Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kGeZIXdzqEg5ZZ3VEfAvoKfL-do.roa
File:                     kGeZIXdzqEg5ZZ3VEfAvoKfL-do.roa (raw, json)
Hash identifier:          uzXNilgs3PFAueAfi4zu7srxc3i/NoRsEyAV9I/Jkns=
Subject key identifier:   90:67:99:21:77:73:A8:48:39:65:9D:D5:11:F0:2F:A0:A7:CB:F9:DA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10E96449
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kGeZIXdzqEg5ZZ3VEfAvoKfL-do.roa
Signing time:             Sat 01 Jan 2022 09:05:52 +0000
ROA not before:           Sat 01 Jan 2022 09:05:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212888
IP address blocks:        2a0e:b107:c00::/48 maxlen: 48
                          2a0e:b107:c02::/48 maxlen: 48
                          2a0e:b107:c04::/48 maxlen: 48
                          2a0e:b107:c01::/48 maxlen: 48
                          2a0e:b107:c03::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 283731017 (0x10e96449)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=906799217773a84839659dd511f02fa0a7cbf9da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bb:50:3f:1e:22:eb:e3:7a:91:25:c7:9a:77:
                    48:bb:4a:8b:6e:05:c8:8f:18:56:0c:9b:50:e6:7f:
                    b5:72:fb:c2:ec:f1:3a:d5:25:91:a9:bf:fe:c9:50:
                    27:0a:44:4c:32:1b:d4:7c:3b:e4:d8:25:1f:fc:70:
                    80:02:a0:e6:ce:fe:b2:4d:95:07:8e:46:4a:c7:49:
                    63:7d:e9:77:f9:ee:97:61:22:07:dd:b8:e3:d2:67:
                    ca:73:f3:34:4f:c8:61:50:d2:14:4f:63:d3:56:cd:
                    b3:10:a6:f8:5c:69:9e:3c:cd:02:d8:0e:87:03:5d:
                    53:cd:fc:80:ba:1e:3f:aa:4a:a3:3c:98:a9:90:19:
                    26:d4:cd:1d:7c:81:d0:5b:b6:f4:43:d7:7e:56:3c:
                    9b:a1:23:0e:8c:08:b3:35:07:28:7b:9c:a4:45:7c:
                    51:f6:f7:35:84:20:90:b2:bd:da:e2:27:87:a5:a2:
                    d6:a4:06:e0:b3:62:04:b2:55:3d:c5:01:3d:95:72:
                    7c:20:ef:af:1b:66:b1:06:8e:0c:c3:a5:1d:c3:14:
                    20:f9:3f:fe:b3:f1:08:72:16:97:5d:2e:a3:47:26:
                    d5:b6:f1:b3:c8:b6:37:58:4c:63:4f:4a:1a:6e:de:
                    6a:12:a1:29:13:dc:3b:bf:30:88:d5:62:c2:77:20:
                    b2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:67:99:21:77:73:A8:48:39:65:9D:D5:11:F0:2F:A0:A7:CB:F9:DA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kGeZIXdzqEg5ZZ3VEfAvoKfL-do.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:c00::-2a0e:b107:c04:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         00:bb:05:8a:f4:3c:02:a4:9f:7d:44:bb:1f:65:c8:b4:db:ce:
         ac:a1:67:f3:33:c1:98:e5:0e:73:d6:9a:ae:a5:9d:50:52:05:
         b0:ed:ad:06:53:82:6b:ca:da:f9:e2:06:29:f6:15:b6:39:fb:
         5b:2a:c4:38:b4:9a:a6:7f:f2:ce:cf:78:8b:d5:c8:6b:46:b3:
         fc:87:c4:fa:aa:33:0a:00:28:11:b8:50:b9:fc:c3:9a:31:17:
         a5:ff:67:fc:0b:d3:ef:b9:e8:13:b7:de:58:99:1f:23:0d:67:
         79:1f:6f:01:fb:10:20:a1:80:d3:ac:68:8d:dd:5a:53:4f:12:
         4f:8b:81:27:64:bd:3b:d7:d3:3b:e7:44:ca:63:e3:9d:70:61:
         ee:7c:f2:54:f2:3d:4b:9b:8b:28:26:07:de:c7:e1:bc:fa:66:
         3e:b2:b8:58:22:a1:28:e4:40:a6:ae:8d:a1:40:86:6a:1b:53:
         65:57:f4:18:23:1e:b1:cd:51:db:74:1f:d0:1e:28:16:90:e2:
         eb:82:08:69:ff:b3:1d:ff:62:c9:96:e9:28:6f:8e:2a:bf:09:
         eb:87:12:f5:d3:82:2b:69:97:57:c4:d0:fd:9a:9c:48:0e:8b:
         41:0a:a1:e3:9c:b6:b4:f8:98:83:36:b6:2c:38:61:41:35:8e:
         d1:8f:2e:6c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEEOlkSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA2Nzk5MjE3Nzcz
YTg0ODM5NjU5ZGQ1MTFmMDJmYTBhN2NiZjlkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+7UD8eIuvjepElx5p3SLtKi24FyI8YVgybUOZ/tXL7wuzx
OtUlkam//slQJwpETDIb1Hw75NglH/xwgAKg5s7+sk2VB45GSsdJY33pd/nul2Ei
B92449JnynPzNE/IYVDSFE9j01bNsxCm+FxpnjzNAtgOhwNdU838gLoeP6pKozyY
qZAZJtTNHXyB0Fu29EPXflY8m6EjDowIszUHKHucpEV8Ufb3NYQgkLK92uInh6Wi
1qQG4LNiBLJVPcUBPZVyfCDvrxtmsQaODMOlHcMUIPk//rPxCHIWl10uo0cm1bbx
s8i2N1hMY09KGm7eahKhKRPcO78wiNViwncgsmsCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBSQZ5khd3OoSDllndUR8C+gp8v52jAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2tHZVpJWGR6cUVnNVpaM1ZFZkF2b0tmTC1kby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEzARAwYCKg6xBwwDBwAqDrEHDAQwDQYJ
KoZIhvcNAQELBQADggEBAAC7BYr0PAKkn31Eux9lyLTbzqyhZ/MzwZjlDnPWmq6l
nVBSBbDtrQZTgmvK2vniBin2FbY5+1sqxDi0mqZ/8s7PeIvVyGtGs/yHxPqqMwoA
KBG4ULn8w5oxF6X/Z/wL0++56BO33liZHyMNZ3kfbwH7ECChgNOsaI3dWlNPEk+L
gSdkvTvX0zvnRMpj451wYe588lTyPUubiygmB97H4bz6Zj6yuFgioSjkQKaujaFA
hmobU2VX9BgjHrHNUdt0H9AeKBaQ4uuCCGn/sx3/YsmW6Shvjiq/CeuHEvXTgitp
l1fE0P2anEgOi0EKoeOctrT4mIM2tiw4YUE1jtGPLmw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org