Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y34FbPeWsI9sR-ukwsFK_JCzwrU.roa
File:                     Y34FbPeWsI9sR-ukwsFK_JCzwrU.roa (raw, json)
Hash identifier:          vhWIPM+nhQ5E99aTAgoZZyb0UTgRNhF0YHGZW7mH+hs=
Subject key identifier:   63:7E:05:6C:F7:96:B0:8F:6C:47:EB:A4:C2:C1:4A:FC:90:B3:C2:B5
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       12F2C9DA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y34FbPeWsI9sR-ukwsFK_JCzwrU.roa
Signing time:             Wed 16 Mar 2022 14:22:22 +0000
ROA not before:           Wed 16 Mar 2022 14:22:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207716
IP address blocks:        2a0e:97c0:7b0::/44 maxlen: 48
                          2a0e:97c0:7bf::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 317901274 (0x12f2c9da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 16 14:22:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=637e056cf796b08f6c47eba4c2c14afc90b3c2b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:71:1c:2d:75:9c:78:cb:86:ef:6f:48:39:0a:
                    88:dc:62:65:4f:17:b6:36:f0:75:bd:94:49:24:e5:
                    93:25:39:07:35:86:6d:df:42:71:b5:42:7b:83:fe:
                    98:10:59:a0:7b:49:41:b0:e9:6e:70:af:9e:92:f3:
                    c8:a4:67:ff:82:0d:74:fc:8f:8e:7e:fe:77:79:a7:
                    9a:16:2b:99:45:75:be:1a:1f:1d:5b:bb:29:82:f5:
                    52:9b:22:da:fc:35:0e:d9:07:29:0e:04:9a:69:a0:
                    e6:bd:04:7e:ea:cb:fa:b3:f8:b5:ca:1c:c8:11:42:
                    2f:b4:20:06:c0:9c:5c:e5:73:88:47:ae:06:37:60:
                    04:42:06:21:17:9a:c6:e5:ea:4e:bc:6b:ff:04:b1:
                    aa:8f:3c:55:47:27:a0:4d:36:2c:dc:5e:64:cf:bb:
                    5d:b9:59:0d:99:84:b8:c4:f2:26:94:ce:a8:94:09:
                    38:d9:c6:d4:31:01:e0:23:62:c6:70:34:07:28:ae:
                    57:fc:2a:13:fe:0f:f5:03:3f:15:e3:ac:03:46:29:
                    b1:61:f0:06:b2:40:f4:05:44:35:1b:5b:d1:4b:22:
                    e4:47:24:61:8d:75:c3:9a:c2:f1:4e:01:94:e9:43:
                    94:b9:6c:66:ed:01:ff:44:27:3b:91:a3:40:c3:58:
                    9f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7E:05:6C:F7:96:B0:8F:6C:47:EB:A4:C2:C1:4A:FC:90:B3:C2:B5
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y34FbPeWsI9sR-ukwsFK_JCzwrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:7b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         c8:6a:8a:cb:43:8f:60:72:97:7f:56:92:4b:66:26:90:9a:f3:
         0a:ba:83:4e:6d:92:27:03:ce:00:d1:a5:9f:c7:4a:21:b7:37:
         97:8a:29:d6:cf:da:b8:f5:fa:25:ca:4f:f1:60:e8:5c:73:b8:
         e8:f9:8c:25:d4:16:fc:5f:f7:f8:4a:bb:6b:45:ec:2d:fe:bc:
         22:cb:4d:e8:52:73:ec:37:0c:83:48:fc:e9:53:99:77:c8:61:
         6c:91:78:9e:d8:41:4d:97:33:c7:31:d4:0a:3b:5a:72:1e:98:
         6b:cf:6a:b8:a6:7f:3c:a6:44:81:43:72:a5:e4:20:11:c8:08:
         78:aa:dc:85:ea:d7:8a:3c:53:6e:00:dc:fa:13:98:2d:37:97:
         32:2f:b1:da:b0:e4:34:a0:a4:a7:74:7b:94:0a:1b:73:10:e5:
         c7:61:9b:4f:fb:7c:1c:26:a7:bc:98:4b:3e:5f:22:16:d2:37:
         a9:6a:0b:fc:cd:89:56:c0:24:ac:c7:86:fa:08:73:a5:99:f2:
         12:94:8c:20:4b:dc:f9:0e:ff:88:88:3b:1c:23:fd:78:55:d9:
         d3:76:72:90:24:cc:75:c5:a5:6e:04:f8:f6:36:f5:4f:5f:fe:
         75:b5:e8:1d:e4:02:ad:e1:87:c0:4b:5c:89:e5:5f:29:18:8a:
         5a:28:1e:ee
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEvLJ2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMx
NjE0MjIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM3ZTA1NmNmNzk2
YjA4ZjZjNDdlYmE0YzJjMTRhZmM5MGIzYzJiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxxHC11nHjLhu9vSDkKiNxiZU8Xtjbwdb2USSTlkyU5BzWG
bd9CcbVCe4P+mBBZoHtJQbDpbnCvnpLzyKRn/4INdPyPjn7+d3mnmhYrmUV1vhof
HVu7KYL1Upsi2vw1DtkHKQ4Emmmg5r0EfurL+rP4tcocyBFCL7QgBsCcXOVziEeu
BjdgBEIGIReaxuXqTrxr/wSxqo88VUcnoE02LNxeZM+7XblZDZmEuMTyJpTOqJQJ
ONnG1DEB4CNixnA0ByiuV/wqE/4P9QM/FeOsA0YpsWHwBrJA9AVENRtb0Usi5Eck
YY11w5rC8U4BlOlDlLlsZu0B/0QnO5GjQMNYn1UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRjfgVs95awj2xH66TCwUr8kLPCtTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1kzNEZiUGVXc0k5c1ItdWt3c0ZLX0pDendyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AHsDANBgkqhkiG9w0BAQsF
AAOCAQEAyGqKy0OPYHKXf1aSS2YmkJrzCrqDTm2SJwPOANGln8dKIbc3l4op1s/a
uPX6JcpP8WDoXHO46PmMJdQW/F/3+Eq7a0XsLf68IstN6FJz7DcMg0j86VOZd8hh
bJF4nthBTZczxzHUCjtach6Ya89quKZ/PKZEgUNypeQgEcgIeKrcherXijxTbgDc
+hOYLTeXMi+x2rDkNKCkp3R7lAobcxDlx2GbT/t8HCanvJhLPl8iFtI3qWoL/M2J
VsAkrMeG+ghzpZnyEpSMIEvc+Q7/iIg7HCP9eFXZ03ZykCTMdcWlbgT49jb1T1/+
dbXoHeQCreGHwEtcieVfKRiKWige7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org