Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa
File:                     Jrvfis7zaox-yWBwcwpm5mx_kuA.roa (raw, json)
Hash identifier:          mCFjT6/97MqN2aJuCLmCN47ke/pogkhXEf3IICf0EL8=
Subject key identifier:   26:BB:DF:8A:CE:F3:6A:8C:7E:C9:60:70:73:0A:66:E6:6C:7F:92:E0
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       0182A1F4DBB3C2030B857D4B3549DF35590E
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa
Signing time:             Mon 15 Aug 2022 14:42:35 +0000
ROA not before:           Mon 15 Aug 2022 14:42:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209768
IP address blocks:        176.105.246.0/24 maxlen: 24
                          2a12:5844:1212::/48 maxlen: 48
                          2a12:5840:1f2::/48 maxlen: 48
                          2a12:5844:100::/48 maxlen: 48
                          2a12:5840:1f0::/48 maxlen: 48
                          2a12:5840:2111::/48 maxlen: 48
                          2a12:5840:1f1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a1:f4:db:b3:c2:03:0b:85:7d:4b:35:49:df:35:59:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Aug 15 14:42:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=26bbdf8acef36a8c7ec96070730a66e66c7f92e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:73:30:15:3b:36:9b:aa:0a:b6:0b:e5:86:fa:
                    9c:54:46:1b:cf:39:81:30:32:7c:c1:da:2c:68:5b:
                    29:26:b5:cb:04:e9:20:8f:e9:ee:48:86:e6:1c:1e:
                    52:3c:19:0b:5b:25:4d:aa:f4:2d:e8:39:52:b2:e9:
                    c4:a2:a7:89:ab:52:58:e5:8f:6d:fe:2c:ad:e8:12:
                    73:da:e7:25:0d:2f:2e:a2:b5:09:99:64:65:14:77:
                    4d:f9:0d:c3:dc:93:28:44:6e:74:f1:95:ec:84:82:
                    53:9c:8b:0a:2c:de:51:67:9b:82:27:05:60:0b:4d:
                    fc:ab:c4:65:c6:b4:ef:c1:94:52:e6:15:53:e8:c8:
                    44:7f:c1:bc:a5:ea:f3:e6:ad:3d:02:c6:76:f8:9f:
                    33:aa:63:ff:b6:6e:af:af:24:71:6a:78:84:f3:7a:
                    0a:6e:b5:63:0a:dc:c8:fd:be:91:80:24:af:7f:21:
                    fd:dd:2a:7f:aa:eb:94:3a:17:6d:ef:13:40:9b:56:
                    15:6c:49:d7:c5:74:e3:70:0f:a4:b4:19:86:14:43:
                    7a:2a:8a:b4:8c:77:a8:85:b6:51:79:8c:98:88:62:
                    ef:e8:73:21:da:cb:44:f3:05:51:bd:73:74:51:94:
                    0d:a4:02:e5:73:e0:71:7f:f8:71:fc:26:3c:f1:10:
                    bb:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:BB:DF:8A:CE:F3:6A:8C:7E:C9:60:70:73:0A:66:E6:6C:7F:92:E0
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/Jrvfis7zaox-yWBwcwpm5mx_kuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.246.0/24
                IPv6:
                  2a12:5840:1f0::-2a12:5840:1f2:ffff:ffff:ffff:ffff:ffff
                  2a12:5840:2111::/48
                  2a12:5844:100::/48
                  2a12:5844:1212::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:19:8f:85:cc:56:a6:fa:bd:31:f8:cd:29:fa:b0:03:86:c4:
         1a:ac:27:1a:78:38:50:a8:19:32:b3:53:40:f1:f0:75:6d:d7:
         d9:56:d6:ba:c8:79:59:92:4e:c1:6b:ea:43:42:d7:a4:33:88:
         1e:42:7e:15:bc:6b:53:82:7e:cd:d3:4a:ee:0a:fd:8c:a8:fa:
         16:b0:9d:80:fc:f9:61:67:72:8a:47:24:30:ad:44:6a:df:9f:
         30:07:bf:40:79:fa:95:a7:28:7f:43:08:9d:42:b1:b9:a2:a6:
         83:83:bd:3b:ec:93:73:1d:56:58:fb:68:8e:27:f1:31:65:2b:
         7a:5c:22:5a:e5:51:86:5a:af:3b:60:24:a9:16:85:f4:96:f7:
         d1:43:4e:6f:79:4a:ab:6e:50:c4:9a:56:49:86:24:e6:b7:ba:
         5a:c6:d8:c9:52:72:70:64:0a:23:4d:77:9f:b4:fe:b5:28:2e:
         94:8a:4b:14:0b:a8:57:01:a1:37:ce:69:65:3d:49:5b:db:72:
         5e:15:96:cc:66:23:24:7c:6e:4c:94:97:90:b3:6b:7f:91:42:
         e4:9b:c6:20:57:9d:19:f7:c0:bc:6f:95:46:3f:d5:47:7f:44:
         a3:2e:4a:ed:04:61:43:74:c4:0f:0a:b8:58:ed:f9:27:33:1b:
         2a:94:99:ab
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYKh9NuzwgMLhX1LNUnfNVkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1
ZWI1NmYwHhcNMjIwODE1MTQ0MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmJiZGY4YWNlZjM2YThjN2VjOTYwNzA3MzBhNjZlNjZjN2Y5MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHMwFTs2m6oKtgvlhvqcVEYbzzmB
MDJ8wdosaFspJrXLBOkgj+nuSIbmHB5SPBkLWyVNqvQt6DlSsunEoqeJq1JY5Y9t
/iyt6BJz2uclDS8uorUJmWRlFHdN+Q3D3JMoRG508ZXshIJTnIsKLN5RZ5uCJwVg
C038q8RlxrTvwZRS5hVT6MhEf8G8perz5q09AsZ2+J8zqmP/tm6vryRxaniE83oK
brVjCtzI/b6RgCSvfyH93Sp/quuUOhdt7xNAm1YVbEnXxXTjcA+ktBmGFEN6Koq0
jHeohbZReYyYiGLv6HMh2stE8wVRvXN0UZQNpALlc+Bxf/hx/CY88RC7fQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFCa734rO82qMfslgcHMKZuZsf5LgMB8GA1UdIwQY
MBaAFPbD4CfS0cLTbXyVSGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUt
MzU2YzRkN2JiNDUyLzEvSnJ2ZmlzN3phb3gteVdCd2N3cG01bXhfa3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUy
LzEvOXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAMBAIAATAGAwQAsGn2MDUE
AgACMC8wEgMHBCoSWEAB8AMHACoSWEAB8gMHACoSWEAhEQMHACoSWEQBAAMHACoS
WEQSEjANBgkqhkiG9w0BAQsFAAOCAQEADxmPhcxWpvq9MfjNKfqwA4bEGqwnGng4
UKgZMrNTQPHwdW3X2VbWush5WZJOwWvqQ0LXpDOIHkJ+FbxrU4J+zdNK7gr9jKj6
FrCdgPz5YWdyikckMK1Eat+fMAe/QHn6lacof0MInUKxuaKmg4O9O+yTcx1WWPto
jifxMWUrelwiWuVRhlqvO2AkqRaF9Jb30UNOb3lKq25QxJpWSYYk5re6WsbYyVJy
cGQKI013n7T+tSgulIpLFAuoVwGhN85pZT1JW9tyXhWWzGYjJHxuTJSXkLNrf5FC
5JvGIFedGffAvG+VRj/VR39Eoy5K7QRhQ3TEDwq4WO35JzMbKpSZqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org