Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y35OSzIPyxsvWxT7q4WTAFZ0V1I.roa
File:                     Y35OSzIPyxsvWxT7q4WTAFZ0V1I.roa (raw, json)
Hash identifier:          sYOIfovn/YifzIzKCc+DpMvbPuQwQOfUb8O1/Kd52/w=
Subject key identifier:   63:7E:4E:4B:32:0F:CB:1B:2F:5B:14:FB:AB:85:93:00:56:74:57:52
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10DC7BD6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y35OSzIPyxsvWxT7q4WTAFZ0V1I.roa
Signing time:             Sat 01 Jan 2022 09:05:43 +0000
ROA not before:           Sat 01 Jan 2022 09:05:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212268
IP address blocks:        2a0e:b107:f28::/48 maxlen: 48
                          2a0e:b107:f2a::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 282885078 (0x10dc7bd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=637e4e4b320fcb1b2f5b14fbab85930056745752
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6b:9b:1f:e3:c7:14:70:ee:94:a3:9f:0b:68:
                    39:46:58:0f:1f:8c:ac:7c:5d:e5:30:6b:c3:1d:04:
                    b8:06:af:aa:d4:6b:82:11:83:82:6d:a9:a3:87:b5:
                    50:6d:34:8c:6b:76:c1:5c:2e:cb:db:cf:f1:2c:70:
                    a1:42:fa:81:f5:6e:b4:f4:da:4f:82:00:9c:e2:60:
                    0b:a3:1b:dc:2c:3d:69:2a:55:16:22:f7:fb:00:0c:
                    ec:f2:0d:ef:33:3a:50:2e:c1:97:81:7b:ba:e6:de:
                    5d:5e:f0:12:13:dc:4a:98:3d:01:d5:a5:eb:72:18:
                    85:0d:f7:e0:bb:f7:ff:73:2e:7e:f4:ef:5c:74:9d:
                    24:00:ad:5a:73:19:cf:69:f9:43:c8:87:b0:36:92:
                    ca:be:ee:10:5e:8e:56:52:16:26:23:ff:88:b2:44:
                    0c:ec:2b:98:ec:6f:ca:34:15:b4:b2:01:37:ea:ec:
                    11:b6:b7:8a:10:4b:21:32:6a:8f:72:f5:57:de:da:
                    83:06:78:de:5e:d5:da:88:7e:85:82:80:84:60:30:
                    bb:d6:ea:b1:9e:10:ea:3b:a2:e9:cf:2e:01:8b:2b:
                    57:6e:16:3e:97:94:e4:70:c1:ab:bf:e0:d8:79:ac:
                    42:be:5a:a1:14:65:8b:a3:11:3f:40:f5:67:14:a0:
                    0b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7E:4E:4B:32:0F:CB:1B:2F:5B:14:FB:AB:85:93:00:56:74:57:52
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y35OSzIPyxsvWxT7q4WTAFZ0V1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:f28::/48
                  2a0e:b107:f2a::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:75:54:2f:65:60:c7:91:7f:78:e0:3e:40:19:fa:71:61:a8:
         4a:4f:21:e6:e7:38:06:c7:6e:1d:57:ab:b5:38:12:dd:d0:5f:
         f0:ce:01:dd:10:5d:f3:5a:d8:0f:24:ed:36:4e:f6:b2:78:a8:
         6b:4c:72:2b:41:e4:89:b5:a5:9f:81:6e:25:80:de:65:05:4e:
         59:a3:e3:c2:29:9b:9f:91:bd:72:98:7d:5e:ec:7d:b8:33:45:
         a2:c1:14:d5:f8:4d:cc:0e:75:55:ec:90:18:c0:ee:a0:8a:3e:
         6e:6e:34:85:62:f2:15:fc:16:34:d2:de:eb:3f:6a:ed:97:2a:
         e8:e6:e6:f6:7f:98:dc:84:e6:8f:89:fa:65:b8:c5:d5:f4:5b:
         fd:d2:25:a3:72:17:06:3b:8d:d9:08:a7:20:62:34:f8:bd:aa:
         7b:42:08:f7:e2:4a:cf:75:b7:17:f5:64:27:66:73:5d:6c:70:
         ef:02:6f:c1:6b:a2:cb:7d:de:a2:4d:e8:fa:bd:a1:b7:ea:90:
         f5:42:2a:d3:3e:ed:f9:f3:a4:c7:5e:fc:a0:02:6a:b0:13:60:
         73:03:ff:92:b2:03:38:9b:5e:c9:22:ed:ac:e5:83:37:02:8c:
         b0:cf:44:f6:31:c7:43:9b:eb:6c:f7:88:75:d7:b5:e2:02:81:
         98:e6:d3:6a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEENx71jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM3ZTRlNGIzMjBm
Y2IxYjJmNWIxNGZiYWI4NTkzMDA1Njc0NTc1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRrmx/jxxRw7pSjnwtoOUZYDx+MrHxd5TBrwx0EuAavqtRr
ghGDgm2po4e1UG00jGt2wVwuy9vP8SxwoUL6gfVutPTaT4IAnOJgC6Mb3Cw9aSpV
FiL3+wAM7PIN7zM6UC7Bl4F7uubeXV7wEhPcSpg9AdWl63IYhQ334Lv3/3MufvTv
XHSdJACtWnMZz2n5Q8iHsDaSyr7uEF6OVlIWJiP/iLJEDOwrmOxvyjQVtLIBN+rs
Eba3ihBLITJqj3L1V97agwZ43l7V2oh+hYKAhGAwu9bqsZ4Q6jui6c8uAYsrV24W
PpeU5HDBq7/g2HmsQr5aoRRli6MRP0D1ZxSgC4ECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRjfk5LMg/LGy9bFPurhZMAVnRXUjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1kzNU9TeklQeXhzdld4VDdxNFdUQUZaMFYxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoOsQcPKAMHACoOsQcPKjANBgkq
hkiG9w0BAQsFAAOCAQEApXVUL2Vgx5F/eOA+QBn6cWGoSk8h5uc4BsduHVertTgS
3dBf8M4B3RBd81rYDyTtNk72snioa0xyK0HkibWln4FuJYDeZQVOWaPjwimbn5G9
cph9Xux9uDNFosEU1fhNzA51VeyQGMDuoIo+bm40hWLyFfwWNNLe6z9q7Zcq6Obm
9n+Y3ITmj4n6ZbjF1fRb/dIlo3IXBjuN2QinIGI0+L2qe0II9+JKz3W3F/VkJ2Zz
XWxw7wJvwWuiy33eok3o+r2ht+qQ9UIq0z7t+fOkx178oAJqsBNgcwP/krIDOJte
ySLtrOWDNwKMsM9E9jHHQ5vrbPeIdde14gKBmObTag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:05 2024 by rpki-client on console-ams.rpki-client.org