Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k_9783uJkXz4ZlSG7GT0r1Yrszg.roa
File:                     k_9783uJkXz4ZlSG7GT0r1Yrszg.roa (raw, json)
Hash identifier:          pPoGSapxpt45Fyz722RoHlSlZIIY4e7ec0+YARlt7AY=
Subject key identifier:   93:FF:7B:F3:7B:89:91:7C:F8:66:54:86:EC:64:F4:AF:56:2B:B3:38
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       11E7176A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k_9783uJkXz4ZlSG7GT0r1Yrszg.roa
Signing time:             Thu 10 Feb 2022 17:33:09 +0000
ROA not before:           Thu 10 Feb 2022 17:33:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208690
IP address blocks:        2a0e:97c0:6d0::/44 maxlen: 48
                          2a0e:97c0:6d1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 300357482 (0x11e7176a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 10 17:33:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93ff7bf37b89917cf8665486ec64f4af562bb338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fe:36:c8:e5:d2:1d:3a:91:ab:1d:92:18:7f:
                    bc:07:3f:4a:d4:46:d6:0b:5d:09:d8:59:96:8e:96:
                    9e:96:69:ff:61:75:78:ff:b3:0a:d9:00:ca:4c:6c:
                    42:2b:07:c9:4d:f5:a3:82:d2:0d:ee:75:63:59:19:
                    96:22:f5:5e:8c:03:8f:4a:23:6d:f1:4d:0d:b0:c5:
                    b8:e4:c2:20:ca:bc:ad:3d:53:4c:9a:12:0a:eb:33:
                    12:9a:0c:f3:39:33:5a:21:d9:79:90:24:67:1d:7e:
                    05:4b:1e:2e:84:c3:05:84:f0:ba:8a:03:e1:cc:d4:
                    c1:b7:ce:a0:ab:7d:95:6c:d5:67:08:7e:ea:84:9a:
                    e4:cb:0e:20:6b:b0:4b:e3:19:7e:73:3c:64:0d:70:
                    a0:d4:0a:04:7b:1f:ac:90:9a:6f:e8:89:8d:1d:e7:
                    28:f0:02:49:ab:95:94:94:ae:09:1a:6b:ba:13:f8:
                    88:3b:1e:79:e9:86:1e:78:77:16:b2:25:5a:ab:de:
                    59:9d:2b:4b:00:d4:c9:75:ad:0b:c0:f3:4c:13:52:
                    6d:67:c9:bd:60:35:ff:1a:58:95:f5:7b:6e:91:9e:
                    2f:f9:d0:41:d2:a6:a3:a4:32:56:9f:6f:c4:4c:92:
                    25:80:66:51:ed:64:5c:7b:9c:dd:be:0e:db:cd:6f:
                    08:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:FF:7B:F3:7B:89:91:7C:F8:66:54:86:EC:64:F4:AF:56:2B:B3:38
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/k_9783uJkXz4ZlSG7GT0r1Yrszg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:6d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         30:a6:b2:9d:61:5d:8d:6b:06:2c:cd:81:22:e6:9d:d5:22:c7:
         da:d2:66:a9:ba:59:c8:de:47:c3:ba:d9:cc:ff:2b:17:1c:65:
         17:de:d5:36:66:06:f6:c1:35:55:83:bd:7a:ca:b1:1d:08:99:
         97:9c:7b:68:4e:a2:b3:91:60:e4:97:cc:38:25:99:fc:ab:c5:
         98:11:f5:16:c7:04:34:4d:67:50:80:02:fa:e5:71:97:97:57:
         fa:aa:03:a2:3f:05:9d:a8:8c:77:bb:e1:6f:a3:8d:4e:26:00:
         f5:7e:c8:5d:a6:d9:6f:6f:3a:75:23:6d:b5:77:59:a8:c5:a4:
         4d:73:f4:44:73:bc:12:11:43:06:3e:10:1c:a6:57:73:1e:e9:
         ac:47:e8:05:65:7e:40:5b:bb:38:1f:61:8d:99:b9:9e:37:f9:
         d1:94:3a:a1:e6:ba:6d:c7:62:33:41:d7:f9:39:e5:71:71:2b:
         de:ad:7e:84:0d:57:46:4a:0b:69:e8:02:97:e3:18:96:ba:ef:
         d9:77:09:bf:da:aa:f6:1d:3b:2f:5a:6e:5a:56:25:c7:41:b7:
         d2:e0:7a:1b:68:8e:c2:e0:e5:7e:62:b5:6e:1b:49:cc:5b:93:
         d4:97:50:e2:35:1e:db:7a:5d:b6:8a:ce:24:91:a1:bc:57:a6:
         fc:76:2e:4f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEecXajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDIx
MDE3MzMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNmZjdiZjM3Yjg5
OTE3Y2Y4NjY1NDg2ZWM2NGY0YWY1NjJiYjMzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj+Nsjl0h06kasdkhh/vAc/StRG1gtdCdhZlo6WnpZp/2F1
eP+zCtkAykxsQisHyU31o4LSDe51Y1kZliL1XowDj0ojbfFNDbDFuOTCIMq8rT1T
TJoSCuszEpoM8zkzWiHZeZAkZx1+BUseLoTDBYTwuooD4czUwbfOoKt9lWzVZwh+
6oSa5MsOIGuwS+MZfnM8ZA1woNQKBHsfrJCab+iJjR3nKPACSauVlJSuCRpruhP4
iDseeemGHnh3FrIlWqveWZ0rSwDUyXWtC8DzTBNSbWfJvWA1/xpYlfV7bpGeL/nQ
QdKmo6QyVp9vxEySJYBmUe1kXHuc3b4O281vCFMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBST/3vze4mRfPhmVIbsZPSvViuzODAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2tfOTc4M3VKa1h6NFpsU0c3R1QwcjFZcnN6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AG0DANBgkqhkiG9w0BAQsF
AAOCAQEAMKaynWFdjWsGLM2BIuad1SLH2tJmqbpZyN5Hw7rZzP8rFxxlF97VNmYG
9sE1VYO9esqxHQiZl5x7aE6is5Fg5JfMOCWZ/KvFmBH1FscENE1nUIAC+uVxl5dX
+qoDoj8FnaiMd7vhb6ONTiYA9X7IXabZb286dSNttXdZqMWkTXP0RHO8EhFDBj4Q
HKZXcx7prEfoBWV+QFu7OB9hjZm5njf50ZQ6oea6bcdiM0HX+TnlcXEr3q1+hA1X
RkoLaegCl+MYlrrv2XcJv9qq9h07L1puWlYlx0G30uB6G2iOwuDlfmK1bhtJzFuT
1JdQ4jUe23pdtorOJJGhvFem/HYuTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org