Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pbAZvEEVkZ0nfGWtW5z88ZTxoQU.roa
File:                     pbAZvEEVkZ0nfGWtW5z88ZTxoQU.roa (raw, json)
Hash identifier:          wGcPi6e1bzjs3LO3A1geMsbYPSE3PpLo4GxBqroIXtM=
Subject key identifier:   A5:B0:19:BC:41:15:91:9D:27:7C:65:AD:5B:9C:FC:F1:94:F1:A1:05
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0184EA6CF8AE2D153FE24D33E13AB3215479
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pbAZvEEVkZ0nfGWtW5z88ZTxoQU.roa
Signing time:             Wed 07 Dec 2022 02:32:00 +0000
ROA not before:           Wed 07 Dec 2022 02:32:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212164
IP address blocks:        2a0e:b107:1d21::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ea:6c:f8:ae:2d:15:3f:e2:4d:33:e1:3a:b3:21:54:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec  7 02:32:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5b019bc4115919d277c65ad5b9cfcf194f1a105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:94:ac:21:b4:5c:3a:5d:ee:97:de:f8:15:cd:
                    3c:a0:cc:a8:37:7e:13:fa:f1:59:be:a4:3b:7c:5c:
                    4d:1c:72:ec:dc:71:e7:1c:0f:62:5f:4c:07:93:e0:
                    b2:52:be:bf:98:eb:7b:a3:26:74:8c:72:f1:8f:a2:
                    1e:b1:56:1f:8d:31:88:0a:a7:43:e0:d9:fa:a9:66:
                    c0:eb:75:24:0e:52:ca:e1:6a:2c:5e:36:ac:b7:08:
                    28:32:ee:0c:b7:2e:d3:0a:09:15:8c:1f:17:f1:ac:
                    c9:fd:fc:9f:a7:29:db:d8:29:f5:91:90:bc:19:93:
                    bd:3d:51:29:27:f4:0e:18:00:6c:73:f2:0e:96:9c:
                    e0:b2:a5:06:92:82:fe:3a:28:cd:11:70:b8:72:43:
                    b4:9e:2c:c2:74:15:7b:ca:a3:1b:84:09:2b:57:b3:
                    0f:76:95:0e:e3:5c:39:a4:67:70:c7:cc:0b:65:20:
                    42:c2:dc:5e:4a:1d:7e:6a:06:b5:df:e1:ec:83:f0:
                    57:fb:6c:89:f1:05:40:81:cc:18:9c:20:95:22:e9:
                    1d:de:80:aa:0a:df:fe:ca:4b:67:f3:b1:db:60:93:
                    e9:cd:08:23:74:22:16:90:f5:de:f3:5b:2a:37:d7:
                    d2:04:e3:95:43:78:d1:25:2a:94:1b:1b:d2:64:81:
                    57:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B0:19:BC:41:15:91:9D:27:7C:65:AD:5B:9C:FC:F1:94:F1:A1:05
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pbAZvEEVkZ0nfGWtW5z88ZTxoQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1d21::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:e4:51:ec:56:54:58:73:41:de:6e:fc:15:17:cc:cb:3f:da:
         ee:a8:cd:39:f4:6c:5b:d9:4e:50:cf:46:48:fd:a4:2a:69:5f:
         3b:f1:79:b3:6f:ab:6d:87:ae:a9:b7:19:ec:35:16:6a:f4:09:
         04:ca:16:85:29:bd:03:36:1e:de:99:ac:1d:a5:2f:ea:3f:90:
         da:9b:b6:1d:36:9e:e5:7a:77:6e:89:8b:cb:b0:02:a1:02:5d:
         b0:52:fd:46:a5:47:4a:42:a1:7a:8c:e8:8c:77:3c:77:1a:86:
         3c:26:ff:0e:de:13:e1:21:b2:74:da:dd:60:97:cf:59:41:7d:
         60:28:d9:2d:c3:28:d0:15:a0:17:ac:3f:f7:af:b9:62:46:75:
         ca:c7:18:5a:ea:63:18:89:b8:d2:a6:6e:ad:6b:8a:7d:96:27:
         0a:a6:8c:94:a9:11:b4:81:07:74:c4:4c:79:2d:80:61:a0:6f:
         27:89:e7:65:a0:d1:0c:8e:6d:94:04:18:81:c0:cb:45:6d:06:
         81:74:91:33:31:de:52:86:ec:7a:f0:0a:16:1d:e0:bf:e6:1f:
         92:b1:6b:c0:eb:6d:d5:07:36:8a:7b:1d:67:7a:74:2a:7c:d1:
         28:23:7d:f8:6d:5c:e7:72:34:62:35:25:ba:29:b3:17:8c:d8:
         19:5b:81:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTqbPiuLRU/4k0z4TqzIVR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA3MDIzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIwMTliYzQxMTU5MTlkMjc3YzY1YWQ1YjljZmNmMTk0ZjFhMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5SsIbRcOl3ul974Fc08oMyoN34T
+vFZvqQ7fFxNHHLs3HHnHA9iX0wHk+CyUr6/mOt7oyZ0jHLxj6IesVYfjTGICqdD
4Nn6qWbA63UkDlLK4WosXjastwgoMu4Mty7TCgkVjB8X8azJ/fyfpynb2Cn1kZC8
GZO9PVEpJ/QOGABsc/IOlpzgsqUGkoL+OijNEXC4ckO0nizCdBV7yqMbhAkrV7MP
dpUO41w5pGdwx8wLZSBCwtxeSh1+aga13+Hsg/BX+2yJ8QVAgcwYnCCVIukd3oCq
Ct/+yktn87HbYJPpzQgjdCIWkPXe81sqN9fSBOOVQ3jRJSqUGxvSZIFXcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKWwGbxBFZGdJ3xlrVuc/PGU8aEFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcGJBWnZFRVZrWjBuZkdXdFc1ejg4WlR4b1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0h
MA0GCSqGSIb3DQEBCwUAA4IBAQCU5FHsVlRYc0HebvwVF8zLP9ruqM059Gxb2U5Q
z0ZI/aQqaV878Xmzb6tth66ptxnsNRZq9AkEyhaFKb0DNh7emawdpS/qP5Dam7Yd
Np7lenduiYvLsAKhAl2wUv1GpUdKQqF6jOiMdzx3GoY8Jv8O3hPhIbJ02t1gl89Z
QX1gKNktwyjQFaAXrD/3r7liRnXKxxha6mMYibjSpm6ta4p9licKpoyUqRG0gQd0
xEx5LYBhoG8niedloNEMjm2UBBiBwMtFbQaBdJEzMd5Shux68AoWHeC/5h+SsWvA
623VBzaKex1nenQqfNEoI334bVzncjRiNSW6KbMXjNgZW4FZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:31 2024 by rpki-client on console-ams.rpki-client.org