Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/crMJVJcy4yKyzXVkCioOmxI-WG0.roa
File:                     crMJVJcy4yKyzXVkCioOmxI-WG0.roa (raw, json)
Hash identifier:          5XrUntH1qsoKpdeJrM8aRJ/x+bBl7ecPf4fQgUNPRgg=
Subject key identifier:   72:B3:09:54:97:32:E3:22:B2:CD:75:64:0A:2A:0E:9B:12:3E:58:6D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018488AFAD911C4B9B4A9FAD32D47F2B427A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/crMJVJcy4yKyzXVkCioOmxI-WG0.roa
Signing time:             Fri 18 Nov 2022 03:02:05 +0000
ROA not before:           Fri 18 Nov 2022 03:02:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51076
IP address blocks:        2a0e:97c0:7e5::/48 maxlen: 48
                          2a0e:97c0:7e8::/48 maxlen: 48
                          2a0e:97c0:7e0::/48 maxlen: 48
                          2a0e:97c0:7e3::/48 maxlen: 48
                          2a0e:97c0:7e6::/48 maxlen: 48
                          2a0e:97c0:7e9::/48 maxlen: 48
                          2a0e:97c0:7e1::/48 maxlen: 48
                          2a0e:97c0:7e4::/48 maxlen: 48
                          2a0e:97c0:7e7::/48 maxlen: 48
                          2a0e:97c0:7ea::/48 maxlen: 48
                          2a0e:97c0:7e2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:88:af:ad:91:1c:4b:9b:4a:9f:ad:32:d4:7f:2b:42:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 18 03:02:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72b309549732e322b2cd75640a2a0e9b123e586d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:34:ac:51:b0:a9:da:4d:b3:48:30:f9:a1:04:
                    b8:66:86:9a:89:dc:d7:34:5f:c0:d5:3a:e8:52:d6:
                    33:00:d8:3c:af:04:04:fb:c7:34:b8:2b:6f:92:2b:
                    08:a2:8a:f6:0e:1b:3f:d7:e8:74:ae:84:80:80:da:
                    27:80:59:dc:89:22:cc:66:03:17:69:86:d8:83:e4:
                    56:f6:79:63:96:63:33:2b:fc:28:5e:b4:1e:14:e4:
                    90:19:5a:cb:9b:94:eb:b0:0d:8d:6a:a1:e0:a5:ac:
                    ce:6c:b0:b3:0f:c8:13:b8:8c:b1:73:ce:56:f8:53:
                    d9:38:2a:66:20:98:1d:e3:8c:7c:86:de:ee:b1:f9:
                    f5:fe:08:57:24:03:7d:b6:2d:95:00:d0:09:3d:6d:
                    d7:7a:69:7b:ce:0e:1f:07:fd:f3:e8:b8:49:4d:d5:
                    87:05:8e:26:05:b0:fd:ad:d6:7e:8a:d3:e7:cb:70:
                    44:16:66:59:6b:5d:da:83:d4:cd:cd:35:56:28:69:
                    e5:3d:55:7d:2d:df:c8:58:a5:d7:56:1b:14:cf:26:
                    15:2b:93:f6:12:12:47:63:ad:03:08:5b:32:c5:12:
                    25:11:d7:87:62:20:1c:1f:2b:cc:4d:04:db:c5:49:
                    a6:0b:55:14:0c:8b:38:1a:bd:44:3a:0a:1e:0e:54:
                    e4:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:B3:09:54:97:32:E3:22:B2:CD:75:64:0A:2A:0E:9B:12:3E:58:6D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/crMJVJcy4yKyzXVkCioOmxI-WG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:7e0::-2a0e:97c0:7ea:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         79:08:a6:d5:05:6d:5f:1d:3d:f2:9d:69:0f:0a:72:31:26:83:
         13:f6:1f:ec:67:f6:14:05:80:4a:43:8c:cf:4d:64:77:c7:b1:
         c4:4d:86:25:c6:bb:04:a3:9a:0f:35:8b:ae:b0:a6:77:1d:6c:
         49:75:df:30:90:e1:22:71:e1:ce:07:9a:c1:d8:55:8d:64:7c:
         e9:0b:74:1b:46:1e:68:7d:d4:cc:76:f6:9f:e5:66:d1:81:37:
         23:7f:c8:bf:4b:b4:8a:d9:a8:90:72:41:b7:a2:9d:b6:64:b7:
         a1:f2:0d:13:e9:79:06:7a:2c:a0:74:78:a2:94:8e:19:07:06:
         fc:ef:aa:f7:60:be:f0:23:5b:2e:bf:61:bd:83:cb:b4:8a:8d:
         82:ed:71:f0:05:1c:77:65:1f:90:97:81:7c:01:7d:c8:71:19:
         71:1b:39:34:5a:4a:1e:4d:80:ec:48:f3:8e:81:7c:4e:a4:12:
         5b:a2:89:b7:6f:52:b6:9f:33:ed:3b:38:79:9a:af:60:d9:b9:
         40:85:30:5e:71:0b:3a:c1:8f:00:a3:c9:0e:9b:76:6e:df:a4:
         c8:43:1e:77:71:5c:e8:f3:7d:a9:92:8c:fb:58:cd:6e:30:72:
         05:1a:a2:e7:95:51:64:aa:ac:a3:35:fd:19:25:3c:1b:fe:d3:
         a9:da:09:81
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSIr62RHEubSp+tMtR/K0J6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTE4MDMwMjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIzMDk1NDk3MzJlMzIyYjJjZDc1NjQwYTJhMGU5YjEyM2U1ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTSsUbCp2k2zSDD5oQS4ZoaaidzX
NF/A1TroUtYzANg8rwQE+8c0uCtvkisIoor2Dhs/1+h0roSAgNongFnciSLMZgMX
aYbYg+RW9nljlmMzK/woXrQeFOSQGVrLm5TrsA2NaqHgpazObLCzD8gTuIyxc85W
+FPZOCpmIJgd44x8ht7usfn1/ghXJAN9ti2VANAJPW3Xeml7zg4fB/3z6LhJTdWH
BY4mBbD9rdZ+itPny3BEFmZZa13ag9TNzTVWKGnlPVV9Ld/IWKXXVhsUzyYVK5P2
EhJHY60DCFsyxRIlEdeHYiAcHyvMTQTbxUmmC1UUDIs4Gr1EOgoeDlTk7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHKzCVSXMuMiss11ZAoqDpsSPlhtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY3JNSlZKY3k0eUt5elhWa0Npb09teEktV0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwUqDpfA
B+ADBwAqDpfAB+owDQYJKoZIhvcNAQELBQADggEBAHkIptUFbV8dPfKdaQ8KcjEm
gxP2H+xn9hQFgEpDjM9NZHfHscRNhiXGuwSjmg81i66wpncdbEl13zCQ4SJx4c4H
msHYVY1kfOkLdBtGHmh91Mx29p/lZtGBNyN/yL9LtIrZqJByQbeinbZkt6HyDRPp
eQZ6LKB0eKKUjhkHBvzvqvdgvvAjWy6/Yb2Dy7SKjYLtcfAFHHdlH5CXgXwBfchx
GXEbOTRaSh5NgOxI846BfE6kEluiibdvUrafM+07OHmar2DZuUCFMF5xCzrBjwCj
yQ6bdm7fpMhDHndxXOjzfamSjPtYzW4wcgUaoueVUWSqrKM1/RklPBv+06naCYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org