Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rnSbuvKm0pE69ipz0VHbGp3Jk8c.roa
File:                     rnSbuvKm0pE69ipz0VHbGp3Jk8c.roa (raw, json)
Hash identifier:          uyETS42EZgQ/PTqBE/sWXviUwZinosKmDn3wHBbrtq0=
Subject key identifier:   AE:74:9B:BA:F2:A6:D2:91:3A:F6:2A:73:D1:51:DB:1A:9D:C9:93:C7
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10970038
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rnSbuvKm0pE69ipz0VHbGp3Jk8c.roa
Signing time:             Sat 01 Jan 2022 09:05:04 +0000
ROA not before:           Sat 01 Jan 2022 09:05:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205977
IP address blocks:        2a0e:b107:760::/48 maxlen: 48
                          2a0e:b107:765::/48 maxlen: 48
                          2a0e:b107:76a::/48 maxlen: 48
                          2a0e:b107:76f::/48 maxlen: 48
                          2a10:2f00:120::/48 maxlen: 48
                          2a0e:b107:764::/48 maxlen: 48
                          2a0e:b107:769::/48 maxlen: 48
                          2a0e:b107:76e::/48 maxlen: 48
                          2a0e:b107:763::/48 maxlen: 48
                          2a0e:b107:768::/48 maxlen: 48
                          2a0e:b107:76d::/48 maxlen: 48
                          2a0e:b107:760::/44 maxlen: 48
                          2a0e:b107:762::/48 maxlen: 48
                          2a0e:b107:767::/48 maxlen: 48
                          2a0e:b107:76c::/48 maxlen: 48
                          2a0e:b107:761::/48 maxlen: 48
                          2a0e:b107:766::/48 maxlen: 48
                          2a09:4c2:2c::/48 maxlen: 48
                          2a0e:b107:76b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 278331448 (0x10970038)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae749bbaf2a6d2913af62a73d151db1a9dc993c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d0:21:65:9d:2c:ed:5e:57:7a:2f:ec:bb:1f:
                    af:42:0c:5e:cc:7a:13:f3:d3:70:3d:03:7f:a7:73:
                    a2:d0:a4:90:71:21:ae:53:7b:e4:8c:88:e8:af:69:
                    c2:68:dd:70:65:41:48:cb:f7:86:1c:95:b8:b7:96:
                    82:da:b8:7d:8b:16:d1:c2:25:be:22:27:cf:52:26:
                    dc:4b:ad:77:99:59:61:ea:28:7e:7b:2f:09:62:9a:
                    16:06:5c:3f:2e:b4:9f:bb:6d:84:7b:80:72:4a:5b:
                    13:46:c8:f6:49:20:01:a6:c4:c9:f2:1d:2d:63:97:
                    ed:db:8c:55:ad:22:27:94:6d:68:58:57:dd:dc:40:
                    22:57:f6:43:29:5c:bb:43:1b:ed:1b:67:41:32:04:
                    0e:1c:af:de:0d:e4:68:4c:76:83:f1:f6:4f:19:32:
                    9f:53:c4:16:1d:c3:f3:b7:3b:69:de:43:1c:5c:a0:
                    58:e9:28:2c:70:17:a5:74:ee:0e:48:de:de:cd:df:
                    0c:5a:70:41:e7:8f:9f:ea:99:cb:20:8f:3d:39:11:
                    4c:38:f7:93:8e:ad:63:ea:99:8d:69:2e:95:3b:87:
                    ca:28:5a:ae:8f:cb:aa:55:95:63:1f:83:89:ba:23:
                    a4:e8:fb:f1:08:93:ff:47:b4:e9:47:d9:71:de:fd:
                    c5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:74:9B:BA:F2:A6:D2:91:3A:F6:2A:73:D1:51:DB:1A:9D:C9:93:C7
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rnSbuvKm0pE69ipz0VHbGp3Jk8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:4c2:2c::/48
                  2a0e:b107:760::/44
                  2a10:2f00:120::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:19:b3:60:da:5f:2a:97:5a:8b:2e:5c:81:59:62:08:58:f1:
         22:36:89:96:ad:42:8b:b9:79:4b:72:36:56:df:25:18:76:82:
         7d:42:ea:9c:70:b4:50:ab:91:e1:91:88:14:b6:e3:bd:85:3d:
         6f:e0:5c:24:e8:2f:dd:9a:a4:bd:a3:6d:8c:0c:a3:49:77:c7:
         11:4e:2c:11:b8:34:d5:ba:84:00:d8:67:25:28:4c:99:1c:56:
         bd:89:70:52:fe:72:aa:ed:d7:ef:f9:08:33:e9:41:d1:c0:fe:
         ae:62:31:34:a7:59:1d:30:6f:a4:aa:b6:59:31:46:38:37:62:
         1d:22:ff:5d:fb:91:6b:a2:63:f4:1c:26:1b:e6:c6:6c:6c:91:
         82:96:09:49:85:e4:00:84:48:08:3f:8c:54:ca:b1:7a:6e:80:
         25:72:ee:1b:b8:65:99:c6:dd:ff:d3:31:81:4c:f3:9d:50:00:
         d0:ac:f7:6a:4e:0a:16:a7:01:07:e3:d5:ea:84:c7:de:97:a6:
         93:9c:58:3a:91:3b:6d:57:f4:2c:3b:3e:d6:e1:70:d2:ef:ad:
         f9:82:94:76:5b:90:51:79:c9:bd:ad:d3:71:92:a0:c7:3a:aa:
         39:70:d8:87:1f:af:72:36:0a:e6:68:8c:5c:1a:b0:d9:a9:f6:
         08:a7:23:d6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEJcAODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU3NDliYmFmMmE2
ZDI5MTNhZjYyYTczZDE1MWRiMWE5ZGM5OTNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjQIWWdLO1eV3ov7Lsfr0IMXsx6E/PTcD0Df6dzotCkkHEh
rlN75IyI6K9pwmjdcGVBSMv3hhyVuLeWgtq4fYsW0cIlviInz1Im3Eutd5lZYeoo
fnsvCWKaFgZcPy60n7tthHuAckpbE0bI9kkgAabEyfIdLWOX7duMVa0iJ5RtaFhX
3dxAIlf2Qylcu0Mb7RtnQTIEDhyv3g3kaEx2g/H2Txkyn1PEFh3D87c7ad5DHFyg
WOkoLHAXpXTuDkje3s3fDFpwQeePn+qZyyCPPTkRTDj3k46tY+qZjWkulTuHyiha
ro/LqlWVYx+DibojpOj78QiT/0e06UfZcd79xc8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSudJu68qbSkTr2KnPRUdsancmTxzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3JuU2J1dkttMHBFNjlpcHowVkhiR3AzSms4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoJBMIALAMHBCoOsQcHYAMHACoQ
LwABIDANBgkqhkiG9w0BAQsFAAOCAQEAfBmzYNpfKpdaiy5cgVliCFjxIjaJlq1C
i7l5S3I2Vt8lGHaCfULqnHC0UKuR4ZGIFLbjvYU9b+BcJOgv3ZqkvaNtjAyjSXfH
EU4sEbg01bqEANhnJShMmRxWvYlwUv5yqu3X7/kIM+lB0cD+rmIxNKdZHTBvpKq2
WTFGODdiHSL/XfuRa6Jj9BwmG+bGbGyRgpYJSYXkAIRICD+MVMqxem6AJXLuG7hl
mcbd/9MxgUzznVAA0Kz3ak4KFqcBB+PV6oTH3pemk5xYOpE7bVf0LDs+1uFw0u+t
+YKUdluQUXnJva3TcZKgxzqqOXDYhx+vcjYK5miMXBqw2an2CKcj1g==
-----END CERTIFICATE-----