Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kwbdx1xYgYUwEWG4W9nQujYeTsk.roa
File:                     kwbdx1xYgYUwEWG4W9nQujYeTsk.roa (raw, json)
Hash identifier:          6MAed4o81Ky7812KupFgYAjp0zG23mXDTOdHXKaQ4Uc=
Subject key identifier:   93:06:DD:C7:5C:58:81:85:30:11:61:B8:5B:D9:D0:BA:36:1E:4E:C9
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183044A07915EBD87945487A82CC73590F2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kwbdx1xYgYUwEWG4W9nQujYeTsk.roa
Signing time:             Sat 03 Sep 2022 16:58:23 +0000
ROA not before:           Sat 03 Sep 2022 16:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203074
IP address blocks:        2a0e:97c0:4b0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:04:4a:07:91:5e:bd:87:94:54:87:a8:2c:c7:35:90:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Sep  3 16:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9306ddc75c588185301161b85bd9d0ba361e4ec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:49:5c:de:26:c6:3a:32:be:16:a4:8a:db:b3:
                    22:ec:71:47:d8:3b:75:90:4d:0a:74:29:2a:5f:7a:
                    31:66:c7:f5:23:1d:4c:2c:8e:ab:3a:19:0c:9f:e1:
                    70:11:97:58:ca:71:de:2a:db:a1:47:c0:ef:03:92:
                    b7:4a:fd:e1:48:39:df:1f:fe:16:ed:4e:81:2b:47:
                    b0:f2:79:bb:a3:e0:f0:67:17:c9:b3:0f:ba:3f:1e:
                    0f:8f:c2:b6:b7:3d:07:de:72:c2:22:f3:0e:e7:d3:
                    fd:4e:22:07:e5:7f:0d:74:3f:a4:92:9d:85:da:e9:
                    00:70:67:03:84:42:9e:03:fa:58:75:42:72:44:39:
                    36:50:0b:47:27:5e:83:58:27:52:3d:ff:00:12:ac:
                    fe:1d:b1:b8:40:ec:a1:26:26:b7:84:c9:62:9e:18:
                    73:af:66:3a:d9:90:cd:eb:59:4e:d8:03:f2:4a:42:
                    b7:78:1e:9c:58:a9:6b:2b:62:99:a1:7d:5f:98:5e:
                    90:5d:d3:79:b2:2b:89:09:56:16:5c:d5:42:98:60:
                    cf:ef:08:78:40:42:e4:91:1f:09:34:2d:a8:ee:ee:
                    4c:fd:90:3a:7c:fe:63:9f:ce:ee:4a:e3:42:2d:76:
                    3a:c3:d3:c6:e5:71:b0:11:65:35:7d:0e:a7:da:49:
                    84:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:06:DD:C7:5C:58:81:85:30:11:61:B8:5B:D9:D0:BA:36:1E:4E:C9
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kwbdx1xYgYUwEWG4W9nQujYeTsk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:4b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         7a:da:50:b2:28:ad:3b:9a:46:83:63:3e:00:50:77:e4:6f:37:
         17:81:a2:2d:ba:37:08:2b:08:dc:fa:7b:83:3e:f7:ed:51:c4:
         7e:a5:1d:3b:7a:06:b8:e4:f5:d4:18:0a:fd:15:14:07:bc:e0:
         ce:c8:a9:3a:e2:63:db:d8:ed:f7:8d:ce:ec:0c:af:a3:8a:50:
         b1:e3:fd:e2:91:a8:c0:ad:5b:e8:d7:7f:f4:3a:2f:b4:a1:a8:
         4a:a7:0f:7d:b7:71:5f:92:bb:c3:5a:7a:64:68:2b:87:e6:07:
         29:b7:e5:23:a8:ae:c6:40:93:58:b4:72:fc:6d:be:00:eb:94:
         a3:d7:ba:1b:08:f3:5c:5c:24:e9:c0:31:dd:26:3e:9c:dc:5b:
         d9:0f:05:93:21:1f:b3:fc:ab:f2:0b:cb:35:95:3f:5b:fd:0e:
         b8:b9:ae:0d:cc:05:d7:f0:d4:21:ea:ed:35:27:79:2b:72:e4:
         57:72:ad:2d:28:1c:90:24:b3:48:6a:44:3d:16:d3:27:ad:8a:
         6b:6a:7f:02:38:da:f0:35:32:4b:88:e9:13:da:89:55:b6:b2:
         5e:ce:a7:05:13:14:0b:c7:89:79:76:d2:59:34:3e:dc:63:da:
         27:40:23:85:98:2d:4f:ff:54:85:58:0e:db:7d:f0:f4:34:c9:
         68:98:70:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMESgeRXr2HlFSHqCzHNZDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTAzMTY1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA2ZGRjNzVjNTg4MTg1MzAxMTYxYjg1YmQ5ZDBiYTM2MWU0ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlElc3ibGOjK+FqSK27Mi7HFH2Dt1
kE0KdCkqX3oxZsf1Ix1MLI6rOhkMn+FwEZdYynHeKtuhR8DvA5K3Sv3hSDnfH/4W
7U6BK0ew8nm7o+DwZxfJsw+6Px4Pj8K2tz0H3nLCIvMO59P9TiIH5X8NdD+kkp2F
2ukAcGcDhEKeA/pYdUJyRDk2UAtHJ16DWCdSPf8AEqz+HbG4QOyhJia3hMlinhhz
r2Y62ZDN61lO2APySkK3eB6cWKlrK2KZoX1fmF6QXdN5siuJCVYWXNVCmGDP7wh4
QELkkR8JNC2o7u5M/ZA6fP5jn87uSuNCLXY6w9PG5XGwEWU1fQ6n2kmEhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJMG3cdcWIGFMBFhuFvZ0Lo2Hk7JMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva3diZHgxeFlnWVV3RVdHNFc5blF1alllVHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwASw
MA0GCSqGSIb3DQEBCwUAA4IBAQB62lCyKK07mkaDYz4AUHfkbzcXgaItujcIKwjc
+nuDPvftUcR+pR07ega45PXUGAr9FRQHvODOyKk64mPb2O33jc7sDK+jilCx4/3i
kajArVvo13/0Oi+0oahKpw99t3FfkrvDWnpkaCuH5gcpt+UjqK7GQJNYtHL8bb4A
65Sj17obCPNcXCTpwDHdJj6c3FvZDwWTIR+z/KvyC8s1lT9b/Q64ua4NzAXX8NQh
6u01J3krcuRXcq0tKByQJLNIakQ9FtMnrYpran8CONrwNTJLiOkT2olVtrJezqcF
ExQLx4l5dtJZND7cY9onQCOFmC1P/1SFWA7bffD0NMlomHAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org