Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jObAw4_dh66-qhmR92jcd7nTBRw.roa
File:                     jObAw4_dh66-qhmR92jcd7nTBRw.roa (raw, json)
Hash identifier:          2XKuLiVBYUyA4jIlK0uzaAWpm1ZfmP+EDKEG7W/X5+I=
Subject key identifier:   8C:E6:C0:C3:8F:DD:87:AE:BE:AA:19:91:F7:68:DC:77:B9:D3:05:1C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       150F57F0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jObAw4_dh66-qhmR92jcd7nTBRw.roa
Signing time:             Thu 09 Jun 2022 02:17:03 +0000
ROA not before:           Thu 09 Jun 2022 02:17:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204750
IP address blocks:        2a0e:97c0:3d0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 353327088 (0x150f57f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun  9 02:17:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ce6c0c38fdd87aebeaa1991f768dc77b9d3051c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:07:30:d9:e5:d7:b1:e4:82:3f:ba:4c:8e:cb:
                    32:f3:30:ef:22:a2:90:b3:1a:79:1e:fc:7e:ba:9b:
                    a0:18:d5:b0:4b:e8:ea:1a:79:90:f5:26:58:93:dc:
                    dd:c1:f4:68:13:92:b3:1c:37:3b:31:ec:13:9c:02:
                    38:c6:4b:47:b1:fe:3f:16:5b:f5:c3:65:62:14:72:
                    dd:12:b9:3a:5d:1f:df:3d:df:d1:f1:ef:07:56:ad:
                    a1:8c:70:f6:16:a5:0a:27:ec:98:14:29:8b:70:96:
                    b0:ef:16:05:7c:61:b7:25:aa:c2:76:33:7d:0d:63:
                    54:93:b2:05:a5:44:82:9c:f9:97:8a:03:23:4f:c3:
                    be:33:41:51:20:a7:0b:52:be:2b:7b:19:39:28:ba:
                    7f:f6:1a:9c:3b:70:a2:39:42:e6:a6:0a:76:05:90:
                    57:43:0c:cc:ee:89:08:a2:d8:31:49:93:0e:1a:9f:
                    8d:cb:0e:ae:0b:ff:33:bf:63:20:e2:6c:08:1e:58:
                    2b:f2:77:54:e3:30:7e:8b:9d:04:75:c5:3b:c8:30:
                    4b:0d:77:75:75:6c:44:45:b9:bd:11:f9:3a:fa:c6:
                    b9:f9:de:90:58:47:64:c3:80:df:e6:9f:fb:f5:0c:
                    69:c4:96:aa:25:09:3c:b0:60:5e:f4:df:b1:c3:0f:
                    00:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:E6:C0:C3:8F:DD:87:AE:BE:AA:19:91:F7:68:DC:77:B9:D3:05:1C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jObAw4_dh66-qhmR92jcd7nTBRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:3d0::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:0d:c8:bf:ee:48:38:79:45:2e:75:9a:53:75:e2:93:6d:fc:
         9a:b4:70:a3:be:9e:28:80:aa:35:1d:8d:51:29:57:60:04:a4:
         03:19:41:be:bf:70:55:1b:e3:34:d6:45:fc:4e:f1:bc:83:5f:
         ff:8e:bd:89:73:26:41:a2:3d:0a:8d:95:c2:bb:7c:80:5e:56:
         51:98:25:b4:0c:fa:e6:05:15:3e:a5:ec:96:38:f1:a1:74:1b:
         51:1f:ff:88:44:05:7e:23:ab:5a:bf:d3:e9:a4:42:af:81:c0:
         25:47:9e:8d:7e:53:be:66:4c:17:bc:fe:84:64:53:a7:53:09:
         3d:dc:fd:b5:1e:4f:a4:c6:ba:96:6a:9e:47:55:2f:cd:29:c7:
         f9:9e:59:1d:d1:a8:18:da:02:7b:a0:50:ac:a1:94:ad:59:de:
         96:7e:25:3f:c5:04:86:e7:50:8c:0c:fc:0b:47:58:c2:2e:15:
         42:27:5d:ff:59:3c:b3:2c:ee:56:5d:5f:b7:a2:f2:5d:67:1e:
         ce:df:9b:3e:98:0a:68:3b:75:b0:80:15:64:87:0c:0e:1a:be:
         ea:b9:ec:e2:01:1b:4c:28:e3:db:20:3b:d0:6f:d6:5d:f5:4b:
         ab:a8:4b:10:8e:aa:c8:60:39:88:49:3c:bc:0f:0d:dd:76:2d:
         d9:11:e9:01
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFQ9X8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDYw
OTAyMTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNlNmMwYzM4ZmRk
ODdhZWJlYWExOTkxZjc2OGRjNzdiOWQzMDUxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcHMNnl17Hkgj+6TI7LMvMw7yKikLMaeR78frqboBjVsEvo
6hp5kPUmWJPc3cH0aBOSsxw3OzHsE5wCOMZLR7H+PxZb9cNlYhRy3RK5Ol0f3z3f
0fHvB1atoYxw9halCifsmBQpi3CWsO8WBXxhtyWqwnYzfQ1jVJOyBaVEgpz5l4oD
I0/DvjNBUSCnC1K+K3sZOSi6f/YanDtwojlC5qYKdgWQV0MMzO6JCKLYMUmTDhqf
jcsOrgv/M79jIOJsCB5YK/J3VOMwfoudBHXFO8gwSw13dXVsREW5vRH5OvrGufne
kFhHZMOA3+af+/UMacSWqiUJPLBgXvTfscMPAPsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSM5sDDj92Hrr6qGZH3aNx3udMFHDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2pPYkF3NF9kaDY2LXFobVI5MmpjZDduVEJSdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOl8AD0DANBgkqhkiG9w0BAQsF
AAOCAQEAnw3Iv+5IOHlFLnWaU3Xik238mrRwo76eKICqNR2NUSlXYASkAxlBvr9w
VRvjNNZF/E7xvINf/469iXMmQaI9Co2Vwrt8gF5WUZgltAz65gUVPqXsljjxoXQb
UR//iEQFfiOrWr/T6aRCr4HAJUeejX5TvmZMF7z+hGRTp1MJPdz9tR5PpMa6lmqe
R1UvzSnH+Z5ZHdGoGNoCe6BQrKGUrVneln4lP8UEhudQjAz8C0dYwi4VQidd/1k8
syzuVl1ft6LyXWcezt+bPpgKaDt1sIAVZIcMDhq+6rns4gEbTCjj2yA70G/WXfVL
q6hLEI6qyGA5iEk8vA8N3XYt2RHpAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:36 2024 by rpki-client on console-fra.rpki-client.org