Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/eb0792-843a-46b6-b0da-f468b8c4651a/1/6p4oPO2HeVDiJWDIJHZ2mCQMacs.roa
File:                     6p4oPO2HeVDiJWDIJHZ2mCQMacs.roa (raw, json)
Hash identifier:          TquKTEQrVuM3VkJLOuFDSEYRIjXYBsLWkLfhwjKRaBM=
Subject key identifier:   EA:9E:28:3C:ED:87:79:50:E2:25:60:C8:24:76:76:98:24:0C:69:CB
Certificate issuer:       /CN=e8477159d65b22568098b95952487300771b3ce5
Certificate serial:       018437B43E329B58455AC2A075E57A4853B4
Authority key identifier: E8:47:71:59:D6:5B:22:56:80:98:B9:59:52:48:73:00:77:1B:3C:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6EdxWdZbIlaAmLlZUkhzAHcbPOU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/eb0792-843a-46b6-b0da-f468b8c4651a/1/6p4oPO2HeVDiJWDIJHZ2mCQMacs.roa
Signing time:             Wed 02 Nov 2022 09:37:50 +0000
ROA not before:           Wed 02 Nov 2022 09:37:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208171
IP address blocks:        2a12:8d40:1024::/48 maxlen: 48
                          2a12:8d40:2022::/48 maxlen: 48
                          2a12:8d40:2048::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:37:b4:3e:32:9b:58:45:5a:c2:a0:75:e5:7a:48:53:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8477159d65b22568098b95952487300771b3ce5
        Validity
            Not Before: Nov  2 09:37:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea9e283ced877950e22560c824767698240c69cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ad:e4:61:a8:51:53:0b:f2:14:36:89:88:a3:
                    e1:60:9e:62:bf:61:66:0b:8a:73:d6:4d:c6:53:4d:
                    e6:aa:b5:ce:fc:10:39:42:bd:a0:c8:3a:56:f4:a1:
                    67:99:35:6f:4d:5b:e4:3d:a1:ca:7a:04:4c:9c:c1:
                    1d:f0:3d:54:b4:ae:47:a8:18:90:5e:0c:af:d9:cd:
                    02:ea:15:f5:34:2c:3a:d5:a6:12:d6:04:73:ec:a4:
                    d5:27:ee:fc:59:68:1b:f0:eb:04:bd:58:4c:45:ea:
                    f4:af:c4:a0:12:82:43:ab:1e:17:c2:df:25:1e:e7:
                    3c:59:88:bd:7a:b5:81:7a:88:2b:7a:31:23:23:a9:
                    28:86:fb:87:db:1f:f1:ec:60:1f:b2:43:d2:48:bf:
                    79:6d:8f:0c:ec:74:ee:f6:79:8d:45:fe:b6:8f:61:
                    25:91:5f:1c:a5:c7:1c:62:66:45:95:5d:a2:5b:3e:
                    50:7e:be:9a:f2:8f:5b:5d:eb:99:ec:5c:d3:dd:31:
                    89:ab:1c:90:20:87:70:fa:5d:1b:1c:a4:88:25:27:
                    5c:51:11:d3:21:42:43:20:b4:db:9d:b0:7d:71:ff:
                    94:b6:2a:99:5e:dd:bd:b4:46:c4:69:e7:af:74:ba:
                    d5:d1:de:a7:75:53:98:84:c7:94:0b:78:30:11:80:
                    28:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:9E:28:3C:ED:87:79:50:E2:25:60:C8:24:76:76:98:24:0C:69:CB
            X509v3 Authority Key Identifier:
                keyid:E8:47:71:59:D6:5B:22:56:80:98:B9:59:52:48:73:00:77:1B:3C:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EdxWdZbIlaAmLlZUkhzAHcbPOU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/eb0792-843a-46b6-b0da-f468b8c4651a/1/6p4oPO2HeVDiJWDIJHZ2mCQMacs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/eb0792-843a-46b6-b0da-f468b8c4651a/1/6EdxWdZbIlaAmLlZUkhzAHcbPOU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8d40:1024::/48
                  2a12:8d40:2022::/48
                  2a12:8d40:2048::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:4b:6d:7f:0c:fa:cc:8e:d3:d6:2b:56:9a:09:6b:e3:0d:99:
         93:8a:3c:13:33:aa:8e:21:e3:ce:33:99:0e:88:e1:82:5c:12:
         bd:a8:cc:37:07:b1:ef:60:75:23:d1:f5:8f:e6:0b:d7:3c:7c:
         fc:c2:4d:5f:1f:c2:80:87:4e:e5:81:45:73:47:ca:4a:16:9c:
         60:d3:83:46:db:db:65:e1:f4:aa:53:ea:7e:d7:76:d6:46:85:
         40:a3:96:55:57:3a:ab:04:ff:de:27:d7:09:15:a2:09:a2:13:
         df:72:e8:b2:60:22:82:f3:09:59:1b:4a:68:ad:c6:8f:17:2c:
         6c:c9:2b:5c:b1:ea:d8:f5:72:ab:80:57:d2:a6:a0:a1:40:20:
         30:b9:f1:05:0c:bf:b9:f0:ed:cb:99:fa:3a:2a:e0:fa:03:b4:
         ce:fd:b3:79:d9:e3:3a:e6:42:de:f0:78:20:77:5c:27:69:4b:
         75:e7:88:3b:89:88:8f:61:80:a5:8b:55:70:98:c2:21:3c:08:
         17:3c:18:97:2b:ec:0b:94:0a:22:1e:09:29:30:91:05:21:c3:
         d1:8f:c2:ef:ad:08:c7:05:3e:ff:bd:f7:22:d8:fe:f8:6a:86:
         b3:33:7d:08:47:e6:b7:cc:f0:0b:da:a8:ba:48:ea:cd:28:5c:
         b9:68:c6:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQ3tD4ym1hFWsKgdeV6SFO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDc3MTU5ZDY1YjIyNTY4MDk4Yjk1OTUyNDg3MzAwNzcx
YjNjZTUwHhcNMjIxMTAyMDkzNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTllMjgzY2VkODc3OTUwZTIyNTYwYzgyNDc2NzY5ODI0MGM2OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg63kYahRUwvyFDaJiKPhYJ5iv2Fm
C4pz1k3GU03mqrXO/BA5Qr2gyDpW9KFnmTVvTVvkPaHKegRMnMEd8D1UtK5HqBiQ
Xgyv2c0C6hX1NCw61aYS1gRz7KTVJ+78WWgb8OsEvVhMRer0r8SgEoJDqx4Xwt8l
Huc8WYi9erWBeogrejEjI6kohvuH2x/x7GAfskPSSL95bY8M7HTu9nmNRf62j2El
kV8cpcccYmZFlV2iWz5Qfr6a8o9bXeuZ7FzT3TGJqxyQIIdw+l0bHKSIJSdcURHT
IUJDILTbnbB9cf+UtiqZXt29tEbEaeevdLrV0d6ndVOYhMeUC3gwEYAo2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOqeKDzth3lQ4iVgyCR2dpgkDGnLMB8GA1UdIwQY
MBaAFOhHcVnWWyJWgJi5WVJIcwB3GzzlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVkeFdkWmJJbGFBbUxsWlVraHpBSGNiUE9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9lYjA3OTItODQzYS00NmI2LWIwZGEt
ZjQ2OGI4YzQ2NTFhLzEvNnA0b1BPMkhlVkRpSldESUpIWjJtQ1FNYWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9lYjA3OTItODQzYS00NmI2LWIwZGEtZjQ2OGI4YzQ2NTFh
LzEvNkVkeFdkWmJJbGFBbUxsWlVraHpBSGNiUE9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKhKNQBAk
AwcAKhKNQCAiAwcAKhKNQCBIMA0GCSqGSIb3DQEBCwUAA4IBAQBrS21/DPrMjtPW
K1aaCWvjDZmTijwTM6qOIePOM5kOiOGCXBK9qMw3B7HvYHUj0fWP5gvXPHz8wk1f
H8KAh07lgUVzR8pKFpxg04NG29tl4fSqU+p+13bWRoVAo5ZVVzqrBP/eJ9cJFaIJ
ohPfcuiyYCKC8wlZG0porcaPFyxsyStcserY9XKrgFfSpqChQCAwufEFDL+58O3L
mfo6KuD6A7TO/bN52eM65kLe8Hggd1wnaUt154g7iYiPYYCli1VwmMIhPAgXPBiX
K+wLlAoiHgkpMJEFIcPRj8LvrQjHBT7/vfci2P74aoazM30IR+a3zPAL2qi6SOrN
KFy5aMaF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:16 2024 by rpki-client on console-ams.rpki-client.org