Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WBC2e4ZbZcWYPS56u5VxTpjTW1E.roa
File:                     WBC2e4ZbZcWYPS56u5VxTpjTW1E.roa (raw, json)
Hash identifier:          dOuUkUmimrBX6JOow9mLUZIICWSTqn7t6nxbLMXtvwA=
Subject key identifier:   58:10:B6:7B:86:5B:65:C5:98:3D:2E:7A:BB:95:71:4E:98:D3:5B:51
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10B80D9D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WBC2e4ZbZcWYPS56u5VxTpjTW1E.roa
Signing time:             Sat 01 Jan 2022 09:05:22 +0000
ROA not before:           Sat 01 Jan 2022 09:05:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210951
IP address blocks:        2a0e:b107:15d0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 280497565 (0x10b80d9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5810b67b865b65c5983d2e7abb95714e98d35b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:82:ab:8c:78:71:e9:4a:9d:18:05:09:75:41:
                    d3:46:71:5f:05:9b:15:98:a1:b0:75:f7:d8:3c:b2:
                    43:0d:e0:2f:85:90:1a:78:ec:fd:54:04:51:c6:8d:
                    17:b4:69:da:f4:db:e6:43:67:34:11:63:b3:28:40:
                    c5:57:6d:eb:40:fb:b4:9b:a8:79:db:c9:45:4f:6c:
                    14:e9:aa:74:3d:d7:9e:02:08:70:cd:86:64:c6:f2:
                    1e:9b:fd:9c:3c:0b:03:11:35:3f:40:da:4f:c8:5b:
                    54:5f:18:9f:0d:bb:c9:34:0a:99:aa:a4:37:0f:30:
                    a1:93:fa:f3:cd:58:65:54:55:cc:08:ba:63:93:33:
                    b2:03:b4:4c:b5:82:80:df:79:cd:b2:63:3d:6e:a4:
                    ab:36:57:93:d0:c4:0a:b9:30:85:8a:16:7d:06:be:
                    c2:42:07:33:ce:6a:60:38:ee:8f:eb:d4:8e:d5:00:
                    98:b1:a3:e3:74:c7:5f:63:c9:80:62:e5:f6:8e:3a:
                    89:1a:9a:31:78:f3:af:aa:1d:1f:b5:10:93:41:4a:
                    68:1e:18:7b:84:fa:6c:ce:e8:dd:3b:08:d0:c1:00:
                    83:b1:6f:d7:0b:d3:8d:17:38:2d:89:e0:b9:37:39:
                    40:9f:ae:41:84:bf:9e:bd:b3:20:60:fd:14:d6:3e:
                    2f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:10:B6:7B:86:5B:65:C5:98:3D:2E:7A:BB:95:71:4E:98:D3:5B:51
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WBC2e4ZbZcWYPS56u5VxTpjTW1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:15d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         aa:f2:4d:2b:24:36:42:7a:ab:31:bb:4e:39:06:47:12:1d:5a:
         b2:e1:18:15:09:91:d5:ad:bd:62:0c:24:4b:7d:22:5a:40:2d:
         15:e5:d8:a1:7b:06:99:51:21:cc:b5:a4:0d:82:4d:5a:3b:ff:
         72:fe:d6:da:ec:d7:0f:b1:b6:5c:51:5c:38:09:98:a7:a9:b3:
         de:e0:1c:1e:77:41:66:d7:b9:12:84:62:12:96:06:55:9e:44:
         0d:73:2a:f0:20:11:05:8e:71:6c:19:cd:c7:bf:b4:75:55:5e:
         81:13:27:c7:51:c7:76:6c:b6:3f:03:38:c0:26:1b:0e:08:b0:
         c1:46:25:a9:d3:dd:5e:ce:70:d4:19:ca:67:c0:d0:a4:80:70:
         c2:f3:7d:82:76:06:de:05:b9:bf:b0:c9:fc:38:60:f5:58:e9:
         a0:e9:99:9b:f1:c8:0a:c7:bd:50:d2:2b:3e:a6:82:5f:e3:1e:
         c7:bf:f1:1a:ed:66:e0:97:cf:91:de:15:60:79:09:32:ad:50:
         97:8d:16:6b:ee:df:fd:c6:31:de:41:49:27:bc:07:4b:f1:9e:
         de:9f:05:7c:40:35:86:35:f5:19:e8:28:38:d8:78:f6:93:a8:
         ee:51:30:e7:cd:5e:73:4b:47:9c:f5:3e:ef:e7:fb:44:a5:6f:
         4e:8e:17:3d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEELgNnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgxMGI2N2I4NjVi
NjVjNTk4M2QyZTdhYmI5NTcxNGU5OGQzNWI1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWCq4x4celKnRgFCXVB00ZxXwWbFZihsHX32DyyQw3gL4WQ
Gnjs/VQEUcaNF7Rp2vTb5kNnNBFjsyhAxVdt60D7tJuoedvJRU9sFOmqdD3XngII
cM2GZMbyHpv9nDwLAxE1P0DaT8hbVF8Ynw27yTQKmaqkNw8woZP6881YZVRVzAi6
Y5MzsgO0TLWCgN95zbJjPW6kqzZXk9DECrkwhYoWfQa+wkIHM85qYDjuj+vUjtUA
mLGj43THX2PJgGLl9o46iRqaMXjzr6odH7UQk0FKaB4Ye4T6bM7o3TsI0MEAg7Fv
1wvTjRc4LYnguTc5QJ+uQYS/nr2zIGD9FNY+L7MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRYELZ7hltlxZg9Lnq7lXFOmNNbUTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1dCQzJlNFpiWmNXWVBTNTZ1NVZ4VHBqVFcxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcV0DANBgkqhkiG9w0BAQsF
AAOCAQEAqvJNKyQ2QnqrMbtOOQZHEh1asuEYFQmR1a29YgwkS30iWkAtFeXYoXsG
mVEhzLWkDYJNWjv/cv7W2uzXD7G2XFFcOAmYp6mz3uAcHndBZte5EoRiEpYGVZ5E
DXMq8CARBY5xbBnNx7+0dVVegRMnx1HHdmy2PwM4wCYbDgiwwUYlqdPdXs5w1BnK
Z8DQpIBwwvN9gnYG3gW5v7DJ/Dhg9VjpoOmZm/HICse9UNIrPqaCX+Mex7/xGu1m
4JfPkd4VYHkJMq1Ql40Wa+7f/cYx3kFJJ7wHS/Ge3p8FfEA1hjX1GegoONh49pOo
7lEw581ec0tHnPU+7+f7RKVvTo4XPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org