Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mlDVDwPpbrirq7hUJ0IRLTzu9vM.roa
File:                     mlDVDwPpbrirq7hUJ0IRLTzu9vM.roa (raw, json)
Hash identifier:          Z6cKA3+EZXNU4IOwFPfcaMEEHJ/CSnkuwxPQ6vk8h1M=
Subject key identifier:   9A:50:D5:0F:03:E9:6E:B8:AB:AB:B8:54:27:42:11:2D:3C:EE:F6:F3
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0182CAE49ECF1723718D5033E05D9CBF8A2F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mlDVDwPpbrirq7hUJ0IRLTzu9vM.roa
Signing time:             Tue 23 Aug 2022 13:29:16 +0000
ROA not before:           Tue 23 Aug 2022 13:29:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197071
IP address blocks:        2a0e:97c0:3e2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ca:e4:9e:cf:17:23:71:8d:50:33:e0:5d:9c:bf:8a:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug 23 13:29:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9a50d50f03e96eb8ababb8542742112d3ceef6f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:16:13:ea:d2:4b:ce:20:2d:a2:34:5f:3c:7e:
                    68:e9:00:f2:33:87:03:3a:96:86:e3:06:53:82:93:
                    cc:d3:a9:d4:54:5c:e1:2c:91:35:78:b0:e5:53:2c:
                    d6:3c:5a:a9:61:ad:17:f8:66:2b:7b:c9:45:ea:7d:
                    0f:2d:7b:77:0f:66:7c:58:78:ba:16:dc:bb:97:f6:
                    1b:5c:bc:cc:57:cd:d8:b7:67:fe:1e:02:88:95:64:
                    c5:2a:14:48:1b:49:95:83:fa:f9:1d:6f:1d:17:91:
                    86:da:74:28:ba:81:d0:38:74:54:b9:01:69:06:ac:
                    cf:4c:bb:35:5e:4f:5d:50:fc:29:4a:52:f7:c9:43:
                    38:92:51:16:a9:50:8e:6f:40:e3:11:48:bf:29:a7:
                    43:cf:37:6c:09:cf:da:b8:76:13:d3:b2:d2:06:5a:
                    e6:fa:a9:f7:fb:8a:fa:bb:f6:21:61:08:ec:9a:fd:
                    ec:3a:47:3c:82:65:a4:d0:df:63:6a:6f:e3:c1:8e:
                    d1:2b:13:e0:a5:79:e7:4c:72:9f:c9:25:7b:97:42:
                    ac:47:a4:37:d9:06:3b:76:e4:e8:6e:48:7c:99:ac:
                    fb:1a:9a:e8:72:06:97:dc:3a:e8:b8:21:d9:be:67:
                    29:ba:a4:99:0d:a4:a6:07:9f:dd:4b:3e:f3:aa:e8:
                    01:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:50:D5:0F:03:E9:6E:B8:AB:AB:B8:54:27:42:11:2D:3C:EE:F6:F3
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mlDVDwPpbrirq7hUJ0IRLTzu9vM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:3e2::/48

    Signature Algorithm: sha256WithRSAEncryption
         73:47:86:b9:29:2b:89:fc:7b:84:37:da:79:34:8d:84:2c:e5:
         53:8d:70:0e:2c:dd:bb:8e:ad:91:ce:24:90:43:59:5a:8c:f8:
         5b:7c:68:e3:45:4d:b9:de:52:cd:ce:30:e9:c5:5c:58:ac:31:
         b1:68:46:c2:4a:37:a7:c0:d0:ea:02:ef:e4:0c:fb:da:30:91:
         c2:30:26:22:6f:d9:84:f4:11:89:9e:7d:b0:03:bc:3a:20:b6:
         28:3a:d2:a9:58:4b:2e:bc:1f:1d:bd:11:cd:e3:bb:8d:97:4d:
         36:bd:a2:99:ba:59:e2:69:3e:c7:d5:e4:51:8a:5c:5f:9b:07:
         a6:87:51:28:fd:31:97:ed:4b:ec:af:97:2c:e4:3e:b6:6f:ec:
         bd:59:b3:7d:5e:f4:27:b4:eb:f9:f2:89:c3:ce:a7:0e:dd:39:
         4e:83:fe:79:0f:2e:1d:1b:ef:98:88:40:f1:a3:e8:16:15:c7:
         7d:5b:7b:d3:dd:6c:b8:c6:9d:62:5b:9c:90:a2:9b:a3:a1:0a:
         d9:f6:bb:05:1f:96:72:0e:ff:08:f9:4c:4d:61:d4:9e:9f:19:
         52:1c:11:77:66:c4:b6:9c:de:c4:0c:03:c6:90:a5:59:a7:1b:
         03:bd:fb:54:f2:1a:52:fe:3c:e8:e2:c7:d3:de:be:75:b9:a9:
         5a:57:62:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLK5J7PFyNxjVAz4F2cv4ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODIzMTMyOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTUwZDUwZjAzZTk2ZWI4YWJhYmI4NTQyNzQyMTEyZDNjZWVmNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhYT6tJLziAtojRfPH5o6QDyM4cD
OpaG4wZTgpPM06nUVFzhLJE1eLDlUyzWPFqpYa0X+GYre8lF6n0PLXt3D2Z8WHi6
Fty7l/YbXLzMV83Yt2f+HgKIlWTFKhRIG0mVg/r5HW8dF5GG2nQouoHQOHRUuQFp
BqzPTLs1Xk9dUPwpSlL3yUM4klEWqVCOb0DjEUi/KadDzzdsCc/auHYT07LSBlrm
+qn3+4r6u/YhYQjsmv3sOkc8gmWk0N9jam/jwY7RKxPgpXnnTHKfySV7l0KsR6Q3
2QY7duTobkh8maz7GprocgaX3DrouCHZvmcpuqSZDaSmB5/dSz7zqugBYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJpQ1Q8D6W64q6u4VCdCES087vbzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWxEVkR3UHBicmlycTdoVUowSVJMVHp1OXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAPi
MA0GCSqGSIb3DQEBCwUAA4IBAQBzR4a5KSuJ/HuEN9p5NI2ELOVTjXAOLN27jq2R
ziSQQ1lajPhbfGjjRU253lLNzjDpxVxYrDGxaEbCSjenwNDqAu/kDPvaMJHCMCYi
b9mE9BGJnn2wA7w6ILYoOtKpWEsuvB8dvRHN47uNl002vaKZulniaT7H1eRRilxf
mwemh1Eo/TGX7Uvsr5cs5D62b+y9WbN9XvQntOv58onDzqcO3TlOg/55Dy4dG++Y
iEDxo+gWFcd9W3vT3Wy4xp1iW5yQopujoQrZ9rsFH5ZyDv8I+UxNYdSenxlSHBF3
ZsS2nN7EDAPGkKVZpxsDvftU8hpS/jzo4sfT3r51ualaV2IS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org