Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/mFv1SnomdbBPAE_9ZskjdSLb8ds.roa
File:                     mFv1SnomdbBPAE_9ZskjdSLb8ds.roa (raw, json)
Hash identifier:          rTULoc/94iWHTZ9b2Ckd+PJbAL3QdGp2My6Up6fVZRQ=
Subject key identifier:   98:5B:F5:4A:7A:26:75:B0:4F:00:4F:FD:66:C9:23:75:22:DB:F1:DB
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       91A838
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/mFv1SnomdbBPAE_9ZskjdSLb8ds.roa
Signing time:             Wed 27 Apr 2022 18:55:48 +0000
ROA not before:           Wed 27 Apr 2022 18:55:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49316
IP address blocks:        2a12:8fc6:100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9545784 (0x91a838)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Apr 27 18:55:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=985bf54a7a2675b04f004ffd66c9237522dbf1db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5a:f6:a7:b1:13:34:c3:4d:aa:0c:42:79:1c:
                    ab:49:da:5c:49:54:4c:5a:99:13:b0:99:82:3f:ec:
                    95:2d:29:e6:3f:3e:f0:93:9c:85:eb:fe:05:d9:90:
                    21:59:8a:54:8a:5b:2d:42:92:60:67:8b:1d:21:61:
                    6b:80:56:85:e5:7d:52:e7:88:11:95:45:60:04:f3:
                    8f:6d:28:6f:14:5f:1b:bd:5a:c1:37:42:c5:c3:30:
                    b6:a1:25:bc:19:e3:50:f5:b3:30:f2:20:8d:bb:d2:
                    75:08:66:13:bd:46:c5:e8:b8:0c:5f:86:3c:d1:3d:
                    c0:03:4a:e5:a6:f1:7b:ec:e8:29:ff:89:44:2e:25:
                    90:15:9a:27:dc:49:88:e8:47:d8:1b:f7:9f:73:27:
                    ae:38:72:ec:2e:1b:a1:1a:0d:a0:b6:de:f4:d3:2d:
                    c2:90:9b:19:3d:40:07:d7:8d:84:97:7a:9c:5e:27:
                    50:b7:2f:98:31:f0:ff:b1:84:8d:f4:4e:e3:6f:54:
                    33:4d:d3:14:cd:fe:1f:40:6c:0b:e6:d3:5f:a4:8e:
                    c4:56:38:2b:81:4d:fa:fb:ee:2a:75:78:13:ff:e4:
                    b2:ca:a8:ba:d6:5a:c3:d1:5b:aa:2e:af:22:0b:09:
                    12:6b:45:6a:99:1f:75:d8:02:b7:7a:fb:9b:d4:d0:
                    73:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:5B:F5:4A:7A:26:75:B0:4F:00:4F:FD:66:C9:23:75:22:DB:F1:DB
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/mFv1SnomdbBPAE_9ZskjdSLb8ds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         2d:72:ac:5e:e8:c5:05:dd:03:6c:ff:0c:d9:08:e1:cf:7b:de:
         a1:58:91:53:01:bf:b6:bf:58:4a:05:8d:4f:b1:3c:f7:9a:6a:
         cc:22:87:82:e4:b5:f0:eb:ec:a0:b3:4a:40:f9:df:5f:6e:6b:
         cc:4c:35:07:1b:c4:e8:c8:b5:f9:72:89:2e:98:1f:b3:21:8c:
         e5:89:50:df:ae:5e:37:99:40:e6:c2:1d:a9:48:0c:9f:a3:16:
         55:47:45:85:33:32:f3:04:e9:b1:91:ee:a9:c0:aa:d1:b3:54:
         a0:10:1e:49:7f:81:09:28:e0:d4:81:67:39:3c:c3:de:a3:ef:
         1f:3f:ea:fa:96:d4:5c:49:30:9b:cd:b5:cb:6f:22:ed:19:cd:
         b7:ad:6c:a9:8e:1e:ce:5d:40:ff:57:36:c6:2f:fe:e6:1a:64:
         15:6e:40:b1:f2:59:5f:d5:e8:5b:5f:88:fc:af:ae:48:4d:da:
         34:2e:58:a7:aa:b5:21:0f:2b:d5:92:ed:0c:49:ff:b8:dc:2e:
         68:d7:1e:32:c6:28:32:c7:66:04:33:fe:9d:13:d0:54:c5:a4:
         bd:85:d4:2f:58:7f:45:00:8f:64:0c:7e:75:f4:ef:c0:2a:3f:
         6f:c1:61:ae:f6:8f:b6:99:bc:90:0e:b6:4d:b2:9c:88:7a:c3:
         ed:a8:b4:09
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAJGoODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Yjk2N2U3NzJjYzcyOTgzMDVhMTFmZmE2NWRkMTg1ZjZhNTg5MTBiMB4XDTIyMDQy
NzE4NTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg1YmY1NGE3YTI2
NzViMDRmMDA0ZmZkNjZjOTIzNzUyMmRiZjFkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBa9qexEzTDTaoMQnkcq0naXElUTFqZE7CZgj/slS0p5j8+
8JOchev+BdmQIVmKVIpbLUKSYGeLHSFha4BWheV9UueIEZVFYATzj20obxRfG71a
wTdCxcMwtqElvBnjUPWzMPIgjbvSdQhmE71Gxei4DF+GPNE9wANK5abxe+zoKf+J
RC4lkBWaJ9xJiOhH2Bv3n3Mnrjhy7C4boRoNoLbe9NMtwpCbGT1AB9eNhJd6nF4n
ULcvmDHw/7GEjfRO429UM03TFM3+H0BsC+bTX6SOxFY4K4FN+vvuKnV4E//kssqo
utZaw9Fbqi6vIgsJEmtFapkfddgCt3r7m9TQc/8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSYW/VKeiZ1sE8AT/1mySN1Itvx2zAfBgNVHSMEGDAWgBQrln53LMcpgwWh
H/pl3RhfaliRCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s1Wi1keXpIS1lNRm9SXzZaZDBZWDJwWWtRcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNjYwZTc0LWEzYmMtNDQ0Yi05YzZhLTU4Yzk2ZDY2ZjBhMS8x
L21GdjFTbm9tZGJCUEFFXzlac2tqZFNMYjhkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NjYwZTc0LWEzYmMtNDQ0Yi05YzZhLTU4Yzk2ZDY2ZjBhMS8xL0s1Wi1keXpIS1lN
Rm9SXzZaZDBZWDJwWWtRcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoSj8YBMA0GCSqGSIb3DQEBCwUA
A4IBAQAtcqxe6MUF3QNs/wzZCOHPe96hWJFTAb+2v1hKBY1PsTz3mmrMIoeC5LXw
6+ygs0pA+d9fbmvMTDUHG8ToyLX5cokumB+zIYzliVDfrl43mUDmwh2pSAyfoxZV
R0WFMzLzBOmxke6pwKrRs1SgEB5Jf4EJKODUgWc5PMPeo+8fP+r6ltRcSTCbzbXL
byLtGc23rWypjh7OXUD/VzbGL/7mGmQVbkCx8llf1ehbX4j8r65ITdo0LlinqrUh
DyvVku0MSf+43C5o1x4yxigyx2YEM/6dE9BUxaS9hdQvWH9FAI9kDH519O/AKj9v
wWGu9o+2mbyQDrZNspyIesPtqLQJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org