Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa
File:                     A7lBntU6uoxALv7lInijLKQ0idY.roa (raw, json)
Hash identifier:          gPUAee+gIDOoHhk5UP1HTvE3Lj0qPBLm2HnvoPk12+8=
Subject key identifier:   03:B9:41:9E:D5:3A:BA:8C:40:2E:FE:E5:22:78:A3:2C:A4:34:89:D6
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       703425
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa
Signing time:             Mon 28 Feb 2022 21:26:13 +0000
ROA not before:           Mon 28 Feb 2022 21:26:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209768
IP address blocks:        2a12:5840:1f2::/48 maxlen: 48
                          2a12:5840:1f0::/48 maxlen: 48
                          2a12:5844::/30 maxlen: 30
                          2a12:5840:1f1::/48 maxlen: 48
                          2a12:5840:2111::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7353381 (0x703425)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Feb 28 21:26:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03b9419ed53aba8c402efee52278a32ca43489d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:23:64:2f:23:5f:fa:0e:80:c7:cc:76:8f:22:
                    15:88:4b:0d:27:11:2a:03:d3:9c:27:19:b4:a1:4d:
                    2b:ce:3b:5f:b2:da:84:02:65:c2:2e:87:2f:4a:e9:
                    2e:50:5e:60:b6:c6:18:5d:8f:25:71:0e:83:9f:3f:
                    33:a9:5f:0b:41:1a:49:28:da:1f:0d:35:b2:2c:1b:
                    d4:a0:8f:33:a4:85:0e:85:4f:32:d6:53:5d:d0:18:
                    7b:3e:52:c4:03:52:08:0d:73:54:7c:0d:59:93:5c:
                    09:da:77:b7:a8:5b:04:a3:f2:ff:ab:1e:fd:4a:5c:
                    0d:95:b7:c1:5a:b3:c1:53:c0:9d:50:77:0c:04:3a:
                    07:2e:3b:14:8a:30:1f:15:a3:91:81:a9:e5:38:dd:
                    30:c3:bc:81:74:f7:e9:e3:32:20:7f:ef:58:98:56:
                    fb:2d:71:d9:0b:4b:7b:2c:fe:3e:5b:4e:be:1f:81:
                    33:d7:2e:b8:ff:bb:a9:02:28:97:3f:73:25:7d:8c:
                    ad:df:bc:4d:54:e0:60:7e:55:5a:37:ad:0e:9c:b2:
                    cc:bf:5b:fc:a4:2b:be:03:b9:1e:99:81:94:4d:72:
                    d4:bb:3e:2b:0a:00:22:0f:4e:a6:5a:86:79:61:ef:
                    1d:47:31:7b:cf:16:51:be:82:2d:33:53:5d:e1:35:
                    e6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:B9:41:9E:D5:3A:BA:8C:40:2E:FE:E5:22:78:A3:2C:A4:34:89:D6
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5840:1f0::-2a12:5840:1f2:ffff:ffff:ffff:ffff:ffff
                  2a12:5840:2111::/48
                  2a12:5844::/30

    Signature Algorithm: sha256WithRSAEncryption
         9b:00:d7:de:b8:a7:73:73:e8:3f:76:5b:99:4f:a3:3c:f9:7c:
         04:11:be:eb:5f:83:93:bf:bb:ca:24:bf:a4:6d:cc:52:ef:88:
         14:b5:0c:17:85:7a:b8:7d:fe:e5:cd:61:bf:c9:34:d4:9e:bb:
         8e:d0:9c:f9:80:2c:76:f6:96:f8:dd:ee:73:be:da:b9:e2:0c:
         f2:f7:ea:e6:e1:23:7d:d9:89:bc:72:d5:4c:22:a2:10:4a:c1:
         40:14:c3:b0:7f:df:a6:9d:ca:30:12:1a:e1:92:57:ca:69:7c:
         f7:e4:e1:57:a1:8e:bc:a6:2c:da:25:5a:51:9c:57:bd:1b:bd:
         d4:5d:f4:d3:df:83:ec:c0:54:86:84:f5:91:8e:f6:ad:a6:8c:
         a7:77:d8:86:16:82:19:36:40:8d:bc:74:10:b2:bb:1a:36:56:
         b7:b3:0c:96:0a:41:99:c5:18:86:a2:96:f3:bb:dd:0b:6e:49:
         53:b0:d7:cc:45:05:44:67:24:a6:3e:42:06:0b:d5:c5:88:9f:
         70:cf:89:d6:44:e1:7a:7b:f2:48:f9:2a:a0:51:82:7f:2d:8c:
         a3:e6:1d:99:9a:54:fb:1f:d4:09:6f:ec:50:54:5b:cf:28:c1:
         d2:04:aa:19:7e:7a:7a:47:4d:9b:b9:b3:fe:02:c6:e9:f8:31:
         30:09:3b:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDcDQlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY2
YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1ZWI1NmYwHhcNMjIwMjI4
MjEyNjEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwM2I5NDE5ZWQ1M2Fi
YThjNDAyZWZlZTUyMjc4YTMyY2E0MzQ4OWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqSNkLyNf+g6Ax8x2jyIViEsNJxEqA9OcJxm0oU0rzjtfstqE
AmXCLocvSukuUF5gtsYYXY8lcQ6Dnz8zqV8LQRpJKNofDTWyLBvUoI8zpIUOhU8y
1lNd0Bh7PlLEA1IIDXNUfA1Zk1wJ2ne3qFsEo/L/qx79SlwNlbfBWrPBU8CdUHcM
BDoHLjsUijAfFaORganlON0ww7yBdPfp4zIgf+9YmFb7LXHZC0t7LP4+W06+H4Ez
1y64/7upAiiXP3MlfYyt37xNVOBgflVaN60OnLLMv1v8pCu+A7kemYGUTXLUuz4r
CgAiD06mWoZ5Ye8dRzF7zxZRvoItM1Nd4TXmAQIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFAO5QZ7VOrqMQC7+5SJ4oyykNInWMB8GA1UdIwQYMBaAFPbD4CfS0cLTbXyV
SGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEv
QTdsQm50VTZ1b3hBTHY3bEluaWpMS1EwaWRZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8y
YjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEvOXNQZ0o5TFJ3dE50
ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkMBIDBwQqElhAAfADBwAqElhAAfIDBwAq
ElhAIREDBQIqElhEMA0GCSqGSIb3DQEBCwUAA4IBAQCbANfeuKdzc+g/dluZT6M8
+XwEEb7rX4OTv7vKJL+kbcxS74gUtQwXhXq4ff7lzWG/yTTUnruO0Jz5gCx29pb4
3e5zvtq54gzy9+rm4SN92Ym8ctVMIqIQSsFAFMOwf9+mncowEhrhklfKaXz35OFX
oY68pizaJVpRnFe9G73UXfTT34PswFSGhPWRjvatpoynd9iGFoIZNkCNvHQQsrsa
Nla3swyWCkGZxRiGopbzu90LbklTsNfMRQVEZySmPkIGC9XFiJ9wz4nWROF6e/JI
+SqgUYJ/LYyj5h2ZmlT7H9QJb+xQVFvPKMHSBKoZfnp6R02bubP+Asbp+DEwCTsg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org