Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/YlnBQapElW7sIP-ZIw41KWIJBdU.roa
File:                     YlnBQapElW7sIP-ZIw41KWIJBdU.roa (raw, json)
Hash identifier:          YQq032ZML0TncymdlmjCQV2eY+XHXkDwpLZTy46O+Mo=
Subject key identifier:   62:59:C1:41:AA:44:95:6E:EC:20:FF:99:23:0E:35:29:62:09:05:D5
Certificate issuer:       /CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Certificate serial:       1A04B7
Authority key identifier: E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/YlnBQapElW7sIP-ZIw41KWIJBdU.roa
Signing time:             Tue 15 Mar 2022 16:23:41 +0000
ROA not before:           Tue 15 Mar 2022 16:23:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49910
IP address blocks:        2a12:9940::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1705143 (0x1a04b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4ff5bbf540c65954b9913a68c24d174de97d829
        Validity
            Not Before: Mar 15 16:23:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6259c141aa44956eec20ff99230e3529620905d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4b:b8:a0:4b:59:22:a3:fc:2f:93:46:e5:e0:
                    01:fa:c7:d3:f1:07:88:fb:88:7f:61:73:0a:6d:66:
                    79:56:17:a2:49:36:62:3f:ca:86:2a:3e:fa:ef:f8:
                    ec:18:72:10:5e:02:61:d8:cb:a9:06:63:3e:fd:7a:
                    1d:9e:e1:16:64:2d:3d:a4:c9:0e:22:c9:a0:3d:3b:
                    42:e4:57:13:08:29:2a:9d:89:36:28:17:9a:e4:18:
                    51:47:e0:d6:f4:2e:ea:bc:ee:9e:db:a3:4c:6b:e8:
                    51:0a:36:3a:a7:40:61:c5:62:29:53:aa:b0:8f:60:
                    f8:22:8a:d9:45:c0:83:22:17:df:f5:cf:cf:bc:84:
                    09:7f:0e:16:5f:ae:da:af:b9:73:f1:35:c2:15:d5:
                    0f:a3:7d:9d:2b:29:14:70:eb:02:d9:fa:89:e7:d1:
                    7a:dc:e4:43:93:e4:c7:cf:6a:df:f7:8a:f2:78:73:
                    eb:86:f5:15:c9:c9:a3:35:2f:f9:51:18:b0:93:a7:
                    26:4d:ed:e7:db:75:ae:6e:59:de:da:a9:de:bf:c4:
                    c7:b5:24:c0:a4:e0:ba:e9:ed:3b:9c:ab:a8:49:ba:
                    db:5c:12:4b:35:29:16:01:43:f7:04:b3:5c:62:75:
                    20:54:6c:b0:4c:46:96:bc:a8:18:53:18:74:d4:88:
                    e1:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:59:C1:41:AA:44:95:6E:EC:20:FF:99:23:0E:35:29:62:09:05:D5
            X509v3 Authority Key Identifier:
                keyid:E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/YlnBQapElW7sIP-ZIw41KWIJBdU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:9940::/29

    Signature Algorithm: sha256WithRSAEncryption
         53:cc:ec:13:18:0a:96:79:07:b0:bc:75:a9:45:43:fb:12:9f:
         a9:de:c9:98:f5:23:87:8f:cb:1e:d4:6a:37:03:87:8d:58:dd:
         b2:ea:59:f8:d5:37:bc:b1:44:18:90:18:d3:15:69:4b:ac:b5:
         b7:9d:c9:ba:59:46:c8:75:be:58:a2:5e:7e:4c:4c:2b:38:0a:
         dc:72:37:6d:bf:94:8e:f0:24:35:51:19:bd:d6:ad:67:08:c3:
         42:24:25:3b:91:8c:ac:2d:8d:71:55:9c:de:6e:09:fc:43:95:
         1f:5d:6d:fd:40:58:a4:72:83:47:f6:6a:3a:70:cd:46:c0:8e:
         39:f3:1b:42:39:26:13:fb:52:36:e3:bd:19:4a:3e:4d:01:85:
         9b:7f:f6:19:a3:ee:5c:5c:54:3d:26:62:33:a9:bf:97:78:84:
         6b:0f:fe:24:0f:bb:6d:51:22:d0:5d:67:dc:4e:72:a4:93:d8:
         db:1e:9d:c4:5a:75:06:62:14:1e:6e:2a:4b:02:99:74:ea:c7:
         c4:e8:2d:bc:ea:ee:36:b0:d4:ee:cf:4d:93:fb:2d:e5:6c:6a:
         a9:89:58:8f:e8:76:4a:48:9f:6d:84:bf:48:10:3a:3e:11:1f:
         df:27:ef:bd:47:e0:05:ae:c9:43:38:25:2a:79:2f:4c:91:8a:
         3a:79:fe:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDGgS3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
ZmY1YmJmNTQwYzY1OTU0Yjk5MTNhNjhjMjRkMTc0ZGU5N2Q4MjkwHhcNMjIwMzE1
MTYyMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MjU5YzE0MWFhNDQ5
NTZlZWMyMGZmOTkyMzBlMzUyOTYyMDkwNWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsku4oEtZIqP8L5NG5eAB+sfT8QeI+4h/YXMKbWZ5VheiSTZi
P8qGKj767/jsGHIQXgJh2MupBmM+/XodnuEWZC09pMkOIsmgPTtC5FcTCCkqnYk2
KBea5BhRR+DW9C7qvO6e26NMa+hRCjY6p0BhxWIpU6qwj2D4IorZRcCDIhff9c/P
vIQJfw4WX67ar7lz8TXCFdUPo32dKykUcOsC2fqJ59F63ORDk+THz2rf94ryeHPr
hvUVycmjNS/5URiwk6cmTe3n23Wublne2qnev8THtSTApOC66e07nKuoSbrbXBJL
NSkWAUP3BLNcYnUgVGywTEaWvKgYUxh01IjhnQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFGJZwUGqRJVu7CD/mSMONSliCQXVMB8GA1UdIwQYMBaAFOT/W79UDGWVS5kT
powk0XTel9gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUxLzEv
WWxuQlFhcEVsVzdzSVAtWkl3NDFLV0lKQmRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80
MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUxLzEvNVA5YnYxUU1aWlZM
bVJPbWpDVFJkTjZYMkNrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKZQDANBgkqhkiG9w0BAQsFAAOC
AQEAU8zsExgKlnkHsLx1qUVD+xKfqd7JmPUjh4/LHtRqNwOHjVjdsupZ+NU3vLFE
GJAY0xVpS6y1t53JullGyHW+WKJefkxMKzgK3HI3bb+UjvAkNVEZvdatZwjDQiQl
O5GMrC2NcVWc3m4J/EOVH11t/UBYpHKDR/ZqOnDNRsCOOfMbQjkmE/tSNuO9GUo+
TQGFm3/2GaPuXFxUPSZiM6m/l3iEaw/+JA+7bVEi0F1n3E5ypJPY2x6dxFp1BmIU
Hm4qSwKZdOrHxOgtvOruNrDU7s9Nk/st5WxqqYlYj+h2SkifbYS/SBA6PhEf3yfv
vUfgBa7JQzglKnkvTJGKOnn+3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org