Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa
File:                     kqFPuwdxLEiyKtiFafRZT1ummms.roa (raw, json)
Hash identifier:          6Aen5Ey1XuKoQj5qfN5L/vaq5kvrrLws1CUYHA5AJlU=
Subject key identifier:   92:A1:4F:BB:07:71:2C:48:B2:2A:D8:85:69:F4:59:4F:5B:A6:9A:6B
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018506BF88E4EDA27842D2CC491ED8E04828
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa
Signing time:             Mon 12 Dec 2022 14:31:33 +0000
ROA not before:           Mon 12 Dec 2022 14:31:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200625
IP address blocks:        2a0e:97c0:61d::/48 maxlen: 48
                          2a0e:97c0:610::/44 maxlen: 48
                          2a0e:97c0:618::/48 maxlen: 48
                          2a0e:97c0:613::/48 maxlen: 48
                          2a0e:97c0:61e::/48 maxlen: 48
                          2a0e:97c0:611::/48 maxlen: 48
                          2a0e:97c0:61c::/48 maxlen: 48
                          2a0e:97c0:617::/48 maxlen: 48
                          2a0e:97c0:612::/48 maxlen: 48
                          2a0e:97c0:615::/48 maxlen: 48
                          2a0e:97c0:610::/48 maxlen: 48
                          2a0e:97c0:61b::/48 maxlen: 48
                          2a0e:97c0:616::/48 maxlen: 48
                          2a0e:97c0:619::/48 maxlen: 48
                          2a0e:97c0:614::/48 maxlen: 48
                          2a0e:97c0:61f::/48 maxlen: 48
                          2a0e:97c0:61a::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:06:bf:88:e4:ed:a2:78:42:d2:cc:49:1e:d8:e0:48:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec 12 14:31:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92a14fbb07712c48b22ad88569f4594f5ba69a6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:ce:9c:0c:50:6d:e4:27:58:69:fe:6f:ce:1f:
                    b9:ee:e9:a4:20:b6:4e:07:13:9a:12:15:ce:61:82:
                    74:e0:6f:78:c7:37:25:4d:6c:11:1d:c3:10:bd:21:
                    a7:10:60:c7:35:3b:16:1a:be:4d:96:7b:b3:73:e4:
                    04:b8:39:13:74:ce:4e:a0:e0:0e:05:fd:c8:18:31:
                    18:7f:eb:4a:13:47:ff:5f:cb:f1:4c:52:21:40:76:
                    06:66:50:7a:1c:0a:ca:ca:e9:15:d7:1b:57:49:b9:
                    2d:33:7b:c5:e7:73:6f:0c:20:b7:60:fd:99:c6:a7:
                    2a:36:34:3f:a8:fd:91:1a:4a:34:f7:5a:37:a6:a5:
                    c4:68:a3:75:65:04:1b:31:53:67:ea:da:86:9b:4b:
                    3b:bb:13:09:5f:21:11:84:7f:4b:78:9c:fd:22:03:
                    31:b5:ac:ba:70:c4:0e:c3:40:49:7e:54:28:6b:2a:
                    c8:63:12:33:01:b4:0a:40:b7:32:60:3e:f8:d9:c8:
                    6e:86:c0:73:9f:72:96:94:f3:9a:d3:e7:1c:61:2e:
                    fb:69:55:59:d6:07:a9:41:56:00:d2:6d:b1:b5:90:
                    43:a9:4e:ce:69:c5:37:20:70:be:e4:6e:77:7b:8c:
                    d9:bb:62:d5:ba:c7:d4:61:28:88:ec:22:d1:b2:4f:
                    a0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:A1:4F:BB:07:71:2C:48:B2:2A:D8:85:69:F4:59:4F:5B:A6:9A:6B
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kqFPuwdxLEiyKtiFafRZT1ummms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:610::/44

    Signature Algorithm: sha256WithRSAEncryption
         59:4d:46:0d:99:4d:ce:c9:76:bd:92:54:3a:e3:34:19:b1:50:
         df:3b:23:04:9c:b7:f8:9d:f7:9d:2f:b7:fb:43:4f:ee:ce:8e:
         a3:8f:4c:10:9e:b1:f2:ab:a7:26:c2:08:11:ed:1d:df:80:0b:
         ae:9e:2a:e7:40:0a:ea:09:fb:d9:a9:d5:59:8a:5e:c9:c2:36:
         d7:73:b5:f7:91:0b:22:b6:e4:23:a6:c0:76:c4:18:45:dc:bd:
         b8:38:d0:2b:6b:a9:00:16:18:a9:58:12:51:63:04:1c:1c:16:
         59:a7:16:ed:ae:b1:0a:35:e5:fb:8c:81:00:f9:34:eb:00:d7:
         b0:de:2b:1a:53:e7:18:64:c7:49:7e:93:04:b0:13:cc:23:0d:
         32:96:fd:31:35:01:e1:5a:8a:49:99:e5:11:14:08:b2:25:44:
         af:74:11:d9:fc:0b:4f:86:a6:ee:69:6f:36:0d:cd:cb:07:ab:
         6c:3f:58:79:0a:fb:fa:8c:1a:e8:85:4c:a4:bd:84:a7:cd:0c:
         6b:7e:8c:84:58:f7:d1:2f:2f:d2:6f:a4:e7:8a:53:07:8b:70:
         03:8b:ad:16:15:7a:23:89:58:e8:89:e2:65:d2:88:ff:32:f6:
         d9:04:93:a1:24:67:78:3a:8f:67:a9:c8:06:88:6b:af:bc:cc:
         01:aa:16:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUGv4jk7aJ4QtLMSR7Y4EgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjEyMTQzMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmExNGZiYjA3NzEyYzQ4YjIyYWQ4ODU2OWY0NTk0ZjViYTY5YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA986cDFBt5CdYaf5vzh+57umkILZO
BxOaEhXOYYJ04G94xzclTWwRHcMQvSGnEGDHNTsWGr5Nlnuzc+QEuDkTdM5OoOAO
Bf3IGDEYf+tKE0f/X8vxTFIhQHYGZlB6HArKyukV1xtXSbktM3vF53NvDCC3YP2Z
xqcqNjQ/qP2RGko091o3pqXEaKN1ZQQbMVNn6tqGm0s7uxMJXyERhH9LeJz9IgMx
tay6cMQOw0BJflQoayrIYxIzAbQKQLcyYD742chuhsBzn3KWlPOa0+ccYS77aVVZ
1gepQVYA0m2xtZBDqU7OacU3IHC+5G53e4zZu2LVusfUYSiI7CLRsk+gBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKhT7sHcSxIsirYhWn0WU9bppprMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva3FGUHV3ZHhMRWl5S3RpRmFmUlpUMXVtbW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZTUYNmU3OyXa9klQ64zQZsVDfOyMEnLf4nfed
L7f7Q0/uzo6jj0wQnrHyq6cmwggR7R3fgAuunirnQArqCfvZqdVZil7JwjbXc7X3
kQsituQjpsB2xBhF3L24ONAra6kAFhipWBJRYwQcHBZZpxbtrrEKNeX7jIEA+TTr
ANew3isaU+cYZMdJfpMEsBPMIw0ylv0xNQHhWopJmeURFAiyJUSvdBHZ/AtPhqbu
aW82Dc3LB6tsP1h5Cvv6jBrohUykvYSnzQxrfoyEWPfRLy/Sb6TnilMHi3ADi60W
FXojiVjoieJl0oj/MvbZBJOhJGd4Oo9nqcgGiGuvvMwBqhaE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org