Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fDJlJ92HXWvvCStrFP3k1qhacFM.roa
File:                     fDJlJ92HXWvvCStrFP3k1qhacFM.roa (raw, json)
Hash identifier:          u2CjM0v3MAFFhF4a8pfbWJYz5WKwiz3mvQc7cPpJQs8=
Subject key identifier:   7C:32:65:27:DD:87:5D:6B:EF:09:2B:6B:14:FD:E4:D6:A8:5A:70:53
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10889A4C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fDJlJ92HXWvvCStrFP3k1qhacFM.roa
Signing time:             Sat 01 Jan 2022 09:04:54 +0000
ROA not before:           Sat 01 Jan 2022 09:04:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     141445
IP address blocks:        2a0e:b107:12c0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277387852 (0x10889a4c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c326527dd875d6bef092b6b14fde4d6a85a7053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e0:a5:c8:fc:72:d2:ec:00:d1:f3:32:8c:d4:
                    60:cc:9b:7e:48:ba:6b:d2:c5:19:8d:9b:3f:a6:66:
                    b8:49:c1:5a:80:b9:ef:c6:7c:f2:61:4b:87:bc:da:
                    f8:93:ea:e3:94:2c:b3:ce:a0:1b:87:bf:70:60:6d:
                    4f:6e:57:03:a1:15:76:dc:0d:f8:5c:af:be:71:8d:
                    a0:b2:9e:5e:ad:99:77:a6:28:6a:a2:73:9b:2e:da:
                    8e:55:bd:98:f5:ae:3c:09:15:01:bc:07:c3:27:53:
                    61:79:4d:54:d7:dc:c7:c5:26:af:9f:6e:5c:7f:91:
                    cf:ed:b8:d6:2d:63:e8:b2:0b:d3:7a:38:32:6e:f3:
                    4b:cc:b3:db:9b:1d:f3:fa:ab:c0:e3:80:f4:0c:3d:
                    9b:33:83:44:72:01:1e:9e:22:2e:c8:64:25:14:b9:
                    04:ad:8a:3b:26:f2:a7:d9:e6:fb:cc:05:61:14:01:
                    9e:cb:15:7a:39:97:f4:6c:51:39:1c:4f:f7:35:94:
                    78:35:ce:21:f4:c0:ae:7d:c4:18:dd:ea:16:ac:45:
                    73:22:a9:66:5a:e5:12:92:74:dc:b7:78:18:91:d0:
                    b3:06:04:13:9b:35:60:52:36:c0:ea:76:65:5b:7f:
                    16:5d:94:dd:3d:fb:83:77:b7:6a:3c:cd:1a:54:c0:
                    f6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:32:65:27:DD:87:5D:6B:EF:09:2B:6B:14:FD:E4:D6:A8:5A:70:53
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fDJlJ92HXWvvCStrFP3k1qhacFM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:12c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         7a:3d:9b:65:ab:0f:f8:6c:bd:d5:84:01:cb:0a:8c:35:ef:b2:
         1b:5c:d9:19:18:c0:b9:20:8b:cc:f1:21:f5:f0:8a:4b:15:11:
         7e:9a:64:54:f8:8b:77:b5:e8:fd:ed:62:77:d6:42:9e:68:6f:
         55:72:6b:6e:77:03:40:d2:07:78:23:f5:30:d1:21:53:2a:db:
         ef:fe:fb:c1:26:08:9b:b8:86:98:36:bc:2f:c3:f4:6f:3f:d9:
         55:a6:12:b1:f8:a6:6c:ef:85:d2:cd:6e:ac:fe:24:d2:86:f5:
         76:c8:56:40:5e:c6:58:1c:92:6c:ab:1b:80:89:6e:f8:86:47:
         06:c3:f5:9c:3e:a3:4a:08:84:64:42:26:2f:eb:d7:11:be:0f:
         3e:52:bc:93:f0:0c:4f:a3:c8:26:d5:34:54:46:52:a5:1b:23:
         db:08:53:e0:ff:41:3f:1b:c1:a4:71:b9:f7:e9:59:61:8e:0f:
         db:3c:48:b1:a7:2d:cb:63:ce:58:de:55:4f:3b:d7:28:3e:ae:
         cd:a9:cd:a8:d8:bb:05:48:a1:59:0c:d0:6a:b8:6c:f5:64:0b:
         56:b6:61:c1:9f:78:9f:b9:87:ad:5a:bd:d8:cb:c2:0c:5b:cf:
         5b:be:b4:33:fd:d4:44:54:b4:3b:c6:28:25:f6:84:90:2a:32:
         d3:60:0f:96
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEIiaTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MzMjY1MjdkZDg3
NWQ2YmVmMDkyYjZiMTRmZGU0ZDZhODVhNzA1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbgpcj8ctLsANHzMozUYMybfki6a9LFGY2bP6ZmuEnBWoC5
78Z88mFLh7za+JPq45Qss86gG4e/cGBtT25XA6EVdtwN+FyvvnGNoLKeXq2Zd6Yo
aqJzmy7ajlW9mPWuPAkVAbwHwydTYXlNVNfcx8Umr59uXH+Rz+241i1j6LIL03o4
Mm7zS8yz25sd8/qrwOOA9Aw9mzODRHIBHp4iLshkJRS5BK2KOybyp9nm+8wFYRQB
nssVejmX9GxRORxP9zWUeDXOIfTArn3EGN3qFqxFcyKpZlrlEpJ03Ld4GJHQswYE
E5s1YFI2wOp2ZVt/Fl2U3T37g3e3ajzNGlTA9hECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR8MmUn3Ydda+8JK2sU/eTWqFpwUzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2ZESmxKOTJIWFd2dkNTdHJGUDNrMXFoYWNGTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcSwDANBgkqhkiG9w0BAQsF
AAOCAQEAej2bZasP+Gy91YQBywqMNe+yG1zZGRjAuSCLzPEh9fCKSxURfppkVPiL
d7Xo/e1id9ZCnmhvVXJrbncDQNIHeCP1MNEhUyrb7/77wSYIm7iGmDa8L8P0bz/Z
VaYSsfimbO+F0s1urP4k0ob1dshWQF7GWBySbKsbgIlu+IZHBsP1nD6jSgiEZEIm
L+vXEb4PPlK8k/AMT6PIJtU0VEZSpRsj2whT4P9BPxvBpHG59+lZYY4P2zxIsact
y2POWN5VTzvXKD6uzanNqNi7BUihWQzQarhs9WQLVrZhwZ94n7mHrVq92MvCDFvP
W760M/3URFS0O8YoJfaEkCoy02APlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org