Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eRjTs5aGKLCCPbufOvbPYWos3QE.roa
File:                     eRjTs5aGKLCCPbufOvbPYWos3QE.roa (raw, json)
Hash identifier:          IQMXqxpYxRWCMyQ6ZvMlbQ0ILwnk9cHNPHevcN7BsQ8=
Subject key identifier:   79:18:D3:B3:96:86:28:B0:82:3D:BB:9F:3A:F6:CF:61:6A:2C:DD:01
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01827D10503CDE4A4B6D12F08B3101A99A63
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eRjTs5aGKLCCPbufOvbPYWos3QE.roa
Signing time:             Mon 08 Aug 2022 10:46:37 +0000
ROA not before:           Mon 08 Aug 2022 10:46:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210903
IP address blocks:        2a10:cc44:100::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7d:10:50:3c:de:4a:4b:6d:12:f0:8b:31:01:a9:9a:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug  8 10:46:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7918d3b3968628b0823dbb9f3af6cf616a2cdd01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b4:35:d4:24:fe:ae:d2:a9:2e:37:a4:83:4d:
                    43:2d:6b:e3:0d:b9:58:95:cf:d3:1a:f6:fa:fe:26:
                    61:91:0b:dc:1e:2d:4f:f3:01:ad:99:c3:68:f7:2a:
                    6b:94:78:4a:b4:13:74:e9:9f:9a:d7:4e:36:9a:cb:
                    55:65:89:c5:5e:da:84:7c:86:58:97:32:45:4d:48:
                    7b:21:f9:fd:fa:49:31:e0:36:f4:b4:61:06:e6:f3:
                    ef:09:ac:8a:ff:59:4a:0d:12:41:61:34:fc:82:06:
                    6d:57:00:d9:91:5a:c4:43:ce:27:07:6f:cd:24:de:
                    1f:ff:27:8a:24:84:d4:0e:e5:9b:8c:5c:73:eb:c4:
                    19:a8:80:a7:c5:9a:71:ba:11:26:86:c9:b3:48:fa:
                    23:8d:86:e8:cc:8f:2f:aa:8d:9c:e9:e0:4c:e2:f9:
                    48:79:9d:e8:b3:0d:9a:64:16:02:c0:c6:3d:13:6d:
                    43:f5:7a:98:fe:f0:61:5e:c5:d3:bd:94:35:53:a7:
                    95:75:0b:da:2c:be:4f:ff:a6:98:db:95:0b:79:44:
                    45:2b:5a:9a:4b:ef:12:9d:d8:3b:4f:61:a1:0e:6d:
                    53:64:12:29:0b:26:e4:54:a0:de:ac:f4:f6:d2:ee:
                    da:ea:54:1d:c2:e9:46:d4:f7:3c:82:f7:1a:e7:57:
                    e3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:18:D3:B3:96:86:28:B0:82:3D:BB:9F:3A:F6:CF:61:6A:2C:DD:01
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eRjTs5aGKLCCPbufOvbPYWos3QE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc44:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         0b:94:2f:98:06:bd:b5:d0:59:1c:2a:07:aa:10:5a:45:f9:05:
         dc:b1:30:36:bd:51:8e:74:98:50:7d:e6:06:90:b0:6e:41:5b:
         49:eb:5f:07:0b:38:38:40:4d:88:ec:a4:8e:e3:dd:a4:79:33:
         43:c1:30:2e:99:48:c6:53:ca:4e:c4:ef:e1:1d:73:99:16:d0:
         29:02:56:73:3f:0d:4a:36:f3:04:73:8f:52:89:a0:0b:40:07:
         87:76:6b:7e:bc:e1:dd:b0:d8:91:cd:67:83:8b:af:cb:1c:2c:
         ce:3f:17:b5:5d:8c:7a:d6:ca:7a:9a:9f:db:10:ff:52:ea:e1:
         b3:b6:c8:b4:73:95:8f:9a:cb:98:be:5b:28:15:2d:11:92:92:
         22:00:dc:2d:7a:23:88:c0:b0:00:a4:2e:77:69:27:b5:66:b3:
         d4:d4:8c:00:2a:16:17:52:98:9c:ef:ec:b3:02:93:d8:81:be:
         56:66:36:26:81:b0:db:cd:9f:0d:ff:83:7d:6d:e8:aa:5a:a9:
         eb:7f:50:d2:e4:bb:e1:80:f7:ea:9d:00:81:3d:87:f5:a9:75:
         43:06:14:83:b8:cc:f2:1f:5f:b0:b0:d4:eb:a7:d4:94:91:ff:
         d7:22:ca:79:89:a9:7b:49:e6:cd:30:37:ae:fe:23:31:91:e3:
         b1:f6:98:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJ9EFA83kpLbRLwizEBqZpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODA4MTA0NjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE4ZDNiMzk2ODYyOGIwODIzZGJiOWYzYWY2Y2Y2MTZhMmNkZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibQ11CT+rtKpLjekg01DLWvjDblY
lc/TGvb6/iZhkQvcHi1P8wGtmcNo9yprlHhKtBN06Z+a1042mstVZYnFXtqEfIZY
lzJFTUh7Ifn9+kkx4Db0tGEG5vPvCayK/1lKDRJBYTT8ggZtVwDZkVrEQ84nB2/N
JN4f/yeKJITUDuWbjFxz68QZqICnxZpxuhEmhsmzSPojjYbozI8vqo2c6eBM4vlI
eZ3osw2aZBYCwMY9E21D9XqY/vBhXsXTvZQ1U6eVdQvaLL5P/6aY25ULeURFK1qa
S+8Sndg7T2GhDm1TZBIpCybkVKDerPT20u7a6lQdwulG1Pc8gvca51fjAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHkY07OWhiiwgj27nzr2z2FqLN0BMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZVJqVHM1YUdLTENDUGJ1Zk92YlBZV29zM1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQALlC+YBr210FkcKgeqEFpF+QXcsTA2vVGOdJhQ
feYGkLBuQVtJ618HCzg4QE2I7KSO492keTNDwTAumUjGU8pOxO/hHXOZFtApAlZz
Pw1KNvMEc49SiaALQAeHdmt+vOHdsNiRzWeDi6/LHCzOPxe1XYx61sp6mp/bEP9S
6uGztsi0c5WPmsuYvlsoFS0RkpIiANwteiOIwLAApC53aSe1ZrPU1IwAKhYXUpic
7+yzApPYgb5WZjYmgbDbzZ8N/4N9beiqWqnrf1DS5LvhgPfqnQCBPYf1qXVDBhSD
uMzyH1+wsNTrp9SUkf/XIsp5ial7SebNMDeu/iMxkeOx9pi/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org