Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9c3VhCgq4SVqPANyL_f4-APhep4.roa
File:                     9c3VhCgq4SVqPANyL_f4-APhep4.roa (raw, json)
Hash identifier:          4Nawfe2ZUEQjClgWH4UmS9TV8GS4I5U3a7+KW5KzaW0=
Subject key identifier:   F5:CD:D5:84:28:2A:E1:25:6A:3C:03:72:2F:F7:F8:F8:03:E1:7A:9E
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       336AD8
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9c3VhCgq4SVqPANyL_f4-APhep4.roa
Signing time:             Wed 02 Feb 2022 11:17:46 +0000
ROA not before:           Wed 02 Feb 2022 11:17:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209768
IP address blocks:        2a12:5840:1f0::/48 maxlen: 48
                          2a12:5844::/30 maxlen: 30
                          2a12:5840:2111::/48 maxlen: 48
                          2a12:5840:1f1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3369688 (0x336ad8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Feb  2 11:17:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5cdd584282ae1256a3c03722ff7f8f803e17a9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:67:8c:46:bb:b6:35:42:c1:8c:fe:1f:0b:4b:
                    3c:af:2f:ff:f9:d3:a8:e3:20:c8:f4:7d:10:f8:cc:
                    cc:b2:dd:5d:23:4f:e7:07:f8:db:af:71:e4:8d:44:
                    d3:00:29:53:9c:c9:15:bc:0a:64:24:d3:dd:20:30:
                    63:25:10:f4:d3:89:5d:4d:cd:4d:9f:5d:ea:28:0b:
                    29:ad:47:f1:30:15:6a:22:67:25:81:2b:de:a5:d2:
                    d1:80:1b:fb:6e:8d:6f:9b:c1:77:66:2b:6b:6c:cb:
                    64:df:03:75:cf:48:7a:24:5a:2f:7d:bd:15:62:8b:
                    d6:78:dd:e8:d4:37:d9:aa:25:cc:86:5c:ed:5d:87:
                    7b:84:34:cb:6d:d8:ee:ec:31:2e:fc:25:53:be:94:
                    9b:9f:7e:9b:c8:61:a5:54:48:72:8d:a3:77:f2:0c:
                    a9:ec:c5:4e:63:82:69:48:70:e4:f7:d9:87:e2:2a:
                    52:cb:b7:63:c6:94:92:64:a5:1d:aa:01:e6:fa:0c:
                    97:7d:32:0f:5c:fb:e3:7c:e8:fb:a3:0d:1d:43:3a:
                    2b:e4:07:76:fe:d0:f7:25:df:76:34:14:e3:52:96:
                    91:c3:a1:00:a6:7c:e0:a9:bd:8e:34:ff:b1:13:90:
                    44:15:a4:48:7e:eb:40:99:fe:3b:85:5d:7d:a2:40:
                    a1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:CD:D5:84:28:2A:E1:25:6A:3C:03:72:2F:F7:F8:F8:03:E1:7A:9E
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9c3VhCgq4SVqPANyL_f4-APhep4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5840:1f0::/47
                  2a12:5840:2111::/48
                  2a12:5844::/30

    Signature Algorithm: sha256WithRSAEncryption
         cb:1f:95:9a:41:2d:bd:57:58:b7:b3:db:19:5b:51:1c:55:13:
         d9:3c:67:89:55:e5:ba:0f:e9:50:ab:e4:f5:94:fa:60:d4:d3:
         4e:6a:22:be:ce:c5:fd:5f:30:8b:a3:4d:6c:93:e1:91:25:d6:
         00:83:df:1f:b4:94:20:23:dd:5a:d3:a7:c4:0d:65:bd:bc:05:
         cd:09:d2:33:b7:32:e6:c7:bd:f2:f8:ca:87:2d:b7:eb:4b:17:
         b2:b8:43:5f:e9:5a:d4:c6:99:c3:db:5f:44:27:10:97:ed:4f:
         2e:ef:a2:3d:9d:96:02:c0:e3:96:ff:25:2d:66:00:16:82:b6:
         eb:87:3c:8b:a5:b2:89:9c:f8:5e:0a:9a:0a:09:d1:17:f1:27:
         a5:f3:19:d5:d8:db:a2:21:eb:8d:65:19:80:f6:71:3a:1d:3f:
         1c:4b:48:8f:1b:48:1a:97:4a:ab:91:53:50:29:90:62:81:bc:
         bc:52:94:4f:2d:f9:4b:b6:85:35:48:4e:64:7c:f4:20:f0:b7:
         1d:11:b2:0e:20:b6:35:e4:6d:af:61:b1:c2:57:85:2c:69:bc:
         b5:73:78:c2:fd:07:37:f3:e7:14:65:5a:71:e5:56:e9:f4:4c:
         2e:07:90:c8:68:b1:5f:22:40:9a:e4:52:ce:c2:bb:cf:b2:27:
         be:17:6e:a7
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIDM2rYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY2
YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1ZWI1NmYwHhcNMjIwMjAy
MTExNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNWNkZDU4NDI4MmFl
MTI1NmEzYzAzNzIyZmY3ZjhmODAzZTE3YTllMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArmeMRru2NULBjP4fC0s8ry//+dOo4yDI9H0Q+MzMst1dI0/n
B/jbr3HkjUTTAClTnMkVvApkJNPdIDBjJRD004ldTc1Nn13qKAsprUfxMBVqImcl
gSvepdLRgBv7bo1vm8F3ZitrbMtk3wN1z0h6JFovfb0VYovWeN3o1DfZqiXMhlzt
XYd7hDTLbdju7DEu/CVTvpSbn36byGGlVEhyjaN38gyp7MVOY4JpSHDk99mH4ipS
y7djxpSSZKUdqgHm+gyXfTIPXPvjfOj7ow0dQzor5Ad2/tD3Jd92NBTjUpaRw6EA
pnzgqb2ONP+xE5BEFaRIfutAmf47hV19okChBwIDAQABo4ICHDCCAhgwHQYDVR0O
BBYEFPXN1YQoKuElajwDci/3+PgD4XqeMB8GA1UdIwQYMBaAFPbD4CfS0cLTbXyV
SGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEv
OWMzVmhDZ3E0U1ZxUEFOeUxfZjQtQVBoZXA0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8y
YjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEvOXNQZ0o5TFJ3dE50
ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDIG
CCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcBKhJYQAHwAwcAKhJYQCERAwUCKhJY
RDANBgkqhkiG9w0BAQsFAAOCAQEAyx+VmkEtvVdYt7PbGVtRHFUT2TxniVXlug/p
UKvk9ZT6YNTTTmoivs7F/V8wi6NNbJPhkSXWAIPfH7SUICPdWtOnxA1lvbwFzQnS
M7cy5se98vjKhy2360sXsrhDX+la1MaZw9tfRCcQl+1PLu+iPZ2WAsDjlv8lLWYA
FoK264c8i6WyiZz4XgqaCgnRF/EnpfMZ1djboiHrjWUZgPZxOh0/HEtIjxtIGpdK
q5FTUCmQYoG8vFKUTy35S7aFNUhOZHz0IPC3HRGyDiC2NeRtr2GxwleFLGm8tXN4
wv0HN/PnFGVaceVW6fRMLgeQyGixXyJAmuRSzsK7z7Invhdupw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org