Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o9mqZIdys06UsXhBVuHXdW97G0w.roa
File:                     o9mqZIdys06UsXhBVuHXdW97G0w.roa (raw, json)
Hash identifier:          Asf4jOwPtLe/6Hasvdvu0S1PG5wPSwW2lhW67s4pHTA=
Subject key identifier:   A3:D9:AA:64:87:72:B3:4E:94:B1:78:41:56:E1:D7:75:6F:7B:1B:4C
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01843DF0F100BC045C081299DD4EAC0F70CE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o9mqZIdys06UsXhBVuHXdW97G0w.roa
Signing time:             Thu 03 Nov 2022 14:41:51 +0000
ROA not before:           Thu 03 Nov 2022 14:41:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211139
IP address blocks:        2a0e:b107:1910::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3d:f0:f1:00:bc:04:5c:08:12:99:dd:4e:ac:0f:70:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov  3 14:41:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a3d9aa648772b34e94b1784156e1d7756f7b1b4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:d8:e5:e4:2c:63:ee:c5:be:f1:9b:eb:47:ff:
                    ab:b3:21:3d:90:03:9d:ac:11:d9:5f:4f:31:ce:3d:
                    6e:b6:d6:3d:72:69:a2:61:9b:61:f3:da:e6:8b:41:
                    f8:19:32:0c:9c:db:7b:3a:d8:24:8c:7e:5d:8e:ad:
                    5d:be:23:77:3f:d2:fb:4d:40:2d:e3:93:ea:64:96:
                    d3:d8:ca:af:94:5e:ac:68:e3:29:4e:39:61:bf:a6:
                    c4:87:8a:10:fd:21:42:e3:c7:6e:4a:6e:73:42:9d:
                    b0:1b:71:82:16:80:06:f3:73:25:dd:62:e4:43:98:
                    01:6b:0f:e0:9a:9d:04:a4:ae:b0:28:fe:ed:26:2b:
                    dd:19:0d:27:cd:1c:c3:63:ad:7a:05:dc:8e:cc:74:
                    c3:82:4b:86:d4:12:06:30:f5:13:26:a1:91:4a:be:
                    2c:fc:f2:d8:ae:92:ba:2d:0c:8f:e0:6a:f5:35:fe:
                    5e:af:be:bf:c6:95:5d:19:5e:0e:3a:16:f6:68:ea:
                    9e:17:46:57:19:f6:a4:1f:ae:62:6f:a1:ce:88:8c:
                    f1:d8:b3:4a:1f:8e:b5:9e:33:a0:67:ba:bb:b7:90:
                    17:a4:e4:de:88:f8:1d:01:28:57:45:22:29:4e:1c:
                    cd:5a:6b:8d:09:52:a8:56:b1:78:5c:26:c9:09:0b:
                    84:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D9:AA:64:87:72:B3:4E:94:B1:78:41:56:E1:D7:75:6F:7B:1B:4C
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o9mqZIdys06UsXhBVuHXdW97G0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1910::/44

    Signature Algorithm: sha256WithRSAEncryption
         ac:6c:b4:c9:f2:d6:ba:7e:13:98:95:0d:69:af:65:77:f1:96:
         b1:81:ae:cd:ed:29:b5:4e:24:7a:6d:34:11:b9:44:b3:de:ee:
         8e:f1:0a:7b:82:05:c1:79:fb:c3:ba:c9:da:37:b1:a2:9b:a1:
         c6:b1:fd:e6:8a:52:6f:d5:52:c0:a7:08:85:c2:38:88:f0:bd:
         11:02:1d:32:cf:04:6d:48:f6:30:7f:9b:57:9b:92:12:b4:89:
         cb:f6:dd:6a:ff:a5:48:75:99:32:df:e5:da:1c:43:e2:1d:7e:
         88:07:d0:ba:7f:19:6f:6d:6a:3b:fe:a0:2b:1a:a0:59:e9:5a:
         1f:78:09:ae:a3:bc:67:b7:23:e5:19:3a:03:ae:65:96:6e:ad:
         73:31:52:73:79:b2:ae:aa:9c:03:fb:fd:a3:e2:f7:f6:4f:d9:
         3c:d6:3c:07:5a:2f:be:2d:32:cb:61:86:1b:0b:9e:13:8e:98:
         d2:29:b4:bb:70:57:f3:ea:33:e1:65:78:2e:61:6e:9a:90:91:
         fb:51:b4:46:b9:75:8c:0c:a3:92:c0:3f:3a:35:ec:48:3c:46:
         cd:30:5b:89:7a:ce:b3:94:19:d3:99:7c:75:b3:c9:b3:e8:99:
         0b:9b:a6:4a:3b:8b:65:3c:4f:c7:83:2b:57:82:5b:73:db:0b:
         9c:8a:48:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQ98PEAvARcCBKZ3U6sD3DOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTAzMTQ0MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5YWE2NDg3NzJiMzRlOTRiMTc4NDE1NmUxZDc3NTZmN2IxYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitjl5Cxj7sW+8ZvrR/+rsyE9kAOd
rBHZX08xzj1uttY9cmmiYZth89rmi0H4GTIMnNt7OtgkjH5djq1dviN3P9L7TUAt
45PqZJbT2MqvlF6saOMpTjlhv6bEh4oQ/SFC48duSm5zQp2wG3GCFoAG83Ml3WLk
Q5gBaw/gmp0EpK6wKP7tJivdGQ0nzRzDY616BdyOzHTDgkuG1BIGMPUTJqGRSr4s
/PLYrpK6LQyP4Gr1Nf5er76/xpVdGV4OOhb2aOqeF0ZXGfakH65ib6HOiIzx2LNK
H461njOgZ7q7t5AXpOTeiPgdAShXRSIpThzNWmuNCVKoVrF4XCbJCQuE/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKPZqmSHcrNOlLF4QVbh13VvextMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbzltcVpJZHlzMDZVc1hoQlZ1SFhkVzk3RzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCsbLTJ8ta6fhOYlQ1pr2V38Zaxga7N7Sm1TiR6
bTQRuUSz3u6O8Qp7ggXBefvDusnaN7Gim6HGsf3milJv1VLApwiFwjiI8L0RAh0y
zwRtSPYwf5tXm5IStInL9t1q/6VIdZky3+XaHEPiHX6IB9C6fxlvbWo7/qArGqBZ
6VofeAmuo7xntyPlGToDrmWWbq1zMVJzebKuqpwD+/2j4vf2T9k81jwHWi++LTLL
YYYbC54TjpjSKbS7cFfz6jPhZXguYW6akJH7UbRGuXWMDKOSwD86NexIPEbNMFuJ
es6zlBnTmXx1s8mz6JkLm6ZKO4tlPE/HgytXgltz2wucikhj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org