Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yr21fi_bIpQ4jh2OZf1Iqj7OVuY.roa
File:                     Yr21fi_bIpQ4jh2OZf1Iqj7OVuY.roa (raw, json)
Hash identifier:          pG/wlP+8Yun1AXOg7V/aUn/2LyECBVvXUdg4AwpJIQ0=
Subject key identifier:   62:BD:B5:7E:2F:DB:22:94:38:8E:1D:8E:65:FD:48:AA:3E:CE:56:E6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0182AB2F46858D9C2CA38075BC6669B811E2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yr21fi_bIpQ4jh2OZf1Iqj7OVuY.roa
Signing time:             Wed 17 Aug 2022 09:42:58 +0000
ROA not before:           Wed 17 Aug 2022 09:42:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212294
IP address blocks:        2a0e:b107:1ba0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ab:2f:46:85:8d:9c:2c:a3:80:75:bc:66:69:b8:11:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 17 09:42:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62bdb57e2fdb2294388e1d8e65fd48aa3ece56e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ca:ef:a4:dd:a6:27:6a:2a:a2:62:f5:77:54:
                    ee:9e:af:81:71:aa:27:b8:4d:89:fd:6f:ff:ae:16:
                    f6:2d:6a:2e:79:ae:ff:1c:40:6f:a9:14:a8:41:35:
                    7e:17:c0:82:57:2b:cd:2b:0f:51:75:ab:5a:84:1e:
                    ba:28:3b:60:ab:0f:b8:90:c7:0c:56:97:2d:c4:f9:
                    be:e1:13:20:cd:a0:c5:b9:91:4b:70:46:0c:6b:91:
                    91:1f:f9:36:cf:b1:98:8a:5f:70:8a:48:e0:83:6d:
                    64:ad:a5:87:b8:d3:2a:1f:bd:7c:a4:4e:de:0f:fe:
                    50:7c:d9:4b:8f:c9:33:d4:5d:b7:79:9d:d8:5b:11:
                    29:20:ee:49:c8:33:b0:39:fa:b0:b5:f1:a3:d8:59:
                    2f:45:b7:b1:b3:26:1b:51:cb:6f:aa:b0:c7:98:5b:
                    f0:0e:0c:0b:82:7f:31:02:0c:09:44:ec:45:ea:a5:
                    4b:cd:4a:1c:2a:ef:ad:67:ac:19:90:a6:c7:69:90:
                    7d:f9:54:ca:84:21:5c:d2:87:16:38:11:17:83:56:
                    d5:97:26:7e:48:e4:78:6b:3e:d0:fc:11:a7:4f:69:
                    a9:0d:90:8e:3d:03:c2:7b:2b:52:e4:33:2b:88:82:
                    10:38:49:12:7e:cb:63:86:d6:1f:1e:ad:87:b7:dc:
                    8c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:BD:B5:7E:2F:DB:22:94:38:8E:1D:8E:65:FD:48:AA:3E:CE:56:E6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yr21fi_bIpQ4jh2OZf1Iqj7OVuY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1ba0::/44

    Signature Algorithm: sha256WithRSAEncryption
         55:a6:b3:3b:78:06:bb:2f:57:9b:26:cc:77:db:1b:ae:34:97:
         91:8a:bb:f1:36:e9:29:6d:75:f8:df:10:06:44:5a:53:83:0c:
         0e:62:0d:38:be:27:14:a0:b6:07:cd:25:75:8a:89:4b:1b:2f:
         18:ee:d6:d8:a0:cf:23:19:7a:cb:9d:b1:ea:58:9a:e9:08:06:
         a5:1f:34:94:cd:7a:6a:c6:18:b8:3b:79:6a:2c:9b:fb:df:ad:
         b5:35:59:de:80:71:c2:ff:60:7a:22:4e:51:0e:2e:c8:26:0f:
         66:78:17:78:e8:f1:2f:20:84:80:8f:e3:fa:88:d4:56:0c:81:
         8e:3d:ca:13:0f:f5:db:66:e5:a2:ac:58:b3:f3:f0:cc:55:a5:
         ec:45:cb:f4:af:f1:5c:94:64:f5:81:e7:47:0a:f0:c1:e6:5b:
         31:e8:22:29:da:38:6d:b5:98:a9:f0:6e:e1:62:f7:98:e4:09:
         59:6c:ba:5a:4a:cf:fe:9b:ff:f7:00:d4:61:ba:5e:90:d6:f0:
         f5:c4:89:fe:ac:4e:7a:f4:80:e0:8f:ff:00:bb:fa:da:3d:54:
         39:a3:a7:94:bf:d2:3c:89:9a:a9:2d:a6:65:3b:8e:82:f8:4d:
         09:01:5f:ec:65:3f:ac:65:82:39:82:71:7f:b2:f6:2a:bd:51:
         47:1f:14:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYKrL0aFjZwso4B1vGZpuBHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODE3MDk0MjU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJkYjU3ZTJmZGIyMjk0Mzg4ZTFkOGU2NWZkNDhhYTNlY2U1NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8rvpN2mJ2oqomL1d1Tunq+Bcaon
uE2J/W//rhb2LWouea7/HEBvqRSoQTV+F8CCVyvNKw9RdatahB66KDtgqw+4kMcM
VpctxPm+4RMgzaDFuZFLcEYMa5GRH/k2z7GYil9wikjgg21kraWHuNMqH718pE7e
D/5QfNlLj8kz1F23eZ3YWxEpIO5JyDOwOfqwtfGj2FkvRbexsyYbUctvqrDHmFvw
DgwLgn8xAgwJROxF6qVLzUocKu+tZ6wZkKbHaZB9+VTKhCFc0ocWOBEXg1bVlyZ+
SOR4az7Q/BGnT2mpDZCOPQPCeytS5DMriIIQOEkSfstjhtYfHq2Ht9yM0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGK9tX4v2yKUOI4djmX9SKo+zlbmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWXIyMWZpX2JJcFE0amgyT1pmMUlxajdPVnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxug
MA0GCSqGSIb3DQEBCwUAA4IBAQBVprM7eAa7L1ebJsx32xuuNJeRirvxNukpbXX4
3xAGRFpTgwwOYg04vicUoLYHzSV1iolLGy8Y7tbYoM8jGXrLnbHqWJrpCAalHzSU
zXpqxhi4O3lqLJv73621NVnegHHC/2B6Ik5RDi7IJg9meBd46PEvIISAj+P6iNRW
DIGOPcoTD/XbZuWirFiz8/DMVaXsRcv0r/FclGT1gedHCvDB5lsx6CIp2jhttZip
8G7hYveY5AlZbLpaSs/+m//3ANRhul6Q1vD1xIn+rE569IDgj/8Au/raPVQ5o6eU
v9I8iZqpLaZlO46C+E0JAV/sZT+sZYI5gnF/svYqvVFHHxQn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:06 2024 by rpki-client on console-ams.rpki-client.org