Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/qTDTn0IN-Pm8YpDHZb71A8f5mno.roa
File:                     qTDTn0IN-Pm8YpDHZb71A8f5mno.roa (raw, json)
Hash identifier:          uU/RxWq3ja4Ro1rIxNIQtVC46yvEsqz8qu7fQPmAbmc=
Subject key identifier:   A9:30:D3:9F:42:0D:F8:F9:BC:62:90:C7:65:BE:F5:03:C7:F9:9A:7A
Certificate issuer:       /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial:       88DFA8
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/qTDTn0IN-Pm8YpDHZb71A8f5mno.roa
Signing time:             Thu 10 Mar 2022 21:38:35 +0000
ROA not before:           Thu 10 Mar 2022 21:38:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209768
IP address blocks:        2a12:5844:1212::/48 maxlen: 48
                          2a12:5840:1f2::/48 maxlen: 48
                          2a12:5840:1f0::/48 maxlen: 48
                          2a12:5844::/30 maxlen: 30
                          2a12:5844:1111::/48 maxlen: 48
                          2a12:5840:1f1::/48 maxlen: 48
                          2a12:5840:2111::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8970152 (0x88dfa8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
        Validity
            Not Before: Mar 10 21:38:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a930d39f420df8f9bc6290c765bef503c7f99a7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c1:c2:88:5c:af:4f:58:f1:3b:04:36:60:13:
                    29:c6:27:3f:96:62:e2:23:71:1f:db:aa:f1:8d:c6:
                    7a:63:0a:ab:77:6a:b2:dd:59:5e:11:29:1f:02:3f:
                    6c:ad:15:45:b0:c9:09:72:0a:b2:2c:ae:de:0c:ab:
                    07:b9:ae:c2:40:9f:80:f3:88:e9:eb:ff:be:f9:0c:
                    4e:3d:da:29:ba:3e:9c:3a:f5:83:9a:c7:01:fd:35:
                    ba:86:05:99:18:d7:6a:76:fd:57:f6:e2:c9:84:6b:
                    b0:cd:21:2a:de:4f:a3:d7:9b:51:55:cc:be:70:ce:
                    2c:5d:f9:68:b8:05:02:5f:93:37:7b:8e:d0:4b:c3:
                    36:af:e2:2f:21:d7:13:0f:06:26:25:7a:a5:bf:84:
                    7c:36:33:6a:c8:84:9b:5a:f6:26:41:02:60:b6:3e:
                    86:df:da:75:50:8b:5e:5d:d7:3f:e3:d2:4a:31:84:
                    bf:61:61:b2:d0:75:a6:1f:32:9f:b4:9b:6f:a7:7f:
                    97:c1:e4:92:57:c6:63:c3:46:c0:24:09:44:34:da:
                    7c:d4:ed:3c:32:e6:f6:c6:9d:4b:e6:17:ad:c7:95:
                    f2:d6:30:67:15:0f:82:9f:ff:25:ce:c8:e5:48:8a:
                    e2:ef:30:0c:ac:c3:3e:fc:f6:6f:35:1d:9d:88:dd:
                    69:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:30:D3:9F:42:0D:F8:F9:BC:62:90:C7:65:BE:F5:03:C7:F9:9A:7A
            X509v3 Authority Key Identifier:
                keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/qTDTn0IN-Pm8YpDHZb71A8f5mno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5840:1f0::-2a12:5840:1f2:ffff:ffff:ffff:ffff:ffff
                  2a12:5840:2111::/48
                  2a12:5844::/30

    Signature Algorithm: sha256WithRSAEncryption
         68:e7:93:ca:b2:79:8e:41:a5:8e:71:70:39:4e:a1:a4:31:04:
         c9:0f:54:55:7f:4d:03:7f:7d:98:02:cd:8d:a5:5c:90:f2:5d:
         3f:78:5c:7e:e0:c5:1a:29:3c:4c:c7:a7:93:88:79:d0:46:b5:
         54:83:43:c2:8f:75:0a:ed:da:f9:e3:56:73:f2:68:df:f8:88:
         8a:e1:ab:7d:6d:23:a9:b5:3e:a1:85:9a:ee:82:9e:fc:dc:51:
         38:bd:2e:a3:65:f1:f5:06:08:04:f1:fd:2c:18:d4:2e:55:38:
         81:f1:3c:7e:84:37:74:f5:15:2a:8c:bc:b2:37:01:58:a6:81:
         e2:38:2d:f1:60:6e:d0:f2:c7:98:17:a8:79:c7:3a:0c:99:96:
         71:01:af:bc:85:23:d9:ec:9f:48:f1:2d:f3:80:41:93:46:45:
         4a:d4:83:bb:5c:20:71:2b:b9:6e:9b:89:9c:0f:04:57:c8:f6:
         b1:13:a4:7a:a1:18:67:e1:d1:f0:fc:aa:65:b6:a6:1a:4c:4b:
         c8:56:33:79:24:14:94:43:ac:5d:3a:0a:7e:d3:a5:2f:d3:bd:
         83:b2:17:b8:2b:b5:e7:60:f9:35:8a:e3:b4:98:c2:68:33:f0:
         5f:05:ab:b6:03:b0:ca:71:8c:59:47:63:ee:cc:68:6d:d6:6b:
         29:e3:ca:25
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAIjfqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmMzZTAyN2QyZDFjMmQzNmQ3Yzk1NDg2NzIyNmM4M2I2NWViNTZmMB4XDTIyMDMx
MDIxMzgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkzMGQzOWY0MjBk
ZjhmOWJjNjI5MGM3NjViZWY1MDNjN2Y5OWE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzBwohcr09Y8TsENmATKcYnP5Zi4iNxH9uq8Y3GemMKq3dq
st1ZXhEpHwI/bK0VRbDJCXIKsiyu3gyrB7muwkCfgPOI6ev/vvkMTj3aKbo+nDr1
g5rHAf01uoYFmRjXanb9V/biyYRrsM0hKt5Po9ebUVXMvnDOLF35aLgFAl+TN3uO
0EvDNq/iLyHXEw8GJiV6pb+EfDYzasiEm1r2JkECYLY+ht/adVCLXl3XP+PSSjGE
v2FhstB1ph8yn7Sbb6d/l8HkklfGY8NGwCQJRDTafNTtPDLm9sadS+YXrceV8tYw
ZxUPgp//Jc7I5UiK4u8wDKzDPvz2bzUdnYjdaYMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSpMNOfQg34+bxikMdlvvUDx/maejAfBgNVHSMEGDAWgBT2w+An0tHC0218
lUhnImyDtl61bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlzUGdKOUxSd3ROdGZKVklaeUpzZzdaZXRXOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8x
L3FURFRuMElOLVBtOFlwREhaYjcxQThmNW1uby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MmIyODc4LTViNzktNDBmNy1iNGI1LTM1NmM0ZDdiYjQ1Mi8xLzlzUGdKOUxSd3RO
dGZKVklaeUpzZzdaZXRXOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJDASAwcEKhJYQAHwAwcAKhJYQAHyAwcA
KhJYQCERAwUCKhJYRDANBgkqhkiG9w0BAQsFAAOCAQEAaOeTyrJ5jkGljnFwOU6h
pDEEyQ9UVX9NA399mALNjaVckPJdP3hcfuDFGik8TMenk4h50Ea1VINDwo91Cu3a
+eNWc/Jo3/iIiuGrfW0jqbU+oYWa7oKe/NxROL0uo2Xx9QYIBPH9LBjULlU4gfE8
foQ3dPUVKoy8sjcBWKaB4jgt8WBu0PLHmBeoecc6DJmWcQGvvIUj2eyfSPEt84BB
k0ZFStSDu1wgcSu5bpuJnA8EV8j2sROkeqEYZ+HR8PyqZbamGkxLyFYzeSQUlEOs
XToKftOlL9O9g7IXuCu152D5NYrjtJjCaDPwXwWrtgOwynGMWUdj7sxobdZrKePK
JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org