Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cqXF_fejimMYQy2hNNL4-4zXYo8.roa
File:                     cqXF_fejimMYQy2hNNL4-4zXYo8.roa (raw, json)
Hash identifier:          dwlWeYB/n1nyCBWQLTyYaK2qaykUexJna2k20h4LZeA=
Subject key identifier:   72:A5:C5:FD:F7:A3:8A:63:18:43:2D:A1:34:D2:F8:FB:8C:D7:62:8F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0184E12FB2D6EAEB578353BD58603FF1A3CE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cqXF_fejimMYQy2hNNL4-4zXYo8.roa
Signing time:             Mon 05 Dec 2022 07:28:30 +0000
ROA not before:           Mon 05 Dec 2022 07:28:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208188
IP address blocks:        2a0e:b107:27f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e1:2f:b2:d6:ea:eb:57:83:53:bd:58:60:3f:f1:a3:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec  5 07:28:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72a5c5fdf7a38a6318432da134d2f8fb8cd7628f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cd:7d:3d:8e:3f:84:03:1b:e4:74:ab:52:d6:
                    65:e7:41:0f:f2:f7:6a:a3:8f:8b:10:9c:10:33:ca:
                    c3:36:16:e5:d7:d4:24:9e:bf:b7:30:2b:71:03:91:
                    11:40:b8:90:02:8b:b5:e2:48:f8:33:33:b3:e0:a6:
                    56:6f:f6:b2:ec:92:1c:a2:7e:bd:da:b7:e4:5d:db:
                    0f:f1:7f:6e:d8:97:1b:77:d6:d3:0d:9b:8b:be:fe:
                    d6:5a:e1:d4:63:bf:a2:13:d0:86:93:8c:62:d6:9e:
                    20:9a:08:41:d5:63:e9:bc:8d:27:1e:13:75:78:ca:
                    ed:30:80:6a:40:d7:91:3b:2d:ee:6b:c6:a8:f4:be:
                    77:f9:5e:98:51:93:91:d7:8f:a3:e9:33:c8:45:7d:
                    36:89:a0:4a:01:ff:e5:fa:c4:32:82:0e:14:45:c7:
                    97:73:ed:19:ac:c8:2a:f9:8a:2a:75:85:6e:61:5a:
                    d7:8c:6e:17:68:e8:95:ca:67:99:05:92:fe:04:91:
                    21:bc:23:4e:48:32:71:6c:8a:0e:e7:39:9f:bc:97:
                    6b:a0:04:f7:91:fd:e5:0c:74:e2:34:09:77:94:01:
                    f3:78:2c:29:da:09:77:af:a5:70:92:83:0c:61:f4:
                    d3:8f:70:37:60:f8:82:21:0f:00:ee:a8:ef:ef:a2:
                    4f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:A5:C5:FD:F7:A3:8A:63:18:43:2D:A1:34:D2:F8:FB:8C:D7:62:8F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cqXF_fejimMYQy2hNNL4-4zXYo8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:27f::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:a6:41:ee:e4:95:5c:5d:42:d4:ce:94:af:05:21:37:79:3c:
         c2:3a:63:15:67:02:bb:d1:83:55:99:ee:1d:88:eb:17:40:0f:
         9d:9d:6b:f9:d5:3e:d1:b3:d9:51:c3:7f:31:67:3d:4e:ac:33:
         43:22:de:ef:58:3d:46:ec:f6:b7:c6:14:c7:1c:fb:e2:db:8e:
         1d:51:8c:b9:8b:46:3b:6d:b9:81:be:4f:21:c1:9f:14:44:f7:
         13:a9:9b:43:27:45:fe:d9:85:2f:d1:21:fe:e6:45:3c:23:7e:
         7c:68:c7:da:a3:1d:a7:7b:ef:fd:8f:16:21:e1:54:fc:b7:88:
         ed:d9:37:e6:09:5b:20:8d:59:24:45:a6:f9:af:25:69:76:7f:
         47:5c:9e:42:69:94:e4:09:55:2f:38:69:22:d8:5d:cc:c5:3d:
         16:ba:62:0b:9a:88:14:96:9c:e1:c2:96:75:45:cf:83:de:55:
         1b:a3:99:cd:4f:2e:d0:0f:d7:a9:85:bf:1d:54:34:c4:7f:56:
         85:8d:2f:7f:79:d2:b8:77:94:e0:cc:85:23:1d:b4:0f:c3:9a:
         f8:e8:8c:4a:88:f7:26:a5:02:6a:f3:2a:f1:85:26:71:9a:fc:
         e4:cd:3f:18:d2:3d:8a:44:d1:cc:65:2d:09:64:78:e2:ab:51:
         50:52:ff:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYThL7LW6utXg1O9WGA/8aPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA1MDcyODMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE1YzVmZGY3YTM4YTYzMTg0MzJkYTEzNGQyZjhmYjhjZDc2MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp819PY4/hAMb5HSrUtZl50EP8vdq
o4+LEJwQM8rDNhbl19Qknr+3MCtxA5ERQLiQAou14kj4MzOz4KZWb/ay7JIcon69
2rfkXdsP8X9u2Jcbd9bTDZuLvv7WWuHUY7+iE9CGk4xi1p4gmghB1WPpvI0nHhN1
eMrtMIBqQNeROy3ua8ao9L53+V6YUZOR14+j6TPIRX02iaBKAf/l+sQygg4URceX
c+0ZrMgq+YoqdYVuYVrXjG4XaOiVymeZBZL+BJEhvCNOSDJxbIoO5zmfvJdroAT3
kf3lDHTiNAl3lAHzeCwp2gl3r6VwkoMMYfTTj3A3YPiCIQ8A7qjv76JP+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHKlxf33o4pjGEMtoTTS+PuM12KPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY3FYRl9mZWppbU1ZUXkyaE5OTDQtNHpYWW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwJ/
MA0GCSqGSIb3DQEBCwUAA4IBAQA4pkHu5JVcXULUzpSvBSE3eTzCOmMVZwK70YNV
me4diOsXQA+dnWv51T7Rs9lRw38xZz1OrDNDIt7vWD1G7Pa3xhTHHPvi244dUYy5
i0Y7bbmBvk8hwZ8URPcTqZtDJ0X+2YUv0SH+5kU8I358aMfaox2ne+/9jxYh4VT8
t4jt2TfmCVsgjVkkRab5ryVpdn9HXJ5CaZTkCVUvOGki2F3MxT0WumILmogUlpzh
wpZ1Rc+D3lUbo5nNTy7QD9ephb8dVDTEf1aFjS9/edK4d5TgzIUjHbQPw5r46IxK
iPcmpQJq8yrxhSZxmvzkzT8Y0j2KRNHMZS0JZHjiq1FQUv+7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:08 2024 by rpki-client on console-ams.rpki-client.org