Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Rt5z5pjL-PNzgo3vkzFIQtyt0FY.roa
File:                     Rt5z5pjL-PNzgo3vkzFIQtyt0FY.roa (raw, json)
Hash identifier:          UhURyda827dY0EWjT3CWqr5bSlIWBVEFnivDgVPrjQ8=
Subject key identifier:   46:DE:73:E6:98:CB:F8:F3:73:82:8D:EF:93:31:48:42:DC:AD:D0:56
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       01839E1B3CB45A9F9FB73358375244DCE839
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Rt5z5pjL-PNzgo3vkzFIQtyt0FY.roa
Signing time:             Mon 03 Oct 2022 13:48:48 +0000
ROA not before:           Mon 03 Oct 2022 13:48:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57097
IP address blocks:        2a12:8fc6:300::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:9e:1b:3c:b4:5a:9f:9f:b7:33:58:37:52:44:dc:e8:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Oct  3 13:48:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=46de73e698cbf8f373828def93314842dcadd056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4f:d8:2a:fa:0c:fa:ae:9f:b3:f7:82:9f:76:
                    59:fa:2c:fa:59:b3:d4:0c:b7:d1:7e:69:0b:64:62:
                    1e:53:2b:9f:57:bc:36:b5:52:91:29:86:24:68:d0:
                    ab:a6:1a:9d:c4:52:c6:35:86:99:70:57:5d:59:0e:
                    41:34:4d:b5:ea:c9:25:f6:73:83:4f:f8:7f:f7:cb:
                    2d:4a:7b:47:a8:f7:96:02:f2:af:0a:69:ad:8f:c1:
                    02:a1:18:83:3c:70:5d:a8:19:f1:6c:f1:ce:ca:d5:
                    86:82:6b:5f:33:f8:72:20:dd:c9:9d:0d:bb:32:73:
                    be:f2:dd:ee:6a:21:8a:4a:33:e9:df:04:7c:c9:0c:
                    a0:ad:8a:4c:63:23:7f:dd:e5:49:5f:39:4f:84:f8:
                    76:4e:60:b3:1b:11:33:ed:ec:23:56:07:e1:f9:71:
                    00:09:86:fd:6a:c9:03:41:47:44:56:c6:11:88:fd:
                    c4:95:af:c3:ec:40:75:76:18:44:3c:77:ab:40:e9:
                    21:f2:f4:e5:f8:b6:16:fa:a8:4c:0f:74:77:df:e1:
                    99:2d:f3:ab:97:19:90:c0:34:cb:75:36:07:f4:f2:
                    e7:e1:76:c8:52:d6:ea:c0:f5:af:7a:3e:a2:c0:30:
                    1d:a3:fb:fc:37:85:5c:90:78:fe:cf:d5:ba:2c:f4:
                    a4:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:DE:73:E6:98:CB:F8:F3:73:82:8D:EF:93:31:48:42:DC:AD:D0:56
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Rt5z5pjL-PNzgo3vkzFIQtyt0FY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6:300::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:ac:ef:9d:74:1f:57:dd:3a:65:37:1e:7a:5b:50:5a:cc:0f:
         58:bb:6b:23:dc:04:61:2c:3a:77:d0:b3:bc:e4:4d:30:b8:67:
         9d:66:28:5d:4c:1b:2f:ad:56:5a:08:80:7a:fe:72:fe:e1:2f:
         c4:9b:f0:bd:48:ce:25:99:cc:9f:f1:38:b7:16:0b:6f:f8:68:
         74:f6:1d:20:96:f1:08:16:72:c0:51:92:3c:98:f0:50:15:c4:
         d9:65:1f:c9:c7:5f:b7:14:7f:80:8d:36:6e:c8:f7:23:f9:9f:
         88:3b:13:33:b4:90:cd:9a:fb:ac:2b:2b:85:ac:c5:e5:dc:4a:
         ba:77:17:a4:43:d1:20:3e:d2:c2:de:c5:02:92:f8:94:25:64:
         63:5c:e2:b2:d7:1e:fe:f2:7d:9c:87:00:a2:cf:9d:71:20:0e:
         54:e0:df:51:30:af:47:77:01:28:bc:f0:4b:43:6c:47:78:e0:
         a0:20:44:02:85:08:09:14:6b:bd:6f:3e:58:32:04:37:f9:46:
         f1:b2:40:c9:07:c4:af:aa:19:d3:61:b4:22:28:77:98:2e:c7:
         12:a4:53:a7:18:91:d8:ea:1c:67:e4:17:22:c2:e3:da:e1:9f:
         89:2a:30:01:c4:ff:c3:00:b5:92:6a:7e:5f:e9:ca:d5:d2:d9:
         dc:47:be:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYOeGzy0Wp+ftzNYN1JE3Og5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIxMDAzMTM0ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmRlNzNlNjk4Y2JmOGYzNzM4MjhkZWY5MzMxNDg0MmRjYWRkMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk/YKvoM+q6fs/eCn3ZZ+iz6WbPU
DLfRfmkLZGIeUyufV7w2tVKRKYYkaNCrphqdxFLGNYaZcFddWQ5BNE216skl9nOD
T/h/98stSntHqPeWAvKvCmmtj8ECoRiDPHBdqBnxbPHOytWGgmtfM/hyIN3JnQ27
MnO+8t3uaiGKSjPp3wR8yQygrYpMYyN/3eVJXzlPhPh2TmCzGxEz7ewjVgfh+XEA
CYb9askDQUdEVsYRiP3Ela/D7EB1dhhEPHerQOkh8vTl+LYW+qhMD3R33+GZLfOr
lxmQwDTLdTYH9PLn4XbIUtbqwPWvej6iwDAdo/v8N4VckHj+z9W6LPSk0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEbec+aYy/jzc4KN75MxSELcrdBWMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvUnQ1ejVwakwtUE56Z28zdmt6RklRdHl0MEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgMA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFrO+ddB9X3TplNx56W1BazA9Yu2sj3ARhLDp3
0LO85E0wuGedZihdTBsvrVZaCIB6/nL+4S/Em/C9SM4lmcyf8Ti3Fgtv+Gh09h0g
lvEIFnLAUZI8mPBQFcTZZR/Jx1+3FH+AjTZuyPcj+Z+IOxMztJDNmvusKyuFrMXl
3Eq6dxekQ9EgPtLC3sUCkviUJWRjXOKy1x7+8n2chwCiz51xIA5U4N9RMK9HdwEo
vPBLQ2xHeOCgIEQChQgJFGu9bz5YMgQ3+UbxskDJB8SvqhnTYbQiKHeYLscSpFOn
GJHY6hxn5BciwuPa4Z+JKjABxP/DALWSan5f6crV0tncR76Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org