Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e-tnRU3LRNCZnofHsZfbjYKOpB4.roa
File:                     e-tnRU3LRNCZnofHsZfbjYKOpB4.roa (raw, json)
Hash identifier:          vGl/ytIOrqbF+G8oVqvCv7jMQ5kUFMjS6PoTjBqjOzg=
Subject key identifier:   7B:EB:67:45:4D:CB:44:D0:99:9E:87:C7:B1:97:DB:8D:82:8E:A4:1E
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10C8F8EA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e-tnRU3LRNCZnofHsZfbjYKOpB4.roa
Signing time:             Sat 01 Jan 2022 09:05:32 +0000
ROA not before:           Sat 01 Jan 2022 09:05:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211495
IP address blocks:        2a10:2f00:16c::/48 maxlen: 48
                          2a0e:b107:10c0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 281606378 (0x10c8f8ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7beb67454dcb44d0999e87c7b197db8d828ea41e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f2:1b:7c:ac:23:ab:e8:ff:ff:51:e6:ca:5e:
                    2a:6e:e4:db:30:94:36:ea:30:7e:97:cc:4b:b1:a4:
                    35:f8:6a:53:b2:2e:f1:10:b8:7a:8f:1e:1e:85:48:
                    51:43:88:a0:94:f9:62:b0:fc:6b:20:ec:95:c1:e2:
                    de:c0:32:b6:2d:eb:84:8f:3c:3e:77:1c:f7:30:55:
                    33:5b:b3:04:f2:88:8d:0a:70:67:35:93:3c:8a:b7:
                    d7:58:59:e0:58:37:61:cc:9e:76:0b:5d:38:b4:80:
                    8d:18:93:23:7b:19:da:3b:31:97:e5:b7:c5:5d:00:
                    2b:ab:39:69:ed:3a:38:03:7e:92:1b:c2:6f:6e:52:
                    60:19:eb:41:0d:b9:9c:e1:4a:bd:e4:f4:89:cc:f7:
                    23:2f:ab:33:ca:db:22:5b:98:3e:d3:0c:4d:25:74:
                    e7:16:dd:49:fd:9e:49:f8:76:ee:6e:69:79:99:5c:
                    61:f8:61:6e:52:a9:09:6c:82:18:ee:61:8b:69:34:
                    dc:07:36:80:af:e4:6b:52:c8:e8:6f:51:07:df:14:
                    54:e1:e8:90:44:75:ce:2c:12:03:c6:9e:0c:3f:60:
                    40:67:31:f1:99:2a:a5:67:16:fe:77:22:ad:6e:5a:
                    39:b3:d9:a4:3e:2e:a5:a2:af:25:cc:b5:c4:6b:f0:
                    6a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:EB:67:45:4D:CB:44:D0:99:9E:87:C7:B1:97:DB:8D:82:8E:A4:1E
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e-tnRU3LRNCZnofHsZfbjYKOpB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:10c0::/44
                  2a10:2f00:16c::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:d1:8a:e4:89:21:72:f1:ab:7f:83:d6:ff:ad:7d:97:02:d5:
         08:d6:a9:ae:44:f5:3d:e7:dd:8c:69:e1:75:75:c3:c2:af:9b:
         2a:f0:20:2e:4b:cc:85:1f:03:75:e7:53:8c:80:24:19:88:30:
         0b:2a:24:1d:9c:36:a9:09:5f:ec:dc:66:d7:3e:cf:a5:78:9a:
         85:46:6d:bb:99:72:09:47:aa:aa:14:20:5b:4f:da:53:d6:5e:
         2a:24:1d:57:c3:d6:ae:b9:5a:3b:77:6b:71:63:60:54:a2:c7:
         db:a4:6e:b8:74:34:b8:3f:79:9e:f1:bc:16:ca:16:31:a6:a0:
         da:3c:9a:49:26:af:f2:01:34:84:f7:b1:51:08:0f:1d:9c:fc:
         3d:97:4c:a3:a4:6c:0e:3b:f0:47:7c:5c:ed:0b:65:64:b2:21:
         be:bd:67:18:02:8f:82:03:39:ce:c0:a1:86:71:0d:e2:57:b9:
         c2:b0:18:2d:b9:d5:5f:cb:64:e6:1f:8c:78:7a:bd:11:e6:b8:
         21:61:f5:b8:3b:39:2f:f3:60:48:e4:93:42:28:a4:d8:02:68:
         9e:fd:8f:60:12:1c:26:26:60:2d:c3:eb:42:b0:f8:09:10:6a:
         b5:58:fb:51:11:30:1d:a6:3d:a9:3a:49:52:99:a7:19:e6:20:
         0e:f8:dc:e2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEMj46jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JlYjY3NDU0ZGNi
NDRkMDk5OWU4N2M3YjE5N2RiOGQ4MjhlYTQxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPyG3ysI6vo//9R5speKm7k2zCUNuowfpfMS7GkNfhqU7Iu
8RC4eo8eHoVIUUOIoJT5YrD8ayDslcHi3sAyti3rhI88Pncc9zBVM1uzBPKIjQpw
ZzWTPIq311hZ4Fg3YcyedgtdOLSAjRiTI3sZ2jsxl+W3xV0AK6s5ae06OAN+khvC
b25SYBnrQQ25nOFKveT0icz3Iy+rM8rbIluYPtMMTSV05xbdSf2eSfh27m5peZlc
YfhhblKpCWyCGO5hi2k03Ac2gK/ka1LI6G9RB98UVOHokER1ziwSA8aeDD9gQGcx
8ZkqpWcW/ncirW5aObPZpD4upaKvJcy1xGvwam0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR762dFTctE0Jmeh8exl9uNgo6kHjAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2UtdG5SVTNMUk5DWm5vZkhzWmZiallLT3BCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOsQcQwAMHACoQLwABbDANBgkq
hkiG9w0BAQsFAAOCAQEAA9GK5IkhcvGrf4PW/619lwLVCNaprkT1PefdjGnhdXXD
wq+bKvAgLkvMhR8DdedTjIAkGYgwCyokHZw2qQlf7Nxm1z7PpXiahUZtu5lyCUeq
qhQgW0/aU9ZeKiQdV8PWrrlaO3drcWNgVKLH26RuuHQ0uD95nvG8FsoWMaag2jya
SSav8gE0hPexUQgPHZz8PZdMo6RsDjvwR3xc7QtlZLIhvr1nGAKPggM5zsChhnEN
4le5wrAYLbnVX8tk5h+MeHq9Eea4IWH1uDs5L/NgSOSTQiik2AJonv2PYBIcJiZg
LcPrQrD4CRBqtVj7UREwHaY9qTpJUpmnGeYgDvjc4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org