Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tzPG1Z56wqyArj-ImWMmuodzvKo.roa
File:                     tzPG1Z56wqyArj-ImWMmuodzvKo.roa (raw, json)
Hash identifier:          AZWVGz0jj8WncbSFWcql8Oc4s8Eugphtv4nPfUoTC6o=
Subject key identifier:   B7:33:C6:D5:9E:7A:C2:AC:80:AE:3F:88:99:63:26:BA:87:73:BC:AA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0184EF61E6DBC8AA57E81836F47B2B3C9FC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tzPG1Z56wqyArj-ImWMmuodzvKo.roa
Signing time:             Thu 08 Dec 2022 01:38:01 +0000
ROA not before:           Thu 08 Dec 2022 01:38:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212164
IP address blocks:        2a0e:b107:1d21::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ef:61:e6:db:c8:aa:57:e8:18:36:f4:7b:2b:3c:9f:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Dec  8 01:38:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b733c6d59e7ac2ac80ae3f88996326ba8773bcaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:92:a8:4d:50:7d:ba:07:20:51:b9:31:bc:6d:
                    de:da:c4:11:43:07:5e:da:8f:df:28:e8:fe:b7:8b:
                    14:27:d1:e7:0b:34:28:6c:be:16:d8:e9:88:a4:9a:
                    2b:21:58:29:34:1c:91:0e:72:00:96:b2:ae:4a:d4:
                    8e:a9:02:09:5d:83:08:ff:21:61:a0:3b:02:46:f0:
                    fb:47:45:4b:57:da:38:88:d9:bd:1a:53:dd:9e:72:
                    49:e3:f9:5f:51:23:63:83:5b:51:96:59:71:eb:7d:
                    20:d0:83:89:a2:d2:8a:66:c8:3e:fa:5d:78:74:e1:
                    9c:1a:65:81:77:0f:7e:83:b7:2f:b4:5f:db:f1:af:
                    1d:be:3b:59:8f:c0:e2:cc:e1:b8:52:55:e3:e7:0f:
                    3e:f3:f1:91:f0:01:58:f2:ec:ca:f6:e8:80:ee:eb:
                    6c:98:14:cb:b4:76:c5:19:e7:1c:ed:65:b7:e3:da:
                    10:6b:7d:18:ff:02:71:0b:6c:aa:dc:88:54:dd:ff:
                    15:3b:d0:f3:22:0a:21:e6:da:15:f6:a6:84:0d:13:
                    ca:08:fe:24:a9:e7:61:c9:30:53:41:7a:2c:29:b2:
                    b4:a6:d4:06:06:1b:1d:30:c0:c0:d2:49:70:75:bb:
                    dd:b5:e4:d9:d7:c0:44:77:95:59:30:56:f4:77:96:
                    0f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:33:C6:D5:9E:7A:C2:AC:80:AE:3F:88:99:63:26:BA:87:73:BC:AA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tzPG1Z56wqyArj-ImWMmuodzvKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1d21::/48

    Signature Algorithm: sha256WithRSAEncryption
         cb:83:e5:24:ce:fc:b9:78:58:49:aa:ae:b2:4f:3c:9b:59:e5:
         95:c0:22:bc:79:be:f0:81:6b:42:a9:00:71:f5:ed:56:5b:7a:
         02:1a:e6:08:2d:db:76:7d:8c:59:39:d0:9c:99:f2:11:f7:72:
         26:7f:8c:90:06:5a:d0:e4:fa:1a:a5:5b:1e:33:7e:b7:95:be:
         d6:d9:45:9d:ab:3c:eb:20:36:e2:d6:6b:fb:45:3a:e4:2a:bb:
         fb:fa:f6:c5:7d:e3:17:64:38:bf:9c:c9:a2:d7:e2:60:3a:b3:
         64:05:29:a0:6e:73:c4:d6:31:04:62:04:8c:f6:1b:64:04:34:
         cc:74:7d:51:93:2e:6f:79:2e:1a:bb:20:9b:26:25:df:76:72:
         cb:4b:5f:f3:26:4e:9b:19:38:41:8d:7a:4f:2b:79:a3:34:b5:
         52:25:d4:25:d5:1c:2b:92:84:f3:51:06:16:78:8a:86:db:50:
         c9:35:95:8c:06:6f:e4:d1:1f:9b:1b:cc:27:d6:43:43:e0:1e:
         e0:eb:69:d5:9d:fe:7c:8a:d8:cb:1b:79:c7:70:ae:ef:95:40:
         b4:a9:d7:32:67:3a:7c:c6:fd:3b:a2:8c:4e:87:ae:8a:eb:bd:
         24:89:45:e0:8f:01:a4:ec:e1:23:e7:12:d1:81:7e:eb:fe:a3:
         72:04:60:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTvYebbyKpX6Bg29HsrPJ/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA4MDEzODAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzMzYzZkNTllN2FjMmFjODBhZTNmODg5OTYzMjZiYTg3NzNiY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5KoTVB9ugcgUbkxvG3e2sQRQwde
2o/fKOj+t4sUJ9HnCzQobL4W2OmIpJorIVgpNByRDnIAlrKuStSOqQIJXYMI/yFh
oDsCRvD7R0VLV9o4iNm9GlPdnnJJ4/lfUSNjg1tRlllx630g0IOJotKKZsg++l14
dOGcGmWBdw9+g7cvtF/b8a8dvjtZj8DizOG4UlXj5w8+8/GR8AFY8uzK9uiA7uts
mBTLtHbFGecc7WW349oQa30Y/wJxC2yq3IhU3f8VO9DzIgoh5toV9qaEDRPKCP4k
qedhyTBTQXosKbK0ptQGBhsdMMDA0klwdbvdteTZ18BEd5VZMFb0d5YPBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLczxtWeesKsgK4/iJljJrqHc7yqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdHpQRzFaNTZ3cXlBcmotSW1XTW11b2R6dktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx0h
MA0GCSqGSIb3DQEBCwUAA4IBAQDLg+Ukzvy5eFhJqq6yTzybWeWVwCK8eb7wgWtC
qQBx9e1WW3oCGuYILdt2fYxZOdCcmfIR93Imf4yQBlrQ5PoapVseM363lb7W2UWd
qzzrIDbi1mv7RTrkKrv7+vbFfeMXZDi/nMmi1+JgOrNkBSmgbnPE1jEEYgSM9htk
BDTMdH1Rky5veS4auyCbJiXfdnLLS1/zJk6bGThBjXpPK3mjNLVSJdQl1RwrkoTz
UQYWeIqG21DJNZWMBm/k0R+bG8wn1kND4B7g62nVnf58itjLG3nHcK7vlUC0qdcy
Zzp8xv07ooxOh66K670kiUXgjwGk7OEj5xLRgX7r/qNyBGAF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org