Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa
File:                     g-uOpOi-htmwU4IdG9BzluckncM.roa (raw, json)
Hash identifier:          MNobISKlZ6SR1kjtRAuuOTtwu47NcXKdUJfcoqxN+/Q=
Subject key identifier:   83:EB:8E:A4:E8:BE:86:D9:B0:53:82:1D:1B:D0:73:96:E7:24:9D:C3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1353D7C3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa
Signing time:             Tue 29 Mar 2022 21:37:13 +0000
ROA not before:           Tue 29 Mar 2022 21:37:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210667
IP address blocks:        2a0e:b107:1788::/48 maxlen: 48
                          2a0e:97c0:a40::/44 maxlen: 48
                          2a0e:97c0:a43::/48 maxlen: 48
                          2a0e:97c0:a41::/48 maxlen: 48
                          2a0e:97c0:a42::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 324261827 (0x1353d7c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 29 21:37:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=83eb8ea4e8be86d9b053821d1bd07396e7249dc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:75:0e:49:f0:d7:d2:d8:29:30:c3:dc:19:51:
                    62:a3:a2:0b:30:bc:93:cd:61:9a:ee:7f:97:2c:74:
                    8c:8a:d0:eb:10:0d:52:c4:3a:49:48:f3:7c:91:50:
                    11:0d:f4:e5:3a:66:0f:41:0e:b2:18:a9:fb:92:52:
                    f4:78:47:14:ff:76:79:45:c0:18:74:ce:4a:85:28:
                    32:70:bd:d9:d6:ae:20:ad:83:ea:e3:54:1f:19:b9:
                    be:7a:fe:a8:0f:2b:3f:c8:36:c8:a8:3a:fd:cf:96:
                    a3:ae:b0:6a:2d:8b:ef:46:e1:29:75:da:a5:f5:47:
                    87:49:17:57:07:e9:0a:82:20:11:1e:50:9c:53:c3:
                    82:73:d7:6d:29:69:96:ca:9e:30:19:3b:99:48:58:
                    67:98:ff:60:a9:58:62:c3:b2:db:d6:a4:92:a3:b3:
                    c1:4e:77:06:67:40:32:21:b3:49:a0:aa:d8:a6:7c:
                    e9:4a:76:c2:51:2e:bb:1e:01:bf:42:f4:05:32:c3:
                    0c:ce:cc:12:51:9c:c6:03:43:d8:c1:d2:11:47:2d:
                    7b:51:d8:ba:22:3d:9f:b3:1c:96:75:20:7a:bb:8e:
                    06:76:fb:78:86:d8:85:d2:e0:0f:fc:06:5f:e5:5a:
                    3d:2b:99:51:bd:a6:0b:bf:f6:f6:dc:dd:7f:eb:f2:
                    72:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:EB:8E:A4:E8:BE:86:D9:B0:53:82:1D:1B:D0:73:96:E7:24:9D:C3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g-uOpOi-htmwU4IdG9BzluckncM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:a40::/44
                  2a0e:b107:1788::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:fe:a1:2f:ed:2d:15:d4:94:54:39:03:8f:53:3f:fe:5c:25:
         77:3e:f5:bd:31:ba:f2:3c:9b:14:1f:36:93:44:a1:4a:fa:36:
         3c:ee:da:99:46:36:bd:56:65:a7:24:bb:e8:2d:db:d8:07:0a:
         49:7a:87:07:f3:70:8f:43:70:52:8a:33:5f:b2:ff:b2:4f:fb:
         e8:d6:4d:47:3d:68:c8:9b:79:82:60:b1:c5:bb:40:62:c2:f8:
         d9:92:63:cc:73:44:e4:40:c6:0f:2e:1a:97:11:f3:f8:ff:09:
         5b:e4:d1:28:f7:c8:95:1e:eb:86:5a:a1:c8:b5:b8:28:58:3d:
         9c:c7:5e:2d:29:37:fd:fa:78:46:36:b8:84:b2:2a:02:d1:95:
         16:78:b0:b0:56:27:ec:e9:c6:f0:ac:a9:4e:5d:e9:3f:b7:64:
         ac:f3:ad:4f:72:e5:47:54:2e:70:d5:83:c9:c4:be:8e:d7:05:
         f9:fe:cd:51:bc:77:ad:7b:7d:bb:0d:76:6b:74:d9:b3:67:f5:
         cb:26:ad:e0:15:a8:46:30:5b:30:10:e2:45:f8:b4:94:38:42:
         74:d5:78:40:fd:f0:03:f0:ee:07:b3:9c:98:10:19:b7:14:cf:
         77:fd:39:04:b2:15:a2:f7:e6:e9:3f:4f:d7:bd:20:bb:fa:cb:
         29:d1:01:d2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEE1PXwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMy
OTIxMzcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNlYjhlYTRlOGJl
ODZkOWIwNTM4MjFkMWJkMDczOTZlNzI0OWRjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ1Dknw19LYKTDD3BlRYqOiCzC8k81hmu5/lyx0jIrQ6xAN
UsQ6SUjzfJFQEQ305TpmD0EOship+5JS9HhHFP92eUXAGHTOSoUoMnC92dauIK2D
6uNUHxm5vnr+qA8rP8g2yKg6/c+Wo66wai2L70bhKXXapfVHh0kXVwfpCoIgER5Q
nFPDgnPXbSlplsqeMBk7mUhYZ5j/YKlYYsOy29akkqOzwU53BmdAMiGzSaCq2KZ8
6Up2wlEuux4Bv0L0BTLDDM7MElGcxgND2MHSEUcte1HYuiI9n7MclnUgeruOBnb7
eIbYhdLgD/wGX+VaPSuZUb2mC7/29tzdf+vycq8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSD646k6L6G2bBTgh0b0HOW5ySdwzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2ctdU9wT2ktaHRtd1U0SWRHOUJ6bHVja25jTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOl8AKQAMHACoOsQcXiDANBgkq
hkiG9w0BAQsFAAOCAQEADf6hL+0tFdSUVDkDj1M//lwldz71vTG68jybFB82k0Sh
Svo2PO7amUY2vVZlpyS76C3b2AcKSXqHB/Nwj0NwUoozX7L/sk/76NZNRz1oyJt5
gmCxxbtAYsL42ZJjzHNE5EDGDy4alxHz+P8JW+TRKPfIlR7rhlqhyLW4KFg9nMde
LSk3/fp4Rja4hLIqAtGVFniwsFYn7OnG8KypTl3pP7dkrPOtT3LlR1QucNWDycS+
jtcF+f7NUbx3rXt9uw12a3TZs2f1yyat4BWoRjBbMBDiRfi0lDhCdNV4QP3wA/Du
B7OcmBAZtxTPd/05BLIVovfm6T9P170gu/rLKdEB0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org