Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f9FeFmGH8hAv0YfLJ7g5pb-xVp8.roa
File:                     f9FeFmGH8hAv0YfLJ7g5pb-xVp8.roa (raw, json)
Hash identifier:          YErksqs7YB1Qt7jj6bbn5S+HPq+F5Nu4M49H3rRfTf4=
Subject key identifier:   7F:D1:5E:16:61:87:F2:10:2F:D1:87:CB:27:B8:39:A5:BF:B1:56:9F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10AF5636
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f9FeFmGH8hAv0YfLJ7g5pb-xVp8.roa
Signing time:             Sat 01 Jan 2022 09:05:17 +0000
ROA not before:           Sat 01 Jan 2022 09:05:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210659
IP address blocks:        2a0e:97c0:560::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 279926326 (0x10af5636)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fd15e166187f2102fd187cb27b839a5bfb1569f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:d4:4f:38:66:94:40:06:f2:72:f9:98:a2:1e:
                    0b:70:67:e8:e8:fe:c9:9f:9a:f3:ac:76:f9:80:f2:
                    21:22:c7:2b:0a:05:f5:e6:5b:aa:fb:21:db:e6:e4:
                    1a:00:07:78:42:4b:3c:69:6f:56:53:47:6c:13:37:
                    02:d5:d1:0b:f0:7e:b2:19:42:e3:8c:4c:21:b4:0f:
                    7a:8a:a9:35:60:78:6f:d0:1c:13:06:45:eb:0a:50:
                    ea:ff:cd:82:e9:fd:3c:83:00:a6:90:ac:e7:1c:7b:
                    43:1c:45:f9:f7:49:71:56:6e:e8:e4:ef:d6:9f:d5:
                    82:80:7c:2f:90:64:77:ca:de:e4:80:25:cd:8a:26:
                    cf:07:86:e3:0a:69:b6:14:5b:65:1b:89:1a:5b:cd:
                    78:f5:a3:2f:ed:e6:6f:cf:69:09:2b:bd:0c:ea:9f:
                    90:7f:28:59:a8:d3:f0:40:64:03:1e:7e:df:d9:85:
                    b1:37:f3:7a:cf:6a:76:f1:7c:61:ee:8c:e8:57:3b:
                    15:55:f4:07:93:ba:09:9d:95:6a:c2:b0:e4:e6:77:
                    0e:4a:37:ab:7b:a1:f7:74:68:3d:e4:93:e6:b3:38:
                    00:59:9f:7d:9e:ac:55:36:38:36:70:d5:f6:0b:51:
                    90:ce:68:13:da:3b:1a:24:2d:58:e8:39:74:ce:3b:
                    9f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:D1:5E:16:61:87:F2:10:2F:D1:87:CB:27:B8:39:A5:BF:B1:56:9F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f9FeFmGH8hAv0YfLJ7g5pb-xVp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:560::/44

    Signature Algorithm: sha256WithRSAEncryption
         17:99:0a:6d:e5:42:7d:31:c2:9e:f8:ad:af:45:7d:83:11:ab:
         b9:4a:cd:69:90:9a:a2:f3:59:48:94:0c:5c:0f:3c:df:03:21:
         1d:62:f1:0a:5e:62:9d:f8:d3:1b:b0:2e:75:15:69:e4:e5:ce:
         6d:c9:df:76:a1:f7:ed:d4:1b:9e:f6:21:90:ef:c8:26:97:d1:
         5f:5a:35:1f:e5:68:8b:6b:25:a1:32:da:57:28:66:d4:a3:8e:
         42:79:54:92:bf:92:46:3c:c0:32:0b:25:d8:49:0b:4a:b8:04:
         cb:fb:fa:98:5a:0d:dd:e1:de:da:71:ac:17:bb:e3:ac:eb:0d:
         c4:b9:89:8f:59:16:b1:db:4b:ba:6f:11:83:24:aa:85:29:ae:
         72:83:5c:c5:50:53:80:39:f1:61:03:c0:34:5f:b3:5c:ac:6f:
         3c:96:5a:b2:60:af:52:a0:bf:af:8d:c0:d6:fe:f6:fa:b6:6a:
         15:6d:f4:2b:b7:66:5e:00:7b:89:47:7c:55:40:e3:26:e3:62:
         be:10:e9:0f:fd:45:4a:51:f5:e4:a5:57:cb:ce:fe:b7:ff:53:
         e6:57:36:34:64:b6:2e:99:e7:f6:48:44:51:62:3f:ad:c4:08:
         69:42:e1:9d:97:dc:00:b2:01:fa:3f:65:c7:b0:06:9e:ce:2c:
         a7:76:da:f4
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEK9WNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZkMTVlMTY2MTg3
ZjIxMDJmZDE4N2NiMjdiODM5YTViZmIxNTY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7UTzhmlEAG8nL5mKIeC3Bn6Oj+yZ+a86x2+YDyISLHKwoF
9eZbqvsh2+bkGgAHeEJLPGlvVlNHbBM3AtXRC/B+shlC44xMIbQPeoqpNWB4b9Ac
EwZF6wpQ6v/Ngun9PIMAppCs5xx7QxxF+fdJcVZu6OTv1p/VgoB8L5Bkd8re5IAl
zYomzweG4wppthRbZRuJGlvNePWjL+3mb89pCSu9DOqfkH8oWajT8EBkAx5+39mF
sTfzes9qdvF8Ye6M6Fc7FVX0B5O6CZ2VasKw5OZ3Dko3q3uh93RoPeST5rM4AFmf
fZ6sVTY4NnDV9gtRkM5oE9o7GiQtWOg5dM47nykCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR/0V4WYYfyEC/Rh8snuDmlv7FWnzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2Y5RmVGbUdIOGhBdjBZZkxKN2c1cGIteFZwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AFYDANBgkqhkiG9w0BAQsF
AAOCAQEAF5kKbeVCfTHCnvitr0V9gxGruUrNaZCaovNZSJQMXA883wMhHWLxCl5i
nfjTG7AudRVp5OXObcnfdqH37dQbnvYhkO/IJpfRX1o1H+Voi2sloTLaVyhm1KOO
QnlUkr+SRjzAMgsl2EkLSrgEy/v6mFoN3eHe2nGsF7vjrOsNxLmJj1kWsdtLum8R
gySqhSmucoNcxVBTgDnxYQPANF+zXKxvPJZasmCvUqC/r43A1v72+rZqFW30K7dm
XgB7iUd8VUDjJuNivhDpD/1FSlH15KVXy87+t/9T5lc2NGS2Lpnn9khEUWI/rcQI
aULhnZfcALIB+j9lx7AGns4sp3ba9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org