Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tmMURAviQtgYt7VD3oRS_46TEl8.roa
File:                     tmMURAviQtgYt7VD3oRS_46TEl8.roa (raw, json)
Hash identifier:          pftDVyI+SHmEwNxGWOJZ//vcQg2IeVeZ+NYnbPS0U38=
Subject key identifier:   B6:63:14:44:0B:E2:42:D8:18:B7:B5:43:DE:84:52:FF:8E:93:12:5F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01844AC8989BE14AA73406213CB15BE38228
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tmMURAviQtgYt7VD3oRS_46TEl8.roa
Signing time:             Sun 06 Nov 2022 02:32:50 +0000
ROA not before:           Sun 06 Nov 2022 02:32:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202256
IP address blocks:        2a0e:97c1:800::/37 maxlen: 48
                          2a0e:97c7:800::/37 maxlen: 48
                          2a10:cc42:1800::/37 maxlen: 48
                          2a10:cc42:1000::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:4a:c8:98:9b:e1:4a:a7:34:06:21:3c:b1:5b:e3:82:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov  6 02:32:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b66314440be242d818b7b543de8452ff8e93125f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:3b:b8:c1:98:23:65:60:21:b4:e5:12:02:8d:
                    1c:fb:22:39:a2:3c:f5:c5:c7:03:4d:26:45:ca:4a:
                    a2:13:0d:49:d5:a2:0c:c3:b3:ee:31:69:80:b2:66:
                    40:92:13:58:10:28:e6:18:10:d5:69:ab:cf:7c:5c:
                    3a:64:6f:bf:e6:07:5f:cd:9c:2a:7a:e4:7c:55:d3:
                    27:ed:fd:4b:90:29:c2:b9:0e:88:b5:c3:93:7d:b7:
                    0f:f6:34:08:29:d4:88:49:af:fd:8a:6a:2d:cb:9d:
                    a9:b9:fb:49:0c:a0:db:57:78:38:e1:00:51:e8:bf:
                    bd:76:02:ba:b5:40:9c:9a:b3:87:66:ef:18:d0:44:
                    66:87:f3:20:70:9d:2e:62:7d:68:99:68:eb:62:5a:
                    c4:a1:ea:88:1d:c0:d7:85:3b:37:97:50:01:84:57:
                    f2:10:16:6a:58:ab:9d:ee:0b:49:0e:1b:81:e7:01:
                    69:06:75:6f:13:d1:20:ae:3b:5f:4c:c1:5c:83:64:
                    b6:5d:2d:03:32:dd:c7:80:86:8e:77:8e:7e:02:7e:
                    46:9d:b2:99:2c:79:c1:b6:48:a9:14:2c:20:4b:37:
                    e4:dc:87:08:43:42:ee:ee:12:9c:30:7e:d6:16:4a:
                    23:96:f0:a1:a6:c0:ef:db:5c:f1:5e:38:1d:6b:79:
                    aa:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:63:14:44:0B:E2:42:D8:18:B7:B5:43:DE:84:52:FF:8E:93:12:5F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tmMURAviQtgYt7VD3oRS_46TEl8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c1:800::/37
                  2a0e:97c7:800::/37
                  2a10:cc42:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         9a:63:fb:d6:e7:0a:61:74:90:58:23:63:04:7f:5a:67:37:ea:
         10:e7:91:cd:b1:a1:58:13:7d:74:b8:e1:8c:7d:01:ac:7c:1f:
         b4:7e:33:3c:33:71:17:70:2d:cb:8a:80:25:3d:5d:69:ee:9a:
         85:a3:51:f8:c0:3e:5e:d2:97:83:08:fe:24:43:10:a6:b1:9b:
         b1:ae:1d:58:76:fd:40:cb:a5:41:2a:a0:1b:c7:97:64:2d:43:
         0a:be:2e:63:b4:ee:1d:22:1e:8b:ed:99:a5:9e:a1:bf:91:9d:
         9a:62:94:63:de:20:47:a6:7c:81:9c:bc:ef:36:b3:a8:8c:15:
         3a:c0:02:ba:4a:d5:1a:91:5d:71:83:1e:54:d8:51:cb:dd:7f:
         85:99:b3:3f:ed:28:a3:ec:ec:e4:71:99:54:0d:df:d2:9c:21:
         65:8c:e6:60:fe:b0:11:5f:a4:15:46:5f:12:e6:35:e1:5c:da:
         63:b9:0a:2f:bb:82:9b:0c:dc:4a:03:88:e2:9c:cc:14:52:a0:
         9f:c6:96:06:9d:e3:4a:f3:02:1d:7b:1f:d6:29:39:a8:cd:15:
         2e:92:92:90:d2:ab:ea:f0:3e:fc:17:a7:65:5a:66:b4:f4:bb:
         b4:f8:6d:07:ee:9e:79:2d:ad:a8:6e:9f:6d:35:c2:57:59:1f:
         90:d2:be:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRKyJib4UqnNAYhPLFb44IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA2MDIzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjYzMTQ0NDBiZTI0MmQ4MThiN2I1NDNkZTg0NTJmZjhlOTMxMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTu4wZgjZWAhtOUSAo0c+yI5ojz1
xccDTSZFykqiEw1J1aIMw7PuMWmAsmZAkhNYECjmGBDVaavPfFw6ZG+/5gdfzZwq
euR8VdMn7f1LkCnCuQ6ItcOTfbcP9jQIKdSISa/9imoty52puftJDKDbV3g44QBR
6L+9dgK6tUCcmrOHZu8Y0ERmh/MgcJ0uYn1omWjrYlrEoeqIHcDXhTs3l1ABhFfy
EBZqWKud7gtJDhuB5wFpBnVvE9EgrjtfTMFcg2S2XS0DMt3HgIaOd45+An5GnbKZ
LHnBtkipFCwgSzfk3IcIQ0Lu7hKcMH7WFkojlvChpsDv21zxXjgda3mqzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLZjFEQL4kLYGLe1Q96EUv+OkxJfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdG1NVVJBdmlRdGdZdDdWRDNvUlNfNDZURWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYDKg6XwQgD
BgMqDpfHCAMGBCoQzEIQMA0GCSqGSIb3DQEBCwUAA4IBAQCaY/vW5wphdJBYI2ME
f1pnN+oQ55HNsaFYE310uOGMfQGsfB+0fjM8M3EXcC3LioAlPV1p7pqFo1H4wD5e
0peDCP4kQxCmsZuxrh1Ydv1Ay6VBKqAbx5dkLUMKvi5jtO4dIh6L7ZmlnqG/kZ2a
YpRj3iBHpnyBnLzvNrOojBU6wAK6StUakV1xgx5U2FHL3X+FmbM/7Sij7OzkcZlU
Dd/SnCFljOZg/rARX6QVRl8S5jXhXNpjuQovu4KbDNxKA4jinMwUUqCfxpYGneNK
8wIdex/WKTmozRUukpKQ0qvq8D78F6dlWma09Lu0+G0H7p55La2obp9tNcJXWR+Q
0r5V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org