Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rSoFfjZjissQ1kaoMrTBeRHbuUc.roa
File:                     rSoFfjZjissQ1kaoMrTBeRHbuUc.roa (raw, json)
Hash identifier:          QhD5t5Oa1OQ7VHi2uV3QxJZUb0jBJB47o6ipSH7HWew=
Subject key identifier:   AD:2A:05:7E:36:63:8A:CB:10:D6:46:A8:32:B4:C1:79:11:DB:B9:47
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       13A3D4E9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rSoFfjZjissQ1kaoMrTBeRHbuUc.roa
Signing time:             Sun 10 Apr 2022 15:20:03 +0000
ROA not before:           Sun 10 Apr 2022 15:20:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49367
IP address blocks:        2a10:cc41:100::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 329503977 (0x13a3d4e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 10 15:20:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad2a057e36638acb10d646a832b4c17911dbb947
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:96:89:54:fb:df:96:15:6b:1c:26:25:e5:f6:
                    82:22:2e:82:ab:2c:7c:1f:fd:6c:2c:b2:16:3b:41:
                    12:af:02:1e:fe:69:99:9e:18:fc:6b:bf:18:ec:49:
                    84:68:e5:ae:cc:a1:71:15:fb:73:d5:42:ed:a6:32:
                    f3:34:f7:b2:a0:1d:bc:36:81:f6:95:c9:c9:54:23:
                    fd:00:8f:87:fd:e8:d2:b2:c1:5a:e6:c6:f0:b0:80:
                    42:38:49:3d:64:64:82:9b:19:dc:90:3c:71:7a:1d:
                    72:a2:cd:19:2a:ce:00:bf:47:16:d8:64:81:16:fb:
                    0c:f4:3b:40:e5:c5:57:4d:54:45:37:32:fe:7c:e0:
                    7a:72:f9:d9:03:aa:d5:e4:5b:f5:fe:42:4e:0c:82:
                    0c:bf:c6:4a:fd:99:f9:1e:5c:56:b2:68:5e:0d:7e:
                    8c:b3:cc:33:92:0f:d6:15:1e:d6:e8:aa:e7:43:eb:
                    66:9d:e6:e7:be:97:bf:8c:74:fd:08:d7:01:01:7f:
                    85:5c:bd:af:24:09:17:63:44:d6:e8:d8:02:29:c2:
                    06:0e:a6:8f:b3:d3:71:3f:de:92:aa:5a:bb:ca:19:
                    f6:a8:89:02:a7:5d:ee:ee:bd:c7:87:d5:84:eb:d5:
                    f0:52:12:d3:17:81:5f:7c:d7:f7:c4:a7:5b:0a:97:
                    de:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:2A:05:7E:36:63:8A:CB:10:D6:46:A8:32:B4:C1:79:11:DB:B9:47
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rSoFfjZjissQ1kaoMrTBeRHbuUc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc41:100::/44

    Signature Algorithm: sha256WithRSAEncryption
         5c:7b:89:8f:fb:1f:9d:91:76:27:fd:3a:18:f3:ed:3f:43:e5:
         56:0f:7e:7a:01:a1:d7:05:ce:a6:76:d3:bd:99:8b:44:2e:e5:
         52:5a:5d:0a:d6:79:bc:75:91:f4:74:a9:27:31:fb:b3:fe:9c:
         f4:9a:5e:59:cf:6d:50:3d:4d:4f:02:fd:ad:6c:2a:95:4d:16:
         a3:d3:dd:c4:7f:fd:29:e5:33:06:d9:9d:cd:17:b6:a0:13:e5:
         a6:53:ad:81:bd:1b:95:cb:89:d6:65:10:2c:bd:86:8c:9d:91:
         d0:8d:62:0b:73:ff:f5:b2:e5:4d:ff:93:5c:65:96:48:97:46:
         c3:76:8c:69:75:12:b9:b3:ab:70:cd:4e:c4:da:c1:db:ce:58:
         fd:0e:32:d5:48:95:d8:f9:30:e6:3c:6c:14:a5:f1:3c:3a:87:
         94:fb:a6:c7:a5:2c:5e:76:d5:9f:20:6a:18:95:5a:0d:86:01:
         36:68:64:48:e5:68:de:a8:4a:9c:06:97:dc:e3:77:42:f6:4b:
         ad:86:c3:04:b0:7e:f1:d3:4d:19:d6:0e:d3:a8:a5:32:3c:72:
         e7:b5:7e:9d:11:f5:e3:17:cf:82:9f:ff:e3:47:a4:3f:77:aa:
         88:32:eb:d8:53:96:50:51:40:e8:8e:6e:9d:44:93:c7:bd:e1:
         ad:7f:19:1b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE6PU6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQx
MDE1MjAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQyYTA1N2UzNjYz
OGFjYjEwZDY0NmE4MzJiNGMxNzkxMWRiYjk0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKWiVT735YVaxwmJeX2giIugqssfB/9bCyyFjtBEq8CHv5p
mZ4Y/Gu/GOxJhGjlrsyhcRX7c9VC7aYy8zT3sqAdvDaB9pXJyVQj/QCPh/3o0rLB
WubG8LCAQjhJPWRkgpsZ3JA8cXodcqLNGSrOAL9HFthkgRb7DPQ7QOXFV01URTcy
/nzgenL52QOq1eRb9f5CTgyCDL/GSv2Z+R5cVrJoXg1+jLPMM5IP1hUe1uiq50Pr
Zp3m576Xv4x0/QjXAQF/hVy9ryQJF2NE1ujYAinCBg6mj7PTcT/ekqpau8oZ9qiJ
Aqdd7u69x4fVhOvV8FIS0xeBX3zX98SnWwqX3n8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBStKgV+NmOKyxDWRqgytMF5Edu5RzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3JTb0ZmalpqaXNzUTFrYW9NclRCZVJIYnVVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQzEEBADANBgkqhkiG9w0BAQsF
AAOCAQEAXHuJj/sfnZF2J/06GPPtP0PlVg9+egGh1wXOpnbTvZmLRC7lUlpdCtZ5
vHWR9HSpJzH7s/6c9JpeWc9tUD1NTwL9rWwqlU0Wo9PdxH/9KeUzBtmdzRe2oBPl
plOtgb0blcuJ1mUQLL2GjJ2R0I1iC3P/9bLlTf+TXGWWSJdGw3aMaXUSubOrcM1O
xNrB285Y/Q4y1UiV2Pkw5jxsFKXxPDqHlPumx6UsXnbVnyBqGJVaDYYBNmhkSOVo
3qhKnAaX3ON3QvZLrYbDBLB+8dNNGdYO06ilMjxy57V+nRH14xfPgp//40ekP3eq
iDLr2FOWUFFA6I5unUSTx73hrX8ZGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:32 2024 by rpki-client on console-ams.rpki-client.org