Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uOnCTY9YGjEteJxaYJvYGvd7XnQ.roa
File:                     uOnCTY9YGjEteJxaYJvYGvd7XnQ.roa (raw, json)
Hash identifier:          jkUrgKabS3Ik/qgqeD1iNE36Cn3X5NNpg3wTcOHT9IM=
Subject key identifier:   B8:E9:C2:4D:8F:58:1A:31:2D:78:9C:5A:60:9B:D8:1A:F7:7B:5E:74
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       10F40CB0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uOnCTY9YGjEteJxaYJvYGvd7XnQ.roa
Signing time:             Sat 01 Jan 2022 09:05:58 +0000
ROA not before:           Sat 01 Jan 2022 09:05:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213171
IP address blocks:        2a0e:b107:9c0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 284429488 (0x10f40cb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  1 09:05:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b8e9c24d8f581a312d789c5a609bd81af77b5e74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e4:13:0b:7f:af:bf:7d:f6:1a:f7:8e:3f:6b:
                    ed:4e:4b:30:ef:27:0b:10:42:e2:74:38:e9:c7:4d:
                    a1:bb:e9:43:76:4b:b4:a8:b8:8b:c9:fc:54:01:8b:
                    ee:b3:2b:ec:dd:82:c2:26:0d:69:28:e5:4a:ab:9a:
                    0c:fa:3b:da:6f:0b:f4:c5:d0:aa:ef:2e:fd:d5:a1:
                    6c:03:78:73:95:64:dd:45:85:41:32:f8:4d:b3:6e:
                    38:3a:f5:30:50:b2:a3:94:ec:03:03:2e:a9:7e:be:
                    41:24:10:19:61:04:a2:ad:7c:af:2f:d4:58:f1:43:
                    92:06:74:19:34:a1:cc:c3:2e:e6:34:05:24:86:8f:
                    ce:17:5f:06:89:70:7a:ee:77:38:e8:43:be:0c:08:
                    f8:16:6d:e5:c5:fb:ed:f8:42:71:7e:0d:fd:b0:41:
                    28:9f:4e:56:1c:40:6a:62:cf:de:50:14:43:62:96:
                    12:5a:c5:1c:01:92:25:a8:e1:b5:b6:79:1f:45:95:
                    c9:ef:30:0f:9f:3c:09:91:52:2e:ab:4e:cc:b0:1c:
                    6b:f8:08:ce:17:b9:31:ce:dc:21:54:23:7a:1c:74:
                    33:8e:86:9b:08:b3:17:ca:50:ef:ff:7e:54:53:64:
                    d8:79:17:1c:9e:4e:59:0d:3c:11:38:88:34:db:5f:
                    71:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:E9:C2:4D:8F:58:1A:31:2D:78:9C:5A:60:9B:D8:1A:F7:7B:5E:74
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uOnCTY9YGjEteJxaYJvYGvd7XnQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:9c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         cb:77:be:6a:15:06:ae:d8:dd:fa:f5:1c:2d:7b:c2:95:ea:ac:
         db:d5:f9:1b:c9:db:ae:c7:77:3e:47:84:d0:10:63:98:42:77:
         3f:84:90:88:19:18:7c:24:ef:ef:96:09:b1:de:7b:5b:aa:d5:
         c2:ba:e5:f2:8c:50:58:02:a1:e5:ff:13:85:db:c8:99:ed:d3:
         c3:b0:a2:42:62:84:bd:7a:16:94:cf:c3:57:34:4a:0b:2f:6c:
         c7:01:cd:77:07:92:32:74:fc:1c:8e:48:a4:fc:5e:39:33:f8:
         2b:ee:ba:ee:ce:ad:26:a9:f7:71:d6:a3:e5:e1:2d:85:98:a0:
         ca:a5:1d:02:11:fc:d1:70:6b:41:ce:15:4c:b5:34:13:30:ed:
         55:7e:8c:63:fa:c8:a4:3e:3d:61:71:cb:bf:26:bd:d1:81:ae:
         8b:2c:c6:6f:2e:89:6a:8a:23:ae:8b:92:f1:ad:4d:ef:d1:be:
         1c:93:44:3a:9f:17:35:63:7c:f0:5d:d9:73:92:e6:8a:54:54:
         ea:87:4f:7e:4c:ea:5c:83:7f:2e:6e:62:b4:94:db:18:b0:72:
         45:3d:64:5e:1f:80:37:f8:67:5c:2b:a0:48:44:af:36:00:c2:
         66:13:ea:7b:70:5e:6a:54:19:bd:f5:2e:b9:57:74:c0:f5:d4:
         ca:53:f2:ad
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEPQMsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjhlOWMyNGQ4ZjU4
MWEzMTJkNzg5YzVhNjA5YmQ4MWFmNzdiNWU3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTkEwt/r7999hr3jj9r7U5LMO8nCxBC4nQ46cdNobvpQ3ZL
tKi4i8n8VAGL7rMr7N2CwiYNaSjlSquaDPo72m8L9MXQqu8u/dWhbAN4c5Vk3UWF
QTL4TbNuODr1MFCyo5TsAwMuqX6+QSQQGWEEoq18ry/UWPFDkgZ0GTShzMMu5jQF
JIaPzhdfBolweu53OOhDvgwI+BZt5cX77fhCcX4N/bBBKJ9OVhxAamLP3lAUQ2KW
ElrFHAGSJajhtbZ5H0WVye8wD588CZFSLqtOzLAca/gIzhe5Mc7cIVQjehx0M46G
mwizF8pQ7/9+VFNk2HkXHJ5OWQ08ETiINNtfcc8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS46cJNj1gaMS14nFpgm9ga93tedDAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L3VPbkNUWTlZR2pFdGVKeGFZSnZZR3ZkN1huUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcJwDANBgkqhkiG9w0BAQsF
AAOCAQEAy3e+ahUGrtjd+vUcLXvCleqs29X5G8nbrsd3PkeE0BBjmEJ3P4SQiBkY
fCTv75YJsd57W6rVwrrl8oxQWAKh5f8ThdvIme3Tw7CiQmKEvXoWlM/DVzRKCy9s
xwHNdweSMnT8HI5IpPxeOTP4K+667s6tJqn3cdaj5eEthZigyqUdAhH80XBrQc4V
TLU0EzDtVX6MY/rIpD49YXHLvya90YGuiyzGby6JaoojrouS8a1N79G+HJNEOp8X
NWN88F3Zc5LmilRU6odPfkzqXIN/Lm5itJTbGLByRT1kXh+AN/hnXCugSESvNgDC
ZhPqe3BealQZvfUuuVd0wPXUylPyrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org