Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVLpLRwUIgFDJG8uBoqfpu2EJWM.roa
File:                     mVLpLRwUIgFDJG8uBoqfpu2EJWM.roa (raw, json)
Hash identifier:          iHB4n1uw3zyrK5jfFwoyRNEncxl1mqzzFgX9IUHCNEE=
Subject key identifier:   99:52:E9:2D:1C:14:22:01:43:24:6F:2E:06:8A:9F:A6:ED:84:25:63
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018499E821D3109C4B817855177D91842BBE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVLpLRwUIgFDJG8uBoqfpu2EJWM.roa
Signing time:             Mon 21 Nov 2022 11:17:17 +0000
ROA not before:           Mon 21 Nov 2022 11:17:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202340
IP address blocks:        2a10:cc40:212::/48 maxlen: 48
                          2a10:cc40:215::/48 maxlen: 48
                          2a10:cc40:210::/44 maxlen: 48
                          2a10:cc40:213::/48 maxlen: 48
                          2a10:cc40:211::/48 maxlen: 48
                          2a10:cc40:214::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:e8:21:d3:10:9c:4b:81:78:55:17:7d:91:84:2b:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 21 11:17:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9952e92d1c14220143246f2e068a9fa6ed842563
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6e:37:c8:82:94:c0:5b:9b:2b:7c:5b:fa:1a:
                    0c:f8:2d:0f:66:e8:ad:7a:06:e6:8d:a6:67:c0:7c:
                    35:5a:b0:5b:90:9f:f6:56:de:75:1b:b2:b1:24:57:
                    2c:6f:43:b1:7a:d7:9c:9d:d6:d4:b0:7f:78:c5:8e:
                    2a:55:39:ff:36:61:ef:57:b9:69:06:b8:bd:1f:a3:
                    f4:59:b4:b8:35:3a:a7:c5:f0:b1:43:1e:37:f7:f0:
                    b7:79:17:e8:dd:a3:b7:a8:a3:cf:85:36:d2:83:42:
                    8d:b3:66:b0:6a:a9:ef:04:f9:e2:69:cc:3a:44:e3:
                    21:70:86:7c:ce:71:42:36:2e:90:1b:6e:ae:ea:69:
                    4e:72:54:e4:b0:b9:b4:8a:d7:1e:d6:e5:ae:fc:c7:
                    f7:c4:c6:3a:b3:b7:1b:4a:1d:88:10:6e:85:4b:85:
                    20:45:ff:d3:fc:27:2a:14:78:ec:2b:42:74:81:4e:
                    17:49:15:f5:22:4f:04:44:6a:2c:01:c8:a0:1f:fb:
                    78:60:87:8a:e9:6f:d6:88:a8:07:de:88:f7:6b:9f:
                    4b:10:50:8b:2d:d8:03:89:67:b6:89:b1:5b:23:a7:
                    4e:3e:d7:58:18:61:2e:54:7a:42:30:62:d1:32:94:
                    18:43:1e:87:15:cb:fe:af:b9:e6:f6:74:67:5b:f5:
                    ae:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:52:E9:2D:1C:14:22:01:43:24:6F:2E:06:8A:9F:A6:ED:84:25:63
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVLpLRwUIgFDJG8uBoqfpu2EJWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc40:210::/44

    Signature Algorithm: sha256WithRSAEncryption
         7a:c9:cd:90:56:b5:8b:a9:c8:2a:e7:ed:43:86:0f:85:a9:ba:
         02:0d:6c:83:45:c1:42:ac:93:35:25:8e:3e:72:95:7e:a1:db:
         e7:eb:29:36:ca:a1:d4:66:29:cf:d9:d0:30:dc:b0:39:02:be:
         96:a1:59:df:be:d6:15:f3:1e:d4:d6:4e:ae:a3:fe:3d:d8:2f:
         b2:22:b6:d6:6f:92:91:8f:19:44:22:b7:04:2a:7b:c8:20:d2:
         44:33:41:05:6d:a0:d8:57:ca:ea:09:fb:ba:b7:ee:66:70:a6:
         8f:f2:03:54:aa:b4:41:d3:ad:15:6b:72:60:48:a3:de:65:f7:
         13:6a:e5:be:c4:52:c3:29:71:1b:a8:8b:c4:aa:62:f1:ca:9b:
         a5:ab:3b:19:d1:4a:cd:2c:57:28:72:e4:cb:fe:33:c6:55:f0:
         14:dc:83:86:bc:6d:e5:ca:12:c6:cc:9e:7e:3a:19:d7:44:54:
         1a:46:51:57:05:6f:2c:f8:4f:67:f3:13:5b:4d:c7:0c:74:64:
         01:e5:e0:a9:9a:68:84:f4:e4:34:10:25:d8:c3:ed:f2:f0:2a:
         6c:05:aa:ae:70:3a:88:03:33:b6:f3:08:87:15:a7:da:ce:3f:
         54:ed:15:da:0b:51:6f:52:10:52:5f:a2:5f:79:72:78:24:d9:
         36:65:69:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYSZ6CHTEJxLgXhVF32RhCu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTIxMTExNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUyZTkyZDFjMTQyMjAxNDMyNDZmMmUwNjhhOWZhNmVkODQyNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp243yIKUwFubK3xb+hoM+C0PZuit
egbmjaZnwHw1WrBbkJ/2Vt51G7KxJFcsb0OxetecndbUsH94xY4qVTn/NmHvV7lp
Bri9H6P0WbS4NTqnxfCxQx439/C3eRfo3aO3qKPPhTbSg0KNs2awaqnvBPniacw6
ROMhcIZ8znFCNi6QG26u6mlOclTksLm0itce1uWu/Mf3xMY6s7cbSh2IEG6FS4Ug
Rf/T/CcqFHjsK0J0gU4XSRX1Ik8ERGosAcigH/t4YIeK6W/WiKgH3oj3a59LEFCL
LdgDiWe2ibFbI6dOPtdYGGEuVHpCMGLRMpQYQx6HFcv+r7nm9nRnW/WuZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJlS6S0cFCIBQyRvLgaKn6bthCVjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbVZMcExSd1VJZ0ZESkc4dUJvcWZwdTJFSldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMQAIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB6yc2QVrWLqcgq5+1Dhg+FqboCDWyDRcFCrJM1
JY4+cpV+odvn6yk2yqHUZinP2dAw3LA5Ar6WoVnfvtYV8x7U1k6uo/492C+yIrbW
b5KRjxlEIrcEKnvIINJEM0EFbaDYV8rqCfu6t+5mcKaP8gNUqrRB060Va3JgSKPe
ZfcTauW+xFLDKXEbqIvEqmLxypulqzsZ0UrNLFcocuTL/jPGVfAU3IOGvG3lyhLG
zJ5+OhnXRFQaRlFXBW8s+E9n8xNbTccMdGQB5eCpmmiE9OQ0ECXYw+3y8CpsBaqu
cDqIAzO28wiHFafazj9U7RXaC1FvUhBSX6JfeXJ4JNk2ZWnL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org