Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oxgALCu7DQbjb2cJ9_LjABN68nI.roa
File:                     oxgALCu7DQbjb2cJ9_LjABN68nI.roa (raw, json)
Hash identifier:          VEP7vHw732kpAw0SHqNSYE7qe4bYgqhFYLOLuRRPM/w=
Subject key identifier:   A3:18:00:2C:2B:BB:0D:06:E3:6F:67:09:F7:F2:E3:00:13:7A:F2:72
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0184BA2846F98A4E910408C57B04F7DBAEF6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oxgALCu7DQbjb2cJ9_LjABN68nI.roa
Signing time:             Sun 27 Nov 2022 17:35:12 +0000
ROA not before:           Sun 27 Nov 2022 17:35:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202427
IP address blocks:        2a0e:97c0:5bd::/48 maxlen: 48
                          2a0e:97c0:5b0::/44 maxlen: 48
                          2a0e:97c0:5b8::/48 maxlen: 48
                          2a0e:97c0:5b3::/48 maxlen: 48
                          2a0e:97c0:5be::/48 maxlen: 48
                          2a0e:97c0:5b1::/48 maxlen: 48
                          2a0e:97c0:5bc::/48 maxlen: 48
                          2a0e:97c0:5b7::/48 maxlen: 48
                          2a0e:97c0:5b2::/48 maxlen: 48
                          2a0e:97c0:5b5::/48 maxlen: 48
                          2a0e:97c0:5b0::/48 maxlen: 48
                          2a0e:97c0:5bb::/48 maxlen: 48
                          2a0e:97c0:5b6::/48 maxlen: 48
                          2a0e:97c0:5b9::/48 maxlen: 48
                          2a0e:97c0:5b4::/48 maxlen: 48
                          2a0e:97c0:5bf::/48 maxlen: 48
                          2a0e:97c0:5ba::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ba:28:46:f9:8a:4e:91:04:08:c5:7b:04:f7:db:ae:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 27 17:35:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a318002c2bbb0d06e36f6709f7f2e300137af272
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:5a:d9:22:f5:6f:46:06:40:b1:18:c7:86:1e:
                    83:1a:d3:4c:4d:64:df:46:fd:61:af:78:bb:e5:7d:
                    20:ac:f0:62:9c:87:1b:bc:7d:36:f7:32:db:92:43:
                    e5:41:37:27:68:6b:80:fe:82:aa:f9:34:34:0d:f1:
                    2c:f3:32:9a:f9:12:bc:5f:69:4f:f4:a7:3c:8e:32:
                    af:b4:16:39:5e:38:f1:f2:23:4c:64:39:04:4d:06:
                    2b:66:68:47:16:10:91:7f:5f:e2:10:2f:ca:f9:9e:
                    bd:ab:bb:29:95:4d:93:54:77:82:2f:3e:3b:24:ea:
                    1c:94:e7:ee:ef:46:1c:f6:13:b0:e4:03:7c:d3:c3:
                    cd:74:ff:76:29:69:fb:c1:28:1c:64:53:d0:77:1e:
                    5f:73:91:2e:d5:2f:58:8b:03:13:af:41:7c:23:64:
                    c8:40:3a:8e:28:40:3c:62:91:04:5c:4e:04:ba:bf:
                    98:11:75:4a:7b:3a:3f:95:66:b4:11:22:bf:0b:72:
                    cb:1e:e0:ad:e9:f2:fb:11:e5:7f:7f:08:51:ac:f8:
                    a2:4b:82:45:76:8c:b8:ac:fa:84:0e:f3:16:64:80:
                    7a:16:44:05:f6:da:97:5d:c9:fd:fa:7f:63:30:af:
                    34:05:94:ec:99:9c:0c:03:3b:80:01:1b:37:71:11:
                    dc:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:18:00:2C:2B:BB:0D:06:E3:6F:67:09:F7:F2:E3:00:13:7A:F2:72
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oxgALCu7DQbjb2cJ9_LjABN68nI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:5b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         99:77:07:a0:28:be:64:7b:79:6e:5b:c1:dc:2f:92:11:8f:a0:
         04:5f:0a:29:e2:6a:95:e9:cf:04:26:3e:6e:a9:ac:1e:ad:48:
         35:8b:95:69:e5:c4:20:19:e8:5f:7d:9d:d7:6a:b7:88:0d:64:
         bb:34:8d:ff:ac:ce:ba:ec:d3:13:5b:86:57:7d:55:72:7e:4f:
         93:d1:4a:42:7f:e0:cc:a4:a6:db:ed:58:9a:ae:cd:00:8e:08:
         88:5e:13:bd:4e:9e:cd:e5:d1:ff:01:51:91:d9:04:da:9a:d6:
         64:55:96:4f:fe:e6:b4:82:4a:24:4d:7c:ae:df:eb:3f:82:7e:
         fc:70:d4:a9:78:bb:3f:7b:23:d4:65:2c:c6:a1:04:eb:11:a5:
         43:f7:5d:ce:d1:41:1a:ee:66:32:0d:6e:16:45:8b:11:45:cb:
         75:5a:5a:8a:82:10:72:64:0a:d9:52:41:a8:c5:08:f7:dc:b9:
         5b:63:e6:63:6a:99:30:29:15:8b:dd:78:1b:ea:49:ac:4c:c6:
         76:61:08:a4:65:27:61:8f:b9:b2:91:46:95:14:24:d0:f0:5b:
         e2:63:5b:f5:c5:2b:46:3f:81:0e:43:7c:be:a8:a5:a2:c3:41:
         2c:3d:e2:1a:e1:df:92:dd:fd:14:06:bd:5d:94:10:f3:bc:f8:
         64:c3:63:ee
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYS6KEb5ik6RBAjFewT32672MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTI3MTczNTEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE4MDAyYzJiYmIwZDA2ZTM2ZjY3MDlmN2YyZTMwMDEzN2FmMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVrZIvVvRgZAsRjHhh6DGtNMTWTf
Rv1hr3i75X0grPBinIcbvH029zLbkkPlQTcnaGuA/oKq+TQ0DfEs8zKa+RK8X2lP
9Kc8jjKvtBY5Xjjx8iNMZDkETQYrZmhHFhCRf1/iEC/K+Z69q7splU2TVHeCLz47
JOoclOfu70Yc9hOw5AN808PNdP92KWn7wSgcZFPQdx5fc5Eu1S9YiwMTr0F8I2TI
QDqOKEA8YpEEXE4Eur+YEXVKezo/lWa0ESK/C3LLHuCt6fL7EeV/fwhRrPiiS4JF
doy4rPqEDvMWZIB6FkQF9tqXXcn9+n9jMK80BZTsmZwMAzuAARs3cRHcWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKMYACwruw0G429nCffy4wATevJyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb3hnQUxDdTdEUWJqYjJjSjlfTGpBQk42OG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAWw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZdwegKL5ke3luW8HcL5IRj6AEXwop4mqV6c8E
Jj5uqawerUg1i5Vp5cQgGehffZ3XareIDWS7NI3/rM667NMTW4ZXfVVyfk+T0UpC
f+DMpKbb7Viars0AjgiIXhO9Tp7N5dH/AVGR2QTamtZkVZZP/ua0gkokTXyu3+s/
gn78cNSpeLs/eyPUZSzGoQTrEaVD913O0UEa7mYyDW4WRYsRRct1WlqKghByZArZ
UkGoxQj33LlbY+ZjapkwKRWL3Xgb6kmsTMZ2YQikZSdhj7mykUaVFCTQ8FviY1v1
xStGP4EOQ3y+qKWiw0EsPeIa4d+S3f0UBr1dlBDzvPhkw2Pu
-----END CERTIFICATE-----