Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ozozsmu9LESNqs8ZYI3iLiHbgYo.roa
File:                     ozozsmu9LESNqs8ZYI3iLiHbgYo.roa (raw, json)
Hash identifier:          GN8cJBvzomNHDiebbZnz0sj9blmt3GVC7iKf0YXl+tk=
Subject key identifier:   A3:3A:33:B2:6B:BD:2C:44:8D:AA:CF:19:60:8D:E2:2E:21:DB:81:8A
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       848EFD
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ozozsmu9LESNqs8ZYI3iLiHbgYo.roa
Signing time:             Wed 09 Mar 2022 17:30:32 +0000
ROA not before:           Wed 09 Mar 2022 17:30:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2109768
IP address blocks:        2a12:5844:1212::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8687357 (0x848efd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Mar  9 17:30:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a33a33b26bbd2c448daacf19608de22e21db818a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a7:8a:cd:85:c8:71:4b:7f:76:e6:87:18:5d:
                    7d:ca:2c:7e:04:18:3a:dc:9c:fe:44:cd:f0:bf:24:
                    ab:07:7b:1b:30:08:d7:fc:21:e5:0a:05:50:ff:87:
                    1d:7a:e3:ae:25:cf:83:f4:48:b4:e8:85:d4:84:e0:
                    82:dc:0f:6d:d2:90:59:f6:e2:2f:53:0d:5a:56:fa:
                    c7:6a:ed:ca:75:c4:ac:b7:eb:fc:1f:f0:9d:a5:b6:
                    44:d3:0f:de:28:ed:96:75:e7:46:b3:5f:af:f7:1a:
                    8a:ec:bc:d0:5e:e9:37:60:03:8c:ae:a4:48:42:c8:
                    a3:c3:9f:a8:fb:29:64:14:6a:78:6e:22:3e:ca:f5:
                    1d:46:fc:59:21:87:0b:89:28:07:c3:0f:bf:a3:70:
                    32:0f:f1:22:fd:d0:bd:6c:c6:c4:60:2d:f8:79:ce:
                    3a:42:4b:c5:5c:c2:74:73:50:04:74:2f:ba:01:3b:
                    e5:5b:a7:a3:04:d6:22:91:89:aa:b2:e8:eb:11:5c:
                    24:3e:46:55:1e:06:72:52:21:f8:f5:ec:82:a3:ea:
                    78:76:83:42:0d:5d:86:7c:7b:99:4e:4f:97:1b:90:
                    dc:01:ab:1c:c3:c4:5a:1e:c8:33:99:3a:83:6d:f5:
                    f9:6a:ba:bd:ed:67:af:ab:92:15:f3:9c:bf:77:35:
                    92:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:3A:33:B2:6B:BD:2C:44:8D:AA:CF:19:60:8D:E2:2E:21:DB:81:8A
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/ozozsmu9LESNqs8ZYI3iLiHbgYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5844:1212::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:11:a2:fa:c4:a6:42:6f:bb:14:e3:00:4d:88:64:d4:dd:65:
         2a:cd:4c:e5:1c:81:30:62:71:98:c3:41:d3:9d:64:84:d7:df:
         2b:b3:4a:84:44:42:b2:f8:d3:64:f4:3f:e5:1c:82:fe:ef:9c:
         a8:a6:2b:cc:ba:67:12:1e:ac:ca:0f:a0:95:7c:05:1b:d8:cc:
         15:63:ed:82:88:86:ab:d5:e7:26:59:94:6f:9d:6f:c0:a5:65:
         e4:41:97:13:9c:1f:7d:f7:e9:2c:d4:a6:2c:a1:60:8a:87:4f:
         7b:9c:58:0b:1d:81:14:14:32:ff:84:7d:17:df:ec:e9:af:54:
         29:ee:3a:fe:9f:c0:59:ca:01:b2:48:72:11:e6:19:48:1a:51:
         21:ee:ff:1e:e0:29:90:d4:af:64:64:f4:90:fc:31:59:7d:fc:
         ed:8e:2f:3d:a4:6e:20:7d:a5:65:8a:e2:b1:2a:8f:96:85:c1:
         b3:d4:4b:38:20:99:a7:f3:7d:d3:8a:78:de:a9:88:f2:05:88:
         e8:08:25:dd:1a:86:2a:d4:ae:02:70:f5:d0:21:d7:9c:07:bd:
         6b:55:7f:77:95:de:66:75:82:25:f9:0f:8c:59:d1:5c:9a:2a:
         15:71:1b:0c:20:7d:1f:47:b0:13:e2:28:a0:ba:fd:da:f9:9c:
         fd:7b:5e:3a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAISO/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmMzZTAyN2QyZDFjMmQzNmQ3Yzk1NDg2NzIyNmM4M2I2NWViNTZmMB4XDTIyMDMw
OTE3MzAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMzYTMzYjI2YmJk
MmM0NDhkYWFjZjE5NjA4ZGUyMmUyMWRiODE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+nis2FyHFLf3bmhxhdfcosfgQYOtyc/kTN8L8kqwd7GzAI
1/wh5QoFUP+HHXrjriXPg/RItOiF1ITggtwPbdKQWfbiL1MNWlb6x2rtynXErLfr
/B/wnaW2RNMP3ijtlnXnRrNfr/caiuy80F7pN2ADjK6kSELIo8OfqPspZBRqeG4i
Psr1HUb8WSGHC4koB8MPv6NwMg/xIv3QvWzGxGAt+HnOOkJLxVzCdHNQBHQvugE7
5VunowTWIpGJqrLo6xFcJD5GVR4GclIh+PXsgqPqeHaDQg1dhnx7mU5PlxuQ3AGr
HMPEWh7IM5k6g231+Wq6ve1nr6uSFfOcv3c1ktECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSjOjOya70sRI2qzxlgjeIuIduBijAfBgNVHSMEGDAWgBT2w+An0tHC0218
lUhnImyDtl61bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlzUGdKOUxSd3ROdGZKVklaeUpzZzdaZXRXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8x
L296b3pzbXU5TEVTTnFzOFpZSTNpTGlIYmdZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8xLzlzUGdKOUxSd3RO
dGZKVklaeUpzZzdaZXRXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoSWEQSEjANBgkqhkiG9w0BAQsF
AAOCAQEApxGi+sSmQm+7FOMATYhk1N1lKs1M5RyBMGJxmMNB051khNffK7NKhERC
svjTZPQ/5RyC/u+cqKYrzLpnEh6syg+glXwFG9jMFWPtgoiGq9XnJlmUb51vwKVl
5EGXE5wffffpLNSmLKFgiodPe5xYCx2BFBQy/4R9F9/s6a9UKe46/p/AWcoBskhy
EeYZSBpRIe7/HuApkNSvZGT0kPwxWX387Y4vPaRuIH2lZYrisSqPloXBs9RLOCCZ
p/N904p43qmI8gWI6Agl3RqGKtSuAnD10CHXnAe9a1V/d5XeZnWCJfkPjFnRXJoq
FXEbDCB9H0ewE+IooLr92vmc/XteOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org