Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Yt_xjHvlPCZ2cKI3UFE5XXRB60Q.roa
File:                     Yt_xjHvlPCZ2cKI3UFE5XXRB60Q.roa (raw, json)
Hash identifier:          UAEvQ0ZSS2s9CxpyVgETFAgDgQi+0ADIiGfOgtxDZDk=
Subject key identifier:   62:DF:F1:8C:7B:E5:3C:26:76:70:A2:37:50:51:39:5D:74:41:EB:44
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       0183A723D0B51174A6CA8B89B546B5D2D719
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Yt_xjHvlPCZ2cKI3UFE5XXRB60Q.roa
Signing time:             Wed 05 Oct 2022 07:54:45 +0000
ROA not before:           Wed 05 Oct 2022 07:54:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34465
IP address blocks:        2a12:8fc6:ace2::/48 maxlen: 48
                          2a12:8fc6:ace1::/48 maxlen: 48
                          2a12:8fc6:cd01::/48 maxlen: 48
                          2a12:8fc6::/32 maxlen: 32
                          2a12:8fc6:ce00::/48 maxlen: 48
                          2a12:8fc6:cd00::/48 maxlen: 48
                          2a12:8fc6:faa0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a7:23:d0:b5:11:74:a6:ca:8b:89:b5:46:b5:d2:d7:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Oct  5 07:54:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62dff18c7be53c267670a2375051395d7441eb44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:08:8c:f8:ba:00:58:68:2a:dc:74:f4:c4:4f:
                    42:80:4f:a6:1b:c7:ce:d6:b2:14:e4:e0:ec:98:24:
                    12:f5:25:c6:58:78:a4:5b:76:ee:7e:35:ce:0b:65:
                    bf:fc:19:17:6b:54:b2:29:b6:9b:bc:61:d0:94:45:
                    d8:34:6e:ba:b3:87:9f:43:b8:57:ea:9a:6c:4d:29:
                    67:a8:76:1b:b7:e4:7b:1f:74:6e:63:a9:24:cb:71:
                    a6:5e:0e:01:8e:49:df:70:dc:56:fd:06:bd:37:ce:
                    c1:5c:0b:a2:3c:1c:d9:6f:fe:89:9a:23:84:e6:52:
                    ab:ea:8c:f6:67:14:02:ff:e6:9a:fe:27:f9:e9:64:
                    ae:9b:cd:42:ce:29:3d:ce:41:55:0d:82:86:3a:bf:
                    79:34:4c:89:5b:ee:a6:a9:7d:3a:fa:3c:6c:48:db:
                    32:b2:16:22:df:e3:92:24:26:bb:0c:66:c6:b6:ce:
                    6f:a5:5c:52:8a:79:46:d9:54:b2:1e:2f:bc:c4:95:
                    7c:4d:33:c2:28:d4:77:07:68:a2:3b:5e:68:12:08:
                    31:23:e7:f7:ea:0b:64:52:a4:1c:e9:ff:f9:7e:b0:
                    e9:8d:85:c8:c1:87:65:73:6f:a7:06:af:46:50:0b:
                    87:22:d9:ba:ad:3a:4b:43:91:f9:fc:a7:f7:d1:56:
                    b5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:DF:F1:8C:7B:E5:3C:26:76:70:A2:37:50:51:39:5D:74:41:EB:44
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Yt_xjHvlPCZ2cKI3UFE5XXRB60Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:81:9b:83:35:1b:fb:4b:13:1e:ab:2e:7e:b7:01:34:f5:9e:
         69:42:e2:0a:35:77:6b:32:99:1f:e3:8a:65:28:80:00:56:a5:
         7a:d6:11:0f:3f:74:4a:eb:6a:96:70:78:e9:c3:fc:c1:0e:71:
         7e:31:cf:7f:9a:c9:e0:9e:16:06:37:71:c7:44:dd:0b:73:79:
         b8:aa:e5:8d:63:ab:1f:fe:ea:27:c5:fe:51:66:47:75:e6:56:
         e2:9a:b4:73:79:22:c4:98:c4:66:71:14:55:90:82:af:8d:1b:
         0a:4e:29:ab:4f:e2:d8:8e:6a:b7:21:dc:7a:ca:d2:f5:c0:62:
         f7:58:d9:3b:e4:3f:a9:e8:9f:02:3b:16:68:47:61:10:ab:7b:
         8b:7b:0b:c3:c1:a6:55:a2:dc:f9:e3:5b:35:6c:1a:1f:6f:3c:
         37:69:a0:9e:7c:2c:77:d2:a0:12:86:58:f9:1b:64:8c:50:0c:
         9f:1d:30:a7:ff:59:54:29:c3:9a:de:54:40:32:b0:48:24:6e:
         21:a2:9f:f8:f4:85:0d:8b:19:d2:00:ac:6d:44:38:da:b3:ca:
         4e:8d:1f:f9:cd:17:f4:7d:4b:27:5c:54:30:c9:d2:c5:98:65:
         67:b8:04:48:dc:85:40:46:37:b8:3c:b3:4e:26:6d:b8:c7:07:
         d3:01:5f:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYOnI9C1EXSmyouJtUa10tcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIxMDA1MDc1NDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRmZjE4YzdiZTUzYzI2NzY3MGEyMzc1MDUxMzk1ZDc0NDFlYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwiM+LoAWGgq3HT0xE9CgE+mG8fO
1rIU5ODsmCQS9SXGWHikW3bufjXOC2W//BkXa1SyKbabvGHQlEXYNG66s4efQ7hX
6ppsTSlnqHYbt+R7H3RuY6kky3GmXg4BjknfcNxW/Qa9N87BXAuiPBzZb/6JmiOE
5lKr6oz2ZxQC/+aa/if56WSum81Czik9zkFVDYKGOr95NEyJW+6mqX06+jxsSNsy
shYi3+OSJCa7DGbGts5vpVxSinlG2VSyHi+8xJV8TTPCKNR3B2iiO15oEggxI+f3
6gtkUqQc6f/5frDpjYXIwYdlc2+nBq9GUAuHItm6rTpLQ5H5/Kf30Va17QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGLf8Yx75TwmdnCiN1BROV10QetEMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvWXRfeGpIdmxQQ1oyY0tJM1VGRTVYWFJCNjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAXYGbgzUb+0sTHqsufrcBNPWeaULiCjV3azKZH+OK
ZSiAAFaletYRDz90SutqlnB46cP8wQ5xfjHPf5rJ4J4WBjdxx0TdC3N5uKrljWOr
H/7qJ8X+UWZHdeZW4pq0c3kixJjEZnEUVZCCr40bCk4pq0/i2I5qtyHcesrS9cBi
91jZO+Q/qeifAjsWaEdhEKt7i3sLw8GmVaLc+eNbNWwaH288N2mgnnwsd9KgEoZY
+RtkjFAMnx0wp/9ZVCnDmt5UQDKwSCRuIaKf+PSFDYsZ0gCsbUQ42rPKTo0f+c0X
9H1LJ1xUMMnSxZhlZ7gESNyFQEY3uDyzTiZtuMcH0wFf8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org