Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/wojfDKI51A1ndCFZgP_mD5HUrcg.roa
File:                     wojfDKI51A1ndCFZgP_mD5HUrcg.roa (raw, json)
Hash identifier:          LG1dZdMwPfsRHrCOTrDjHCgMr8tYIjOYySbZLxJaadw=
Subject key identifier:   C2:88:DF:0C:A2:39:D4:0D:67:74:21:59:80:FF:E6:0F:91:D4:AD:C8
Certificate issuer:       /CN=12b87c6caf81de3625fe1ce0559f39e30505a051
Certificate serial:       039BD6DF
Authority key identifier: 12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/wojfDKI51A1ndCFZgP_mD5HUrcg.roa
Signing time:             Sat 01 Jan 2022 07:02:16 +0000
ROA not before:           Sat 01 Jan 2022 07:02:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210070
IP address blocks:        2a0f:f7c0::/32 maxlen: 32
                          2a0f:f7c1::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60544735 (0x39bd6df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12b87c6caf81de3625fe1ce0559f39e30505a051
        Validity
            Not Before: Jan  1 07:02:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c288df0ca239d40d6774215980ffe60f91d4adc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c9:b6:39:a2:37:68:98:76:6f:73:94:d4:30:
                    5f:77:cb:3a:1b:f6:59:96:11:1b:d5:dd:92:d6:c8:
                    d4:b4:2b:9b:51:cc:a1:cb:73:6b:09:e5:89:76:cd:
                    98:26:4a:2b:37:50:9a:7f:ab:49:52:e4:11:9a:cf:
                    26:39:ca:93:cf:25:55:c1:ce:38:ca:80:29:c5:a3:
                    e7:b7:67:80:b3:9e:98:4a:a5:c1:45:d2:de:9f:a7:
                    03:d5:b3:3a:4a:54:a4:69:5e:04:22:0b:9d:ed:cf:
                    d3:82:e2:b3:f3:ab:ab:17:83:ed:7d:87:6c:07:a0:
                    d9:c6:c5:30:08:a8:54:5e:72:d9:d8:23:26:f8:e3:
                    da:6d:4f:07:30:b5:9b:1e:1e:5f:f1:7f:53:62:84:
                    cf:a4:db:6e:7d:1f:35:01:47:1d:d7:bb:e3:f2:0f:
                    c4:66:fd:05:6c:57:28:29:a0:6f:0e:38:b5:5b:4d:
                    1e:58:32:d8:65:7d:ec:91:a0:4e:10:ff:70:d1:82:
                    01:81:57:1b:e8:a5:15:f6:fa:5f:63:7f:bb:9e:d5:
                    d0:1f:b9:20:0e:6b:d5:80:ca:0f:72:ca:c4:9b:15:
                    01:1f:c5:85:09:37:7b:c0:04:dc:be:a9:ee:b9:f1:
                    0b:1b:4c:8d:e8:0d:55:23:b1:cf:df:5c:21:8f:04:
                    67:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:88:DF:0C:A2:39:D4:0D:67:74:21:59:80:FF:E6:0F:91:D4:AD:C8
            X509v3 Authority Key Identifier:
                keyid:12:B8:7C:6C:AF:81:DE:36:25:FE:1C:E0:55:9F:39:E3:05:05:A0:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Erh8bK-B3jYl_hzgVZ854wUFoFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/wojfDKI51A1ndCFZgP_mD5HUrcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e2934c-053a-4b97-aa2a-62808bbbdd21/1/Erh8bK-B3jYl_hzgVZ854wUFoFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:f7c0::/31

    Signature Algorithm: sha256WithRSAEncryption
         02:50:ae:16:01:2e:3e:fc:de:a0:cc:0d:89:df:e7:f1:e8:b4:
         1c:b7:f3:1b:38:bc:26:7e:08:61:9a:95:06:23:3a:32:1e:4b:
         5f:34:5c:48:94:8d:27:af:c0:83:22:f0:cf:c8:63:50:7b:c3:
         e9:ad:17:3f:d0:17:9f:b8:bc:67:2b:1b:a0:1c:b2:87:71:5b:
         c5:7d:1b:fe:68:dd:a5:53:32:3e:1d:c1:fe:fa:3d:76:f6:fa:
         97:f2:fc:cb:03:9d:d4:8a:0b:67:ee:d3:7d:e7:69:ba:d8:15:
         09:3a:65:ad:0f:be:65:bf:96:49:07:7e:e1:cc:4b:8f:7f:c4:
         92:66:c0:ba:6a:c4:dc:08:71:9d:88:54:cd:ac:fd:08:a3:b0:
         b4:cc:e1:59:94:a9:31:a9:ff:24:ee:53:2d:dc:20:58:c9:fa:
         14:d5:6d:06:93:24:4d:b1:f2:2e:42:8d:2c:65:f4:e9:bf:a1:
         f7:9a:69:77:47:9d:ec:6d:48:b9:9a:55:9e:86:ef:8e:82:7b:
         2e:89:3d:5b:db:b9:72:4d:7c:ba:f5:8b:35:70:0d:eb:4c:88:
         05:e6:fd:98:27:95:0c:d9:3e:f0:d8:19:f7:66:64:cb:d5:6c:
         76:32:8b:61:e0:61:da:be:27:b0:ff:16:e9:c9:30:2e:2e:0d:
         9e:f6:d2:6f
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEA5vW3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MmI4N2M2Y2FmODFkZTM2MjVmZTFjZTA1NTlmMzllMzA1MDVhMDUxMB4XDTIyMDEw
MTA3MDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI4OGRmMGNhMjM5
ZDQwZDY3NzQyMTU5ODBmZmU2MGY5MWQ0YWRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7JtjmiN2iYdm9zlNQwX3fLOhv2WZYRG9XdktbI1LQrm1HM
octzawnliXbNmCZKKzdQmn+rSVLkEZrPJjnKk88lVcHOOMqAKcWj57dngLOemEql
wUXS3p+nA9WzOkpUpGleBCILne3P04Lis/OrqxeD7X2HbAeg2cbFMAioVF5y2dgj
Jvjj2m1PBzC1mx4eX/F/U2KEz6Tbbn0fNQFHHde74/IPxGb9BWxXKCmgbw44tVtN
Hlgy2GV97JGgThD/cNGCAYFXG+ilFfb6X2N/u57V0B+5IA5r1YDKD3LKxJsVAR/F
hQk3e8AE3L6p7rnxCxtMjegNVSOxz99cIY8EZ0ECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTCiN8MojnUDWd0IVmA/+YPkdStyDAfBgNVHSMEGDAWgBQSuHxsr4HeNiX+
HOBVnznjBQWgUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VyaDhiSy1CM2pZbF9oemdWWjg1NHdVRm9GRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZTI5MzRjLTA1M2EtNGI5Ny1hYTJhLTYyODA4YmJiZGQyMS8x
L3dvamZES0k1MUExbmRDRlpnUF9tRDVIVXJjZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZTI5MzRjLTA1M2EtNGI5Ny1hYTJhLTYyODA4YmJiZGQyMS8xL0VyaDhiSy1CM2pZ
bF9oemdWWjg1NHdVRm9GRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFASoP98AwDQYJKoZIhvcNAQELBQAD
ggEBAAJQrhYBLj783qDMDYnf5/HotBy38xs4vCZ+CGGalQYjOjIeS180XEiUjSev
wIMi8M/IY1B7w+mtFz/QF5+4vGcrG6AcsodxW8V9G/5o3aVTMj4dwf76PXb2+pfy
/MsDndSKC2fu033nabrYFQk6Za0PvmW/lkkHfuHMS49/xJJmwLpqxNwIcZ2IVM2s
/QijsLTM4VmUqTGp/yTuUy3cIFjJ+hTVbQaTJE2x8i5CjSxl9Om/ofeaaXdHnext
SLmaVZ6G746Cey6JPVvbuXJNfLr1izVwDetMiAXm/ZgnlQzZPvDYGfdmZMvVbHYy
i2HgYdq+J7D/FunJMC4uDZ720m8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:16 2024 by rpki-client on console-ams.rpki-client.org