Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGIO9abFk_p2ce6KkK96brDBzB0.roa
File:                     pGIO9abFk_p2ce6KkK96brDBzB0.roa (raw, json)
Hash identifier:          bZ1WcW+SccyIxjPxELGEoikVTP9fApdLbWpTctSACVs=
Subject key identifier:   A4:62:0E:F5:A6:C5:93:FA:76:71:EE:8A:90:AF:7A:6E:B0:C1:CC:1D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10DBA3DC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGIO9abFk_p2ce6KkK96brDBzB0.roa
Signing time:             Sat 01 Jan 2022 09:05:43 +0000
ROA not before:           Sat 01 Jan 2022 09:05:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212267
IP address blocks:        2a0e:b107:50::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 282829788 (0x10dba3dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4620ef5a6c593fa7671ee8a90af7a6eb0c1cc1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:55:69:b0:3b:4b:fd:8a:68:be:cd:ac:0b:a6:
                    76:34:34:28:23:15:b2:1d:2d:8f:4b:7d:33:35:eb:
                    70:55:c3:42:60:27:0d:3a:67:a8:bc:2b:28:aa:e2:
                    fd:1a:dc:24:26:f6:be:6c:65:d2:5e:92:8c:a9:08:
                    8e:6b:39:31:02:15:04:26:d6:7a:bb:fc:9a:85:b9:
                    37:37:60:0d:c7:4e:98:a2:b3:fa:9a:7a:ec:9b:7b:
                    ad:57:0b:e2:1e:8c:f5:91:17:89:52:ac:4d:b8:89:
                    d4:17:f2:ad:3e:4d:a2:39:d5:b8:60:a0:68:d3:da:
                    6c:48:23:fa:55:e2:c6:0b:7a:28:35:68:d6:e2:c9:
                    05:14:ee:8a:98:23:13:33:57:07:b5:e0:ad:a0:b8:
                    53:5e:31:ef:39:ed:64:61:92:2a:8b:7f:ca:75:aa:
                    21:fb:6d:1c:70:bd:8c:67:5e:9b:6a:aa:4f:7d:08:
                    61:fd:02:7f:db:cd:e6:88:5d:0e:7f:22:cb:ac:f7:
                    0e:25:e5:73:ef:62:cc:17:25:13:f6:f8:3e:8f:eb:
                    e8:7b:43:00:c6:4b:fa:44:75:5e:91:01:16:8c:57:
                    00:89:61:f2:0d:d6:35:60:a3:5f:a8:f6:12:e8:87:
                    22:90:3d:be:6c:a0:f0:36:f2:b3:e9:c3:c7:90:a1:
                    88:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:62:0E:F5:A6:C5:93:FA:76:71:EE:8A:90:AF:7A:6E:B0:C1:CC:1D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pGIO9abFk_p2ce6KkK96brDBzB0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:50::/44

    Signature Algorithm: sha256WithRSAEncryption
         b2:7b:0b:87:40:e5:d0:14:05:8a:fe:83:57:df:de:d6:c0:68:
         f4:7c:95:85:19:e4:cf:4f:d0:b9:11:8e:89:38:2e:dc:6b:13:
         df:14:e5:17:b2:22:6c:68:e5:d1:44:b5:b7:a0:b9:b7:6b:be:
         58:10:be:43:98:aa:e6:cf:2d:8b:ac:f0:ec:07:88:d0:bf:c8:
         9b:68:73:59:5d:6c:5e:73:9a:83:ff:58:b6:b0:b0:d0:4d:94:
         5d:7b:50:cd:47:8d:d7:1d:76:1f:e6:4e:fc:60:c5:10:03:48:
         b3:f7:3b:e5:59:88:b6:db:bc:ca:a4:a0:c3:85:59:37:c4:4e:
         63:6a:c8:d1:87:86:c8:23:d1:1d:ce:3d:09:53:8b:e2:d7:07:
         ff:6b:f8:0b:7a:5d:9e:67:9c:33:58:b9:ad:f8:1f:e2:7a:12:
         47:a5:e2:ac:d5:d1:fd:5d:c7:13:35:68:06:a8:a0:88:ac:08:
         ac:3c:17:cf:61:d4:8d:ba:84:74:02:4b:fc:fa:ea:58:d1:b4:
         37:2c:47:00:e5:a8:ba:a6:e0:72:ca:8d:91:77:da:75:d4:59:
         f5:95:03:78:1a:dc:1d:bb:83:ae:78:98:ff:fc:63:e8:72:22:
         e2:37:f8:a9:2c:a2:fc:eb:c4:a7:02:c2:05:4e:50:19:08:54:
         c5:a6:ee:89
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEENuj3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ2MjBlZjVhNmM1
OTNmYTc2NzFlZThhOTBhZjdhNmViMGMxY2MxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZVabA7S/2KaL7NrAumdjQ0KCMVsh0tj0t9MzXrcFXDQmAn
DTpnqLwrKKri/RrcJCb2vmxl0l6SjKkIjms5MQIVBCbWerv8moW5NzdgDcdOmKKz
+pp67Jt7rVcL4h6M9ZEXiVKsTbiJ1BfyrT5NojnVuGCgaNPabEgj+lXixgt6KDVo
1uLJBRTuipgjEzNXB7XgraC4U14x7zntZGGSKot/ynWqIfttHHC9jGdem2qqT30I
Yf0Cf9vN5ohdDn8iy6z3DiXlc+9izBclE/b4Po/r6HtDAMZL+kR1XpEBFoxXAIlh
8g3WNWCjX6j2EuiHIpA9vmyg8Dbys+nDx5ChiCsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSkYg71psWT+nZx7oqQr3pusMHMHTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3BHSU85YWJGa19wMmNlNktrSzk2YnJEQnpCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcAUDANBgkqhkiG9w0BAQsF
AAOCAQEAsnsLh0Dl0BQFiv6DV9/e1sBo9HyVhRnkz0/QuRGOiTgu3GsT3xTlF7Ii
bGjl0US1t6C5t2u+WBC+Q5iq5s8ti6zw7AeI0L/Im2hzWV1sXnOag/9YtrCw0E2U
XXtQzUeN1x12H+ZO/GDFEANIs/c75VmIttu8yqSgw4VZN8ROY2rI0YeGyCPRHc49
CVOL4tcH/2v4C3pdnmecM1i5rfgf4noSR6XirNXR/V3HEzVoBqigiKwIrDwXz2HU
jbqEdAJL/PrqWNG0NyxHAOWouqbgcsqNkXfaddRZ9ZUDeBrcHbuDrniY//xj6HIi
4jf4qSyi/OvEpwLCBU5QGQhUxabuiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:12 2024 by rpki-client on console-ams.rpki-client.org