Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oR0oU0fnt2zDYtJl-NSj_fZLCcQ.roa
File:                     oR0oU0fnt2zDYtJl-NSj_fZLCcQ.roa (raw, json)
Hash identifier:          gjhFk7NqD/GKxILb5vOgsseP3C2ITAobWBVTvpcHbcY=
Subject key identifier:   A1:1D:28:53:47:E7:B7:6C:C3:62:D2:65:F8:D4:A3:FD:F6:4B:09:C4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0181E22E743095E69971BBFCA0328231A29A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oR0oU0fnt2zDYtJl-NSj_fZLCcQ.roa
Signing time:             Sat 09 Jul 2022 08:58:24 +0000
ROA not before:           Sat 09 Jul 2022 08:58:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211305
IP address blocks:        2a0e:97c0:385::/48 maxlen: 48
                          2a0e:97c0:380::/48 maxlen: 48
                          2a0e:97c0:383::/48 maxlen: 48
                          2a0e:97c0:381::/48 maxlen: 48
                          2a0e:97c0:384::/48 maxlen: 48
                          2a0e:97c0:382::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:e2:2e:74:30:95:e6:99:71:bb:fc:a0:32:82:31:a2:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jul  9 08:58:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a11d285347e7b76cc362d265f8d4a3fdf64b09c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:63:8c:72:69:65:4b:30:9e:44:b7:a8:c6:22:
                    e8:7e:49:15:a1:ff:cc:ae:96:59:d0:3e:b7:2b:77:
                    33:64:09:d9:a3:f1:90:09:ff:bb:09:8e:77:c6:47:
                    c6:c4:91:a2:03:0b:87:99:bf:1d:0c:c2:6c:49:82:
                    d4:a6:6f:71:9e:88:61:2f:34:3b:ff:78:21:98:0c:
                    9a:15:07:fd:40:73:29:6b:b0:fb:82:04:57:78:3c:
                    e2:ba:0e:ba:b5:a2:02:1e:2b:47:36:72:fb:af:21:
                    fc:61:51:be:c2:ef:c1:f7:39:a8:18:3f:fc:03:0c:
                    9a:2f:c2:1a:43:19:0e:fe:01:17:3b:f3:c0:bf:da:
                    0b:b4:72:5c:dd:be:75:c2:21:15:7b:b4:8e:c0:2d:
                    64:d0:ad:1e:6a:91:3b:f2:ea:67:0d:7e:e7:0b:3d:
                    f1:36:bd:1e:5f:62:3c:68:b7:d6:a7:5e:ca:7a:fd:
                    34:de:d4:5a:6b:2e:cd:5e:ce:3d:83:e4:97:b5:a3:
                    1e:6a:8d:15:0c:91:2b:99:48:4f:e8:74:5d:4c:65:
                    9d:11:00:ec:fe:51:2f:fb:38:6b:59:c9:db:7d:01:
                    fe:4b:61:ea:8e:05:b6:3a:e0:a6:0f:e3:fa:06:c7:
                    39:86:b2:c8:00:1e:14:be:cb:6a:dd:02:11:32:b5:
                    ed:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:1D:28:53:47:E7:B7:6C:C3:62:D2:65:F8:D4:A3:FD:F6:4B:09:C4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oR0oU0fnt2zDYtJl-NSj_fZLCcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:380::-2a0e:97c0:385:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         3b:fb:d6:c5:49:dd:01:5f:77:43:13:e8:b5:3e:9a:6b:69:b6:
         a7:b0:60:dc:d6:ec:3c:6d:b9:29:82:11:a3:40:c1:f6:10:c9:
         22:d7:5c:8a:9b:17:10:7e:7c:d7:10:60:34:d5:76:7c:cf:84:
         86:c8:27:a9:36:c0:fe:77:7f:34:3e:6f:67:22:a5:25:35:14:
         82:44:a5:db:76:19:de:82:ed:77:98:02:14:d1:b0:25:76:cd:
         4f:f2:09:02:2e:ae:94:d8:33:57:26:31:5d:e9:f6:59:8b:cf:
         7b:2c:27:fa:c1:df:07:92:e8:f4:e2:8c:a0:b8:1e:4f:87:d7:
         c3:24:38:2a:47:7e:19:60:4c:1b:83:4d:75:30:4e:fe:69:8c:
         83:77:56:6d:84:1a:c5:d1:e3:da:6b:47:12:f3:c6:d0:22:6e:
         95:4d:d3:85:f8:36:04:4b:39:66:99:e6:ad:5e:0b:52:2a:d5:
         42:3a:ae:bd:7b:c4:39:3f:8c:38:85:5e:94:ae:63:13:47:8d:
         0b:62:3a:13:15:51:a1:76:6d:93:d0:17:aa:db:58:f0:df:68:
         b5:73:f7:aa:6a:08:de:e4:e1:7e:46:61:da:1c:09:00:a8:de:
         6d:fd:3f:6f:b6:00:9a:4d:a1:c9:14:b8:d7:5e:1e:8f:40:61:
         cf:a7:dd:ad
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYHiLnQwleaZcbv8oDKCMaKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzA5MDg1ODI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFkMjg1MzQ3ZTdiNzZjYzM2MmQyNjVmOGQ0YTNmZGY2NGIwOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12OMcmllSzCeRLeoxiLofkkVof/M
rpZZ0D63K3czZAnZo/GQCf+7CY53xkfGxJGiAwuHmb8dDMJsSYLUpm9xnohhLzQ7
/3ghmAyaFQf9QHMpa7D7ggRXeDziug66taICHitHNnL7ryH8YVG+wu/B9zmoGD/8
AwyaL8IaQxkO/gEXO/PAv9oLtHJc3b51wiEVe7SOwC1k0K0eapE78upnDX7nCz3x
Nr0eX2I8aLfWp17Kev003tRaay7NXs49g+SXtaMeao0VDJErmUhP6HRdTGWdEQDs
/lEv+zhrWcnbfQH+S2HqjgW2OuCmD+P6Bsc5hrLIAB4Uvstq3QIRMrXtawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKEdKFNH57dsw2LSZfjUo/32SwnEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb1Iwb1UwZm50MnpEWXRKbC1OU2pfZlpMQ2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDpfA
A4ADBwEqDpfAA4QwDQYJKoZIhvcNAQELBQADggEBADv71sVJ3QFfd0MT6LU+mmtp
tqewYNzW7DxtuSmCEaNAwfYQySLXXIqbFxB+fNcQYDTVdnzPhIbIJ6k2wP53fzQ+
b2cipSU1FIJEpdt2Gd6C7XeYAhTRsCV2zU/yCQIurpTYM1cmMV3p9lmLz3ssJ/rB
3weS6PTijKC4Hk+H18MkOCpHfhlgTBuDTXUwTv5pjIN3Vm2EGsXR49prRxLzxtAi
bpVN04X4NgRLOWaZ5q1eC1Iq1UI6rr17xDk/jDiFXpSuYxNHjQtiOhMVUaF2bZPQ
F6rbWPDfaLVz96pqCN7k4X5GYdocCQCo3m39P2+2AJpNockUuNdeHo9AYc+n3a0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org