Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeqmQq6sn9tcrYLOlF7ZNbIJM8Y.roa
File:                     xeqmQq6sn9tcrYLOlF7ZNbIJM8Y.roa (raw, json)
Hash identifier:          Wuph7KQpJmdIWabD+6IME3Ap9yLLzwdgmrAv4ceotJA=
Subject key identifier:   C5:EA:A6:42:AE:AC:9F:DB:5C:AD:82:CE:94:5E:D9:35:B2:09:33:C6
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183EC383FF774E3062B54DBBE5F79457D27
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeqmQq6sn9tcrYLOlF7ZNbIJM8Y.roa
Signing time:             Tue 18 Oct 2022 17:50:52 +0000
ROA not before:           Tue 18 Oct 2022 17:50:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61218
IP address blocks:        2a0e:97c0:4b00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ec:38:3f:f7:74:e3:06:2b:54:db:be:5f:79:45:7d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 18 17:50:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5eaa642aeac9fdb5cad82ce945ed935b20933c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:0f:03:3e:f2:ab:7f:17:5c:df:b5:83:ed:73:
                    d8:19:f0:45:de:0e:86:28:66:a9:fe:46:c6:38:e3:
                    32:9b:76:62:aa:0f:66:5b:09:03:74:61:9e:be:89:
                    ed:5a:74:85:28:24:a9:02:75:37:7b:76:87:c7:6e:
                    cc:67:58:1f:03:07:b7:ff:77:2a:18:c8:08:40:90:
                    c6:b9:1c:46:c8:74:fe:c5:e8:ce:44:96:8f:e8:99:
                    bd:96:07:77:3f:f2:53:54:66:31:ed:c4:d1:0a:f8:
                    59:cf:c9:11:8d:45:1f:0a:e8:01:90:78:96:3a:2f:
                    38:2f:ca:1d:6c:51:3f:e3:c3:d4:11:7f:c1:97:ee:
                    81:a1:5a:64:09:71:3b:14:69:ff:77:13:a3:32:a3:
                    a6:a9:c3:8c:a7:fa:c4:15:01:4f:1a:41:02:2f:95:
                    a2:54:66:e4:c8:6a:1e:77:d1:6c:c2:5d:8c:fa:2f:
                    c7:a5:61:ea:6e:ce:d8:39:2c:89:5f:4a:51:91:e5:
                    dd:ff:2f:51:54:4e:23:31:83:e0:dc:a7:d6:74:35:
                    e2:c9:e9:29:ce:ae:c2:0f:7e:36:a7:32:6f:78:db:
                    f2:5b:fc:28:ec:77:82:97:1b:15:bb:4c:30:66:73:
                    73:89:4d:15:84:04:d8:66:17:2a:52:63:bf:88:49:
                    95:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:EA:A6:42:AE:AC:9F:DB:5C:AD:82:CE:94:5E:D9:35:B2:09:33:C6
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xeqmQq6sn9tcrYLOlF7ZNbIJM8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:4b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         a7:e6:2a:70:5b:04:00:d0:85:48:47:7d:37:48:7f:f7:da:6b:
         98:e8:0e:dc:52:db:e8:f2:64:d4:78:b2:b8:cd:b5:19:8d:4f:
         40:ea:2f:c0:79:70:75:c5:dd:0f:e0:75:35:6c:47:f8:88:7f:
         af:6a:2d:f9:82:36:a7:c4:65:07:80:9e:33:8f:ee:46:af:20:
         17:11:89:a9:ec:eb:78:5e:8d:b0:ae:5a:70:38:df:44:9c:b1:
         e4:52:6d:f4:b7:3a:1a:da:57:d4:eb:57:72:fa:1f:bd:24:b3:
         fe:96:31:3e:98:44:d8:be:55:7e:b7:72:11:42:e6:ad:0f:81:
         4a:4e:e0:c9:d0:80:21:04:c7:7d:61:f6:d0:3b:80:7f:33:eb:
         e1:fc:8c:76:38:6d:4a:51:e4:23:07:81:d9:77:8e:84:eb:bb:
         f5:af:34:df:fb:b5:2b:08:57:26:75:66:ac:3d:8d:e3:a7:52:
         65:b7:c6:82:26:70:45:4c:72:dc:73:c1:6b:af:84:f5:03:91:
         5b:39:eb:93:e9:11:2e:cf:ce:a0:71:9a:f3:30:e9:f5:2d:2c:
         f6:46:68:e1:24:3b:29:7a:13:60:8c:35:86:ef:fa:ec:19:a0:
         57:4f:ed:d1:ad:38:92:60:00:51:8a:f9:a1:15:91:ef:5d:cb:
         9f:bf:03:20
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYPsOD/3dOMGK1Tbvl95RX0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE4MTc1MDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWVhYTY0MmFlYWM5ZmRiNWNhZDgyY2U5NDVlZDkzNWIyMDkzM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg8DPvKrfxdc37WD7XPYGfBF3g6G
KGap/kbGOOMym3Ziqg9mWwkDdGGevontWnSFKCSpAnU3e3aHx27MZ1gfAwe3/3cq
GMgIQJDGuRxGyHT+xejORJaP6Jm9lgd3P/JTVGYx7cTRCvhZz8kRjUUfCugBkHiW
Oi84L8odbFE/48PUEX/Bl+6BoVpkCXE7FGn/dxOjMqOmqcOMp/rEFQFPGkECL5Wi
VGbkyGoed9Fswl2M+i/HpWHqbs7YOSyJX0pRkeXd/y9RVE4jMYPg3KfWdDXiyekp
zq7CD342pzJveNvyW/wo7HeClxsVu0wwZnNziU0VhATYZhcqUmO/iEmV6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMXqpkKurJ/bXK2CzpRe2TWyCTPGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGVxbVFxNnNuOXRjcllMT2xGN1pOYklKTThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6XwEsw
DQYJKoZIhvcNAQELBQADggEBAKfmKnBbBADQhUhHfTdIf/faa5joDtxS2+jyZNR4
srjNtRmNT0DqL8B5cHXF3Q/gdTVsR/iIf69qLfmCNqfEZQeAnjOP7kavIBcRians
63hejbCuWnA430ScseRSbfS3OhraV9TrV3L6H70ks/6WMT6YRNi+VX63chFC5q0P
gUpO4MnQgCEEx31h9tA7gH8z6+H8jHY4bUpR5CMHgdl3joTru/WvNN/7tSsIVyZ1
Zqw9jeOnUmW3xoImcEVMctxzwWuvhPUDkVs565PpES7PzqBxmvMw6fUtLPZGaOEk
Oyl6E2CMNYbv+uwZoFdP7dGtOJJgAFGK+aEVke9dy5+/AyA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org