Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fvRX7ggUeqYvjcXKBWqTRxEfwIM.roa
File:                     fvRX7ggUeqYvjcXKBWqTRxEfwIM.roa (raw, json)
Hash identifier:          Ard2v6gJpIMnJMtwEdyfuOzrVZeV78jJ9il3lNwKxb4=
Subject key identifier:   7E:F4:57:EE:08:14:7A:A6:2F:8D:C5:CA:05:6A:93:47:11:1F:C0:83
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10E9EBDD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fvRX7ggUeqYvjcXKBWqTRxEfwIM.roa
Signing time:             Sat 01 Jan 2022 09:05:53 +0000
ROA not before:           Sat 01 Jan 2022 09:05:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212895
IP address blocks:        2a09:4c2:4b::/48 maxlen: 48
                          2a0e:b102:100::/44 maxlen: 48
                          2a0e:b102:120::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 283765725 (0x10e9ebdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ef457ee08147aa62f8dc5ca056a9347111fc083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:00:1c:b9:04:63:57:a2:67:9b:08:7e:3c:52:
                    98:34:dc:ec:bf:34:42:00:83:ec:e5:9e:23:3b:e0:
                    4e:fb:21:bc:a0:3e:0e:c5:21:d0:9b:3c:4a:a7:3e:
                    f9:e0:77:27:04:c6:bf:9b:c2:f7:f4:88:aa:3c:8a:
                    a5:dc:b8:c6:95:2d:c7:e9:89:d2:b9:5b:8d:95:65:
                    69:7a:ad:5a:90:1d:33:cf:82:9e:89:fb:8b:46:22:
                    80:0b:5e:65:92:82:95:62:b2:87:34:71:f5:93:3d:
                    a6:f5:17:05:cc:fc:d7:bc:ab:46:38:09:61:40:2c:
                    f5:01:2e:49:55:d4:05:91:ab:dc:8d:ac:16:e0:f1:
                    3f:36:e0:66:5d:87:ed:0c:c3:ee:0f:a8:9a:c1:29:
                    5b:98:2a:a6:62:90:cd:5f:b0:dc:76:0d:75:63:ae:
                    85:cf:6a:15:33:3a:c1:73:8d:fc:53:92:ee:a3:17:
                    14:62:05:fc:92:08:0f:93:36:1d:c4:a7:98:c6:ed:
                    9a:b7:56:ed:64:f8:a4:ad:a5:61:b6:57:50:ae:bc:
                    bf:f1:cf:c1:13:c3:de:bd:1d:9e:38:51:ba:61:80:
                    2b:d1:53:17:3e:03:d3:a0:fd:bc:93:c5:5c:cd:a9:
                    69:55:44:35:0e:f1:36:94:73:42:4b:fe:f3:9c:54:
                    a0:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:F4:57:EE:08:14:7A:A6:2F:8D:C5:CA:05:6A:93:47:11:1F:C0:83
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fvRX7ggUeqYvjcXKBWqTRxEfwIM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:4c2:4b::/48
                  2a0e:b102:100::/44
                  2a0e:b102:120::/44

    Signature Algorithm: sha256WithRSAEncryption
         82:da:c1:92:79:2c:3a:ec:f8:31:1b:37:38:89:05:a4:fc:fa:
         b9:d4:63:87:61:02:c1:25:52:07:4e:c7:1d:3c:9e:b7:1c:b8:
         ec:c3:00:fa:3d:09:91:92:0b:d3:3e:4b:63:1c:04:68:6c:0a:
         04:cd:03:42:1c:4e:4f:85:a5:75:17:31:7b:b2:19:dc:d1:bd:
         a2:0c:4f:03:62:89:da:8d:f0:42:56:a7:53:34:9e:fb:5e:fe:
         6f:b5:cf:c0:62:23:2f:10:02:34:af:5b:60:79:c0:46:84:de:
         b9:73:13:dc:f9:40:c2:a6:88:c6:94:96:07:1d:e5:56:ab:b5:
         46:7c:c2:4e:99:95:2c:7f:36:47:90:e6:03:56:73:80:00:1b:
         f2:fe:6b:4b:38:1f:74:7c:87:98:44:25:ea:44:01:71:76:04:
         d3:db:a2:9a:88:73:c5:f9:95:4c:96:a5:8d:c6:6a:f1:14:bb:
         23:65:a4:03:57:da:fa:a3:73:c2:86:a2:83:ed:cf:f4:19:c5:
         91:e4:ee:cc:ef:dc:26:a3:67:0d:d5:ff:0e:2d:c7:57:2b:df:
         48:1e:13:a8:75:0d:2c:9f:4f:88:e0:0c:d8:6e:77:a1:ca:d2:
         f2:36:f2:cb:8c:51:e3:46:1c:cf:09:d9:b6:a0:d2:ea:23:31:
         f6:83:aa:d8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEOnr3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VmNDU3ZWUwODE0
N2FhNjJmOGRjNWNhMDU2YTkzNDcxMTFmYzA4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4AHLkEY1eiZ5sIfjxSmDTc7L80QgCD7OWeIzvgTvshvKA+
DsUh0Js8Sqc++eB3JwTGv5vC9/SIqjyKpdy4xpUtx+mJ0rlbjZVlaXqtWpAdM8+C
non7i0YigAteZZKClWKyhzRx9ZM9pvUXBcz817yrRjgJYUAs9QEuSVXUBZGr3I2s
FuDxPzbgZl2H7QzD7g+omsEpW5gqpmKQzV+w3HYNdWOuhc9qFTM6wXON/FOS7qMX
FGIF/JIID5M2HcSnmMbtmrdW7WT4pK2lYbZXUK68v/HPwRPD3r0dnjhRumGAK9FT
Fz4D06D9vJPFXM2paVVENQ7xNpRzQkv+85xUoAECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR+9FfuCBR6pi+NxcoFapNHER/AgzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2Z2Ulg3Z2dVZXFZdmpjWEtCV3FUUnhFZndJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoJBMIASwMHBCoOsQIBAAMHBCoO
sQIBIDANBgkqhkiG9w0BAQsFAAOCAQEAgtrBknksOuz4MRs3OIkFpPz6udRjh2EC
wSVSB07HHTyetxy47MMA+j0JkZIL0z5LYxwEaGwKBM0DQhxOT4WldRcxe7IZ3NG9
ogxPA2KJ2o3wQlanUzSe+17+b7XPwGIjLxACNK9bYHnARoTeuXMT3PlAwqaIxpSW
Bx3lVqu1RnzCTpmVLH82R5DmA1ZzgAAb8v5rSzgfdHyHmEQl6kQBcXYE09uimohz
xfmVTJaljcZq8RS7I2WkA1fa+qNzwoaig+3P9BnFkeTuzO/cJqNnDdX/Di3HVyvf
SB4TqHUNLJ9PiOAM2G53ocrS8jbyy4xR40YczwnZtqDS6iMx9oOq2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org