Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W2CmDgIDyj3UrgRlVrUoWl_gtQk.roa
File:                     W2CmDgIDyj3UrgRlVrUoWl_gtQk.roa (raw, json)
Hash identifier:          2PG/bMeBYbLwaDst0GCfXIHj8xARhEbuIAfVr5AwVT0=
Subject key identifier:   5B:60:A6:0E:02:03:CA:3D:D4:AE:04:65:56:B5:28:5A:5F:E0:B5:09
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10EBBC72
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W2CmDgIDyj3UrgRlVrUoWl_gtQk.roa
Signing time:             Sat 01 Jan 2022 09:05:54 +0000
ROA not before:           Sat 01 Jan 2022 09:05:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212934
IP address blocks:        2a0e:b107:bb0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 283884658 (0x10ebbc72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5b60a60e0203ca3dd4ae046556b5285a5fe0b509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:83:6a:d2:ab:38:6a:db:f5:b8:72:ac:1d:d5:
                    88:33:6d:31:03:6e:70:7a:e1:81:19:86:1d:64:d5:
                    02:09:e0:9b:88:57:93:d5:74:e7:77:44:5e:e1:36:
                    5e:63:74:9d:f5:a8:bf:bb:33:52:56:49:7e:3c:24:
                    61:41:db:9e:fc:46:2b:ca:c6:64:92:d3:c1:ad:d0:
                    e9:73:e9:b7:5e:16:0e:1c:6a:06:95:53:21:47:df:
                    a9:34:5f:4f:1e:f2:7f:e2:ae:2f:40:91:b3:7b:73:
                    ed:5e:6e:ea:1e:84:87:51:69:82:a6:9c:42:fd:04:
                    03:3e:3d:73:83:f0:57:79:ff:34:42:81:12:ff:53:
                    4a:d4:00:b1:15:7a:45:14:1c:8a:cb:5c:0d:ed:c9:
                    a2:c6:b5:2f:9f:3b:fe:04:fd:ee:ad:b4:de:2e:fe:
                    1d:97:dc:75:c3:dd:30:16:48:2e:b8:14:c3:82:fb:
                    2c:4a:c9:01:c2:aa:8d:22:f0:8c:3b:4f:09:65:f2:
                    06:7d:40:8a:b1:f5:2f:36:5a:bb:e4:2e:c7:c5:58:
                    f9:1b:9a:67:ec:04:9a:59:eb:0b:64:a4:2e:16:90:
                    38:f6:57:c1:9b:bd:8b:45:da:f7:92:b0:a8:22:b4:
                    2c:03:8d:e2:6e:58:72:be:c0:b6:ae:1e:12:b1:d0:
                    47:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:60:A6:0E:02:03:CA:3D:D4:AE:04:65:56:B5:28:5A:5F:E0:B5:09
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/W2CmDgIDyj3UrgRlVrUoWl_gtQk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:bb0::/44

    Signature Algorithm: sha256WithRSAEncryption
         90:ca:ef:14:cd:b9:ac:ae:54:dc:e4:41:9b:d1:6e:78:75:7f:
         c3:46:73:15:e2:25:ba:25:8b:bd:ca:95:01:ba:c0:d7:a7:72:
         91:cd:9e:5a:c8:eb:2f:43:c7:47:a0:02:c4:ff:c4:1c:44:07:
         ed:f4:17:88:cc:82:f6:8d:05:6c:ee:d5:82:9b:78:66:d5:31:
         d8:08:3a:e9:8d:9c:51:8b:5b:7f:c6:18:10:20:2b:65:70:b7:
         57:8e:f2:73:fc:e9:25:c5:67:e3:fc:16:e2:db:44:67:8c:94:
         c3:95:be:ba:fb:9e:3b:f1:38:c4:83:8b:85:e5:2a:9e:48:6a:
         17:93:38:e4:a4:42:7b:2d:5f:45:a4:d0:b5:3e:92:10:03:f2:
         cb:41:b5:e6:05:87:f5:40:c5:24:69:f2:6d:2b:f7:3c:1c:a8:
         62:48:cc:ca:6b:cc:81:5e:c4:5f:d2:83:5b:20:89:35:3c:c3:
         52:81:30:84:cb:c8:44:fc:29:7f:23:00:0a:70:94:f2:5c:28:
         58:77:f5:9b:23:a1:bd:0f:d1:2b:ae:a8:22:a2:6c:12:10:6e:
         cb:09:c8:36:72:b7:bb:8f:17:a7:3c:f8:96:54:95:f7:9e:d6:
         0c:d7:fe:18:29:f1:bd:c4:c0:fc:7c:a5:e8:0b:b9:69:31:d4:
         ee:f3:99:28
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEOu8cjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWI2MGE2MGUwMjAz
Y2EzZGQ0YWUwNDY1NTZiNTI4NWE1ZmUwYjUwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6DatKrOGrb9bhyrB3ViDNtMQNucHrhgRmGHWTVAgngm4hX
k9V053dEXuE2XmN0nfWov7szUlZJfjwkYUHbnvxGK8rGZJLTwa3Q6XPpt14WDhxq
BpVTIUffqTRfTx7yf+KuL0CRs3tz7V5u6h6Eh1FpgqacQv0EAz49c4PwV3n/NEKB
Ev9TStQAsRV6RRQcistcDe3Josa1L587/gT97q203i7+HZfcdcPdMBZILrgUw4L7
LErJAcKqjSLwjDtPCWXyBn1AirH1LzZau+Qux8VY+RuaZ+wEmlnrC2SkLhaQOPZX
wZu9i0Xa95KwqCK0LAON4m5Ycr7Atq4eErHQR1kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRbYKYOAgPKPdSuBGVWtShaX+C1CTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1cyQ21EZ0lEeWozVXJnUmxWclVvV2xfZ3RRay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcLsDANBgkqhkiG9w0BAQsF
AAOCAQEAkMrvFM25rK5U3ORBm9FueHV/w0ZzFeIluiWLvcqVAbrA16dykc2eWsjr
L0PHR6ACxP/EHEQH7fQXiMyC9o0FbO7Vgpt4ZtUx2Ag66Y2cUYtbf8YYECArZXC3
V47yc/zpJcVn4/wW4ttEZ4yUw5W+uvueO/E4xIOLheUqnkhqF5M45KRCey1fRaTQ
tT6SEAPyy0G15gWH9UDFJGnybSv3PByoYkjMymvMgV7EX9KDWyCJNTzDUoEwhMvI
RPwpfyMACnCU8lwoWHf1myOhvQ/RK66oIqJsEhBuywnINnK3u48Xpzz4llSV957W
DNf+GCnxvcTA/Hyl6Au5aTHU7vOZKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org