Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdW3FhE9CdbzcOMQ54oTfO7OlJ0.roa
File:                     sdW3FhE9CdbzcOMQ54oTfO7OlJ0.roa (raw, json)
Hash identifier:          m2L/NVwdRXD+CVr8bnu/6tsxI3sZV4WVMg5UWPR68T0=
Subject key identifier:   B1:D5:B7:16:11:3D:09:D6:F3:70:E3:10:E7:8A:13:7C:EE:CE:94:9D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       1085A0DC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdW3FhE9CdbzcOMQ54oTfO7OlJ0.roa
Signing time:             Sat 01 Jan 2022 09:04:52 +0000
ROA not before:           Sat 01 Jan 2022 09:04:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140731
IP address blocks:        2a0e:b107:c30::/44 maxlen: 48
                          2a0e:b107:11b0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277192924 (0x1085a0dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:04:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1d5b716113d09d6f370e310e78a137ceece949d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:28:e3:c4:a0:89:05:dc:c8:a7:da:85:01:8f:
                    16:e3:5e:df:63:90:00:7b:7b:a2:87:79:f7:ae:bb:
                    43:85:9c:30:bf:b9:17:19:55:dd:7d:1d:77:e3:a7:
                    1b:db:5f:cc:df:c3:19:c1:6f:a6:ba:e7:39:1c:cf:
                    98:b5:01:48:74:d1:4b:83:18:90:ec:ce:93:14:c9:
                    a3:70:74:89:86:b0:28:91:34:2f:da:fa:00:11:0d:
                    fa:93:16:60:a0:22:cf:50:de:ce:71:c9:fe:9d:be:
                    a1:fd:09:24:7c:01:bb:b2:df:57:d4:77:f4:ba:36:
                    46:ad:5c:f3:23:e9:5a:92:ed:e8:76:32:27:b0:67:
                    e8:ee:1d:71:14:63:82:3e:ff:d5:7d:04:81:57:4a:
                    05:5c:96:0d:c2:46:64:03:3d:0d:a9:e0:81:0e:fb:
                    7b:97:c7:98:62:2d:ee:81:02:30:8c:94:48:28:bb:
                    6d:48:3b:30:f9:f9:69:59:81:00:08:76:4f:9a:30:
                    d2:ab:0e:14:35:1b:5f:b0:bb:1b:78:00:28:18:aa:
                    77:cc:00:72:4f:f3:7a:81:08:f6:9c:b5:7a:df:e8:
                    54:1a:a0:1a:e3:a2:68:6b:d4:70:64:02:c9:38:1e:
                    51:35:be:8b:54:1b:c0:1a:8c:5a:e6:5f:4a:4c:63:
                    00:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D5:B7:16:11:3D:09:D6:F3:70:E3:10:E7:8A:13:7C:EE:CE:94:9D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdW3FhE9CdbzcOMQ54oTfO7OlJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:c30::/44
                  2a0e:b107:11b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         a4:b0:b4:ae:79:1c:4a:48:f5:40:d8:87:52:23:76:90:63:b5:
         2a:bd:e9:ae:d1:42:d9:c9:c1:38:2b:a5:22:c9:4b:44:ca:40:
         67:4b:e2:c6:0e:c1:b0:c7:53:bf:3f:ef:5b:fc:ec:e0:76:05:
         2a:8c:37:d4:19:96:58:02:4e:a7:20:92:54:d8:7e:5e:44:23:
         59:9e:f5:87:1e:6f:d8:ff:a6:65:be:38:a9:28:58:ca:9d:47:
         ee:40:9a:52:28:9d:35:1b:0c:6e:98:e2:f6:51:b7:e4:e3:48:
         d3:f9:0f:53:4c:fa:27:39:92:f7:23:0d:fe:24:bd:e1:28:c1:
         82:bb:c2:5f:c6:62:61:ea:2a:a4:77:9b:90:3a:72:51:b5:d4:
         e9:22:9d:69:1c:d2:57:41:ae:47:11:5b:f7:ad:75:b2:81:a9:
         e0:fd:d8:3f:4c:61:1e:e4:dd:70:fd:51:70:89:86:78:d0:9c:
         52:17:b4:5f:99:de:17:4f:db:a1:c6:52:28:88:ad:c5:4d:ed:
         6d:a2:12:48:ec:d3:f8:fc:24:f2:9c:04:89:cb:76:e6:a5:76:
         87:d1:25:57:13:42:2d:71:06:d0:83:78:90:89:f1:d9:39:f5:
         0d:94:35:48:31:3a:c9:ef:bb:1f:f0:f4:e2:eb:bc:4e:21:9f:
         4a:32:04:d9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEIWg3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFkNWI3MTYxMTNk
MDlkNmYzNzBlMzEwZTc4YTEzN2NlZWNlOTQ5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQo48SgiQXcyKfahQGPFuNe32OQAHt7ood59667Q4WcML+5
FxlV3X0dd+OnG9tfzN/DGcFvprrnORzPmLUBSHTRS4MYkOzOkxTJo3B0iYawKJE0
L9r6ABEN+pMWYKAiz1DeznHJ/p2+of0JJHwBu7LfV9R39Lo2Rq1c8yPpWpLt6HYy
J7Bn6O4dcRRjgj7/1X0EgVdKBVyWDcJGZAM9DanggQ77e5fHmGIt7oECMIyUSCi7
bUg7MPn5aVmBAAh2T5ow0qsOFDUbX7C7G3gAKBiqd8wAck/zeoEI9py1et/oVBqg
GuOiaGvUcGQCyTgeUTW+i1QbwBqMWuZfSkxjAMcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSx1bcWET0J1vNw4xDnihN87s6UnTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3NkVzNGaEU5Q2RiemNPTVE1NG9UZk83T2xKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOsQcMMAMHBCoOsQcRsDANBgkq
hkiG9w0BAQsFAAOCAQEApLC0rnkcSkj1QNiHUiN2kGO1Kr3prtFC2cnBOCulIslL
RMpAZ0vixg7BsMdTvz/vW/zs4HYFKow31BmWWAJOpyCSVNh+XkQjWZ71hx5v2P+m
Zb44qShYyp1H7kCaUiidNRsMbpji9lG35ONI0/kPU0z6JzmS9yMN/iS94SjBgrvC
X8ZiYeoqpHebkDpyUbXU6SKdaRzSV0GuRxFb9611soGp4P3YP0xhHuTdcP1RcImG
eNCcUhe0X5neF0/bocZSKIitxU3tbaISSOzT+Pwk8pwEict25qV2h9ElVxNCLXEG
0IN4kInx2Tn1DZQ1SDE6ye+7H/D04uu8TiGfSjIE2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org