Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/D284X-559r0LVKAJ55p1vDxaeGE.roa
File:                     D284X-559r0LVKAJ55p1vDxaeGE.roa (raw, json)
Hash identifier:          3HeM+byPVWVtqqY5yHPt30f59U/QBFkLuasV5aAmPP0=
Subject key identifier:   0F:6F:38:5F:EE:79:F6:BD:0B:54:A0:09:E7:9A:75:BC:3C:5A:78:61
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       873BD3
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/D284X-559r0LVKAJ55p1vDxaeGE.roa
Signing time:             Thu 10 Mar 2022 05:55:39 +0000
ROA not before:           Thu 10 Mar 2022 05:55:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210926
IP address blocks:        2a12:5844:1111::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8862675 (0x873bd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Mar 10 05:55:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0f6f385fee79f6bd0b54a009e79a75bc3c5a7861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a9:60:9e:dd:5e:e8:2d:3f:9c:8d:df:73:ab:
                    3c:81:55:47:0c:65:47:30:71:a0:14:b3:49:cc:8a:
                    c7:b9:5e:66:b7:d8:b3:0a:cb:fb:ef:94:c2:81:ee:
                    bc:79:ce:ef:f9:67:8a:a2:b6:e4:3b:ec:2a:4c:4c:
                    2c:de:c9:9e:ba:c1:2f:e9:de:ca:28:28:2d:2f:93:
                    7e:c5:62:92:fb:87:5a:d5:0f:e2:eb:62:41:ca:73:
                    d7:07:28:ac:8d:05:3b:55:bb:9b:eb:c9:0f:fc:c1:
                    42:2e:3a:9b:4d:f0:00:cb:60:81:58:8e:a4:96:4c:
                    41:ee:b7:78:25:cf:f0:9b:d7:75:60:ee:87:b3:4e:
                    83:a7:43:ff:4c:b7:1e:fc:f8:14:a8:3f:af:2d:2f:
                    95:84:75:4d:d6:50:53:9a:d6:1e:31:1d:d9:1c:60:
                    6e:a8:02:0a:2f:bc:88:8a:9a:5c:37:fa:73:e7:1c:
                    04:90:be:ef:53:0a:ca:e2:be:f4:bf:92:bf:5b:0a:
                    12:56:31:5d:57:c6:0c:68:06:99:1d:85:33:b5:16:
                    1d:0d:fe:35:4a:44:d6:9a:e0:dc:07:a0:4f:e0:0e:
                    1e:28:de:b6:ed:e1:16:d8:64:c6:e1:d4:ef:12:eb:
                    2b:6d:ed:9d:2e:ca:a5:af:56:b0:23:af:11:c4:ea:
                    8d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6F:38:5F:EE:79:F6:BD:0B:54:A0:09:E7:9A:75:BC:3C:5A:78:61
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/D284X-559r0LVKAJ55p1vDxaeGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5844:1111::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:8e:c1:81:25:7a:f7:33:5c:0c:51:e7:0f:11:14:a4:5e:65:
         20:76:69:80:86:c7:47:01:43:07:2f:1b:ef:35:46:71:61:62:
         80:31:0c:2f:78:30:1a:97:49:bd:da:48:f0:07:7a:a0:d3:39:
         2c:11:09:4e:21:81:e1:1d:f5:df:81:67:ff:b2:2a:63:a7:43:
         b1:4d:7c:5f:50:97:14:40:f1:04:9f:ee:c9:2d:6a:22:b5:d7:
         da:5e:5a:90:cc:9b:fa:df:16:49:9d:0c:86:10:ee:2c:59:6c:
         5a:11:a9:18:e9:aa:f3:ba:69:46:be:2f:a7:4f:e4:de:68:1d:
         1a:7d:e3:f3:de:84:7b:25:7e:b5:57:23:0d:bd:aa:7e:96:6d:
         50:93:b4:92:df:e7:fd:a9:a9:2e:6a:eb:1d:f6:f7:93:5a:02:
         4a:c3:de:57:90:4d:3f:01:b9:33:ac:20:fd:97:19:13:84:51:
         89:88:3d:64:c5:91:78:db:98:b3:4c:9c:1c:a0:40:d1:29:37:
         c7:f9:27:71:da:07:9b:cf:b6:ef:13:85:06:1a:30:b7:f9:7c:
         b0:19:3a:bd:0b:c7:2f:10:27:88:ab:82:98:f7:af:26:0b:19:
         b0:c4:3b:83:f2:45:a8:4a:8f:d8:1b:a9:bd:ef:39:fc:d7:7d:
         03:df:1c:b3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAIc70zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmMzZTAyN2QyZDFjMmQzNmQ3Yzk1NDg2NzIyNmM4M2I2NWViNTZmMB4XDTIyMDMx
MDA1NTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY2ZjM4NWZlZTc5
ZjZiZDBiNTRhMDA5ZTc5YTc1YmMzYzVhNzg2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJepYJ7dXugtP5yN33OrPIFVRwxlRzBxoBSzScyKx7leZrfY
swrL+++UwoHuvHnO7/lniqK25DvsKkxMLN7JnrrBL+neyigoLS+TfsVikvuHWtUP
4utiQcpz1wcorI0FO1W7m+vJD/zBQi46m03wAMtggViOpJZMQe63eCXP8JvXdWDu
h7NOg6dD/0y3Hvz4FKg/ry0vlYR1TdZQU5rWHjEd2RxgbqgCCi+8iIqaXDf6c+cc
BJC+71MKyuK+9L+Sv1sKElYxXVfGDGgGmR2FM7UWHQ3+NUpE1prg3AegT+AOHije
tu3hFthkxuHU7xLrK23tnS7Kpa9WsCOvEcTqjZkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQPbzhf7nn2vQtUoAnnmnW8PFp4YTAfBgNVHSMEGDAWgBT2w+An0tHC0218
lUhnImyDtl61bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlzUGdKOUxSd3ROdGZKVklaeUpzZzdaZXRXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8x
L0QyODRYLTU1OXIwTFZLQUo1NXAxdkR4YWVHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8xLzlzUGdKOUxSd3RO
dGZKVklaeUpzZzdaZXRXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoSWEQRETANBgkqhkiG9w0BAQsF
AAOCAQEAho7BgSV69zNcDFHnDxEUpF5lIHZpgIbHRwFDBy8b7zVGcWFigDEML3gw
GpdJvdpI8Ad6oNM5LBEJTiGB4R3134Fn/7IqY6dDsU18X1CXFEDxBJ/uyS1qIrXX
2l5akMyb+t8WSZ0MhhDuLFlsWhGpGOmq87ppRr4vp0/k3mgdGn3j896EeyV+tVcj
Db2qfpZtUJO0kt/n/ampLmrrHfb3k1oCSsPeV5BNPwG5M6wg/ZcZE4RRiYg9ZMWR
eNuYs0ycHKBA0Sk3x/kncdoHm8+27xOFBhowt/l8sBk6vQvHLxAniKuCmPevJgsZ
sMQ7g/JFqEqP2Bupve85/Nd9A98csw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org