWNmODc3Njg5YjE2NmQ3MTVkOWU1ODk2YjJjMzEzZDg0NWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQyGn+62V7OW2e3p52ApgyOPEE52
rzxt7DAtOpsl0husmIQ/PaGIsWoDqxkh4WDr07Q8wJCg02TXLgtqfLZvNesv/RG3
HDIAYJ8xGx7NpVkM4zfMwGzgyimrF2PmTEMvzQKsHLOJ+brSqcP4BtfwaowIgNp6
Bt+/MOHJ2I4pUOcNbFi9/StVDDetyzhEeuR1449I7XZ0Eoi6cy4eGOMDzFKCBz2w
zy6k5X4nliZ6gW70j9SkZzARF82oMyOpIGIYrUhtTgDQWpQCOCbCsn4DTVDmSkCR
qaHw5Jcqgjwh2YtvD9C1BCjAmzwLebnlk560nlLkf8CME0Hgihoz1PfkvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFYCrPh3aJsWbXFdnliWssMT2EXNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVmdLcy1IZG9teFp0Y1YyZVdKYXl3eFBZUmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAag
MA0GCSqGSIb3DQEBCwUAA4IBAQA13AMdDJ9PDxPSQMHtVorKT8PQKbzvUkGOhyiQ
6XK2HzrtWQuBvaYSSDsHeHRyZTQdeGRYNd4kNdgNfWWZWwvlS7gYYpfFhlcC4pxp
i3o04zRnv7EjL8/x55vFfIxcF7bkGMZNrLR0Ez+V237kiZ1qeejI/ehcbuZsJVID
CR8IjfHkXt8GTGrUcNe8NkzfOFqQDd6Bfv+F0ncW+6JjBweGHEFqVoj3vX2PoOeV
6t7tEncqKhyTygugyFxEbXvUqQfy6+YB43w5363lNZy4kfT3hKnQnnN1Z1d2Sqz8
WzguHvbQJovgIRK8kM39Nmh3ITQocWRosAvIkhzlY6mEHL/V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org