Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gxmttCVgcA-fryQJKHWCEyNv6UE.roa
File:                     gxmttCVgcA-fryQJKHWCEyNv6UE.roa (raw, json)
Hash identifier:          2LcRgidihej0mSKe8RjiKnhIT30uusKOr0kgYO9R744=
Subject key identifier:   83:19:AD:B4:25:60:70:0F:9F:AF:24:09:28:75:82:13:23:6F:E9:41
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10E48B1B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gxmttCVgcA-fryQJKHWCEyNv6UE.roa
Signing time:             Sat 01 Jan 2022 09:05:49 +0000
ROA not before:           Sat 01 Jan 2022 09:05:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212580
IP address blocks:        2a0e:b107:b10::/48 maxlen: 48
                          2a0e:b107:b15::/48 maxlen: 48
                          2a0e:b107:de0::/44 maxlen: 48
                          2a0e:b107:e00::/44 maxlen: 48
                          2a0e:b107:b11::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 283413275 (0x10e48b1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8319adb42560700f9faf240928758213236fe941
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3e:cc:92:c2:80:8a:97:c1:6d:24:fc:a5:b1:
                    9b:9e:e6:28:0c:8d:99:bf:fd:02:38:65:45:3f:4d:
                    87:49:33:40:01:c7:3b:a7:65:d6:0a:f2:ba:a6:97:
                    55:f6:3b:65:36:1a:09:68:bf:0e:46:56:ba:cb:7c:
                    a2:b2:c6:c5:68:4d:10:ff:e5:24:03:89:93:a6:87:
                    db:2b:1e:15:ee:0c:4d:52:8a:ec:57:cd:af:12:0b:
                    e8:c9:60:cc:c0:3d:56:77:11:e9:03:7c:32:98:ba:
                    28:2f:68:5e:b2:a4:04:0d:13:70:ca:6a:2b:4b:c3:
                    4f:4b:35:e7:9f:07:5f:20:66:a3:75:54:a9:23:e2:
                    11:7a:e2:5d:00:03:cd:c2:f4:23:84:75:80:6c:b0:
                    d3:58:c0:b4:dc:23:df:12:e3:a0:ea:f1:4d:43:6d:
                    b5:c0:c7:18:ab:ad:b7:99:91:c5:5e:12:0b:98:82:
                    0a:e0:f1:13:b6:07:b3:f9:68:a4:aa:70:ec:18:51:
                    4d:33:6b:2b:e6:f1:4d:56:fb:cc:26:2b:93:e4:89:
                    72:fc:34:cd:c5:58:d1:9b:79:a8:88:50:d1:f1:33:
                    f1:fd:22:1f:94:43:11:7c:a7:49:12:49:82:a9:a8:
                    37:7e:d7:93:95:2f:8f:10:80:60:6f:de:3c:01:bc:
                    e9:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:19:AD:B4:25:60:70:0F:9F:AF:24:09:28:75:82:13:23:6F:E9:41
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gxmttCVgcA-fryQJKHWCEyNv6UE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:b10::/47
                  2a0e:b107:b15::/48
                  2a0e:b107:de0::/44
                  2a0e:b107:e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         55:94:38:06:60:bd:ad:7e:a2:b8:83:75:20:e5:48:0a:3b:85:
         67:8e:ce:90:ba:83:ee:51:47:38:b3:97:9e:8b:0d:0e:5a:0a:
         fa:a1:d0:d2:2d:14:0f:63:14:d6:09:ca:90:8b:8e:ed:58:92:
         03:94:c8:a3:06:ea:00:3f:11:ef:64:3f:19:e2:bf:33:b0:65:
         63:7f:2d:27:fb:4f:6b:d1:37:5b:d1:10:68:ee:d7:ac:8b:89:
         0f:a7:8c:5f:32:67:9d:9e:cf:3a:1e:eb:ab:7f:85:28:49:70:
         7f:14:55:02:24:9f:04:49:19:67:f3:cd:7c:65:42:37:c3:71:
         db:a2:30:38:a6:a1:04:13:dd:58:46:75:a2:fb:50:68:b2:52:
         2e:60:2c:80:75:b4:a5:ca:e6:9e:2b:47:d9:c7:90:0e:cc:4b:
         16:78:05:c6:fb:67:01:ce:fd:0a:ee:9f:ea:37:27:d7:cb:75:
         33:46:95:7c:77:1c:f0:1f:78:48:e0:48:cf:ff:40:c9:aa:bf:
         46:09:ed:73:44:81:7f:c9:0b:0d:9c:c7:d7:34:6a:7e:15:0d:
         2f:f4:90:3b:ee:e3:1b:86:06:39:b8:71:5e:2d:02:7a:2e:0d:
         01:48:a9:1f:f6:34:99:2b:99:9e:ac:54:18:39:86:e7:79:c4:
         70:08:1e:e7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEEOSLGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMxOWFkYjQyNTYw
NzAwZjlmYWYyNDA5Mjg3NTgyMTMyMzZmZTk0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALA+zJLCgIqXwW0k/KWxm57mKAyNmb/9AjhlRT9Nh0kzQAHH
O6dl1gryuqaXVfY7ZTYaCWi/DkZWust8orLGxWhNEP/lJAOJk6aH2yseFe4MTVKK
7FfNrxIL6MlgzMA9VncR6QN8Mpi6KC9oXrKkBA0TcMpqK0vDT0s1558HXyBmo3VU
qSPiEXriXQADzcL0I4R1gGyw01jAtNwj3xLjoOrxTUNttcDHGKutt5mRxV4SC5iC
CuDxE7YHs/lopKpw7BhRTTNrK+bxTVb7zCYrk+SJcvw0zcVY0Zt5qIhQ0fEz8f0i
H5RDEXynSRJJgqmoN37Xk5UvjxCAYG/ePAG86XcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSDGa20JWBwD5+vJAkodYITI2/pQTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2d4bXR0Q1ZnY0EtZnJ5UUpLSFdDRXlOdjZVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHASoOsQcLEAMHACoOsQcLFQMHBCoO
sQcN4AMHBCoOsQcOADANBgkqhkiG9w0BAQsFAAOCAQEAVZQ4BmC9rX6iuIN1IOVI
CjuFZ47OkLqD7lFHOLOXnosNDloK+qHQ0i0UD2MU1gnKkIuO7ViSA5TIowbqAD8R
72Q/GeK/M7BlY38tJ/tPa9E3W9EQaO7XrIuJD6eMXzJnnZ7POh7rq3+FKElwfxRV
AiSfBEkZZ/PNfGVCN8Nx26IwOKahBBPdWEZ1ovtQaLJSLmAsgHW0pcrmnitH2ceQ
DsxLFngFxvtnAc79Cu6f6jcn18t1M0aVfHcc8B94SOBIz/9Ayaq/Rgntc0SBf8kL
DZzH1zRqfhUNL/SQO+7jG4YGObhxXi0Cei4NAUipH/Y0mSuZnqxUGDmG53nEcAge
5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org