Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XUPANIbukjMla9mlBWk9sQv3eww.roa
File:                     XUPANIbukjMla9mlBWk9sQv3eww.roa (raw, json)
Hash identifier:          EJn6wbKv9DQ8KxlTeEQCZl7EQNHT7wM7DDsGNPm3fPY=
Subject key identifier:   5D:43:C0:34:86:EE:92:33:25:6B:D9:A5:05:69:3D:B1:0B:F7:7B:0C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       126C752A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XUPANIbukjMla9mlBWk9sQv3eww.roa
Signing time:             Fri 25 Feb 2022 17:05:57 +0000
ROA not before:           Fri 25 Feb 2022 17:05:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212987
IP address blocks:        2a10:2f00:13b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 309097770 (0x126c752a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 25 17:05:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d43c03486ee9233256bd9a505693db10bf77b0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:57:35:72:bd:df:b9:18:96:80:c3:4d:a1:94:
                    98:4b:78:cb:10:0d:e0:d7:08:9d:d2:3c:02:2a:7f:
                    d0:d3:dd:36:b8:6a:71:8e:af:a4:ad:df:ac:bc:d0:
                    3d:74:2e:2b:aa:57:35:18:ca:d0:fd:90:40:51:56:
                    a4:11:4e:8e:53:65:c0:7a:75:04:c8:e1:4c:5d:b2:
                    fb:57:9f:67:9e:85:5b:87:3e:60:ee:07:17:09:2b:
                    4d:9c:81:50:35:98:6e:9f:53:bb:93:03:c4:4c:54:
                    da:25:22:48:61:f8:ff:4a:b4:57:8c:d2:80:97:2c:
                    ce:f2:ee:e9:60:39:1e:9a:d1:58:7d:c1:42:af:ad:
                    9b:b0:dd:a7:77:7c:43:12:df:70:6c:ba:2b:95:ad:
                    4f:38:4c:09:74:de:19:78:5c:16:ba:84:73:d4:22:
                    e6:2b:c6:4b:ff:e4:32:4a:2c:66:b2:e7:d1:59:5f:
                    c8:ff:06:bc:02:82:b6:3b:6b:37:ee:fc:c1:2d:24:
                    dc:80:a4:f8:3a:18:98:db:9e:e2:95:69:9d:4d:ee:
                    0a:aa:dd:0e:6c:88:78:a9:41:a4:bc:6b:51:76:82:
                    20:bc:14:73:b1:ed:d8:17:de:d1:5a:b1:f9:e1:24:
                    c4:2a:5d:d3:ab:c7:21:24:b0:67:47:be:3c:41:e4:
                    39:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:43:C0:34:86:EE:92:33:25:6B:D9:A5:05:69:3D:B1:0B:F7:7B:0C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XUPANIbukjMla9mlBWk9sQv3eww.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:2f00:13b::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:c0:4e:f8:56:72:cf:ef:93:5c:22:65:f3:01:77:3b:62:51:
         21:c2:9b:d6:2e:6c:2f:e2:ca:57:a9:38:a1:b8:b2:ff:56:69:
         e4:2c:2a:2a:35:d3:0d:01:0d:3e:37:e4:a1:d1:8c:db:f9:ce:
         27:72:f2:2c:12:c0:55:33:19:eb:9f:b2:c4:27:8b:91:86:61:
         75:cd:28:99:e9:b8:e5:ce:30:35:bf:c6:01:a9:95:02:0f:04:
         bd:49:b6:5f:10:ba:2b:1c:bb:20:f9:37:5a:57:ea:e3:69:fb:
         26:3e:14:54:5e:51:c1:64:4e:a3:64:e8:f5:eb:0b:7a:2d:50:
         9e:40:9e:f8:00:e2:17:b5:35:a0:33:e9:1a:e8:74:c3:ad:66:
         a9:82:aa:66:ff:1e:27:72:e1:58:37:47:64:74:26:c5:4c:38:
         24:ec:d2:ff:30:07:64:ef:f4:97:ff:5f:fa:c4:3d:a4:52:21:
         df:30:6b:87:5c:3e:2a:7a:59:d5:10:45:52:b1:4d:56:7e:53:
         b0:66:8b:18:ef:c0:0e:6c:31:cc:a0:9e:30:bc:eb:2e:45:0f:
         f7:2b:6d:ba:56:bb:14:61:b8:a3:6a:78:ca:f7:88:71:07:2c:
         ff:11:99:c2:48:ca:03:ce:f6:b7:6b:2c:8f:8e:f3:82:e5:f0:
         8e:64:5b:89
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEmx1KjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIy
NTE3MDU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0M2MwMzQ4NmVl
OTIzMzI1NmJkOWE1MDU2OTNkYjEwYmY3N2IwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVXNXK937kYloDDTaGUmEt4yxAN4NcIndI8Aip/0NPdNrhq
cY6vpK3frLzQPXQuK6pXNRjK0P2QQFFWpBFOjlNlwHp1BMjhTF2y+1efZ56FW4c+
YO4HFwkrTZyBUDWYbp9Tu5MDxExU2iUiSGH4/0q0V4zSgJcszvLu6WA5HprRWH3B
Qq+tm7Ddp3d8QxLfcGy6K5WtTzhMCXTeGXhcFrqEc9Qi5ivGS//kMkosZrLn0Vlf
yP8GvAKCtjtrN+78wS0k3ICk+DoYmNue4pVpnU3uCqrdDmyIeKlBpLxrUXaCILwU
c7Ht2Bfe0Vqx+eEkxCpd06vHISSwZ0e+PEHkObUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRdQ8A0hu6SMyVr2aUFaT2xC/d7DDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1hVUEFOSWJ1a2pNbGE5bWxCV2s5c1F2M2V3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwABOzANBgkqhkiG9w0BAQsF
AAOCAQEANMBO+FZyz++TXCJl8wF3O2JRIcKb1i5sL+LKV6k4obiy/1Zp5CwqKjXT
DQENPjfkodGM2/nOJ3LyLBLAVTMZ65+yxCeLkYZhdc0omem45c4wNb/GAamVAg8E
vUm2XxC6Kxy7IPk3Wlfq42n7Jj4UVF5RwWROo2To9esLei1QnkCe+ADiF7U1oDPp
Guh0w61mqYKqZv8eJ3LhWDdHZHQmxUw4JOzS/zAHZO/0l/9f+sQ9pFIh3zBrh1w+
KnpZ1RBFUrFNVn5TsGaLGO/ADmwxzKCeMLzrLkUP9yttula7FGG4o2p4yveIcQcs
/xGZwkjKA872t2ssj47zguXwjmRbiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org