Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/yGr9U_reqJebs1J8GAj9r1q4IMU.roa
File:                     yGr9U_reqJebs1J8GAj9r1q4IMU.roa (raw, json)
Hash identifier:          WMHdGYe82aZloSyD00qhBa5GA1gJ5NzhOqOVQ/rszLM=
Subject key identifier:   C8:6A:FD:53:FA:DE:A8:97:9B:B3:52:7C:18:08:FD:AF:5A:B8:20:C5
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       0182E4B083125B8A8939957A5F8424474917
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/yGr9U_reqJebs1J8GAj9r1q4IMU.roa
Signing time:             Sun 28 Aug 2022 13:42:29 +0000
ROA not before:           Sun 28 Aug 2022 13:42:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34465
IP address blocks:        2a12:8fc6:ace2::/48 maxlen: 48
                          2a12:8fc6:cd01::/48 maxlen: 48
                          2a12:8fc6::/32 maxlen: 32
                          2a12:8fc6:ce00::/48 maxlen: 48
                          2a12:8fc6:cd00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e4:b0:83:12:5b:8a:89:39:95:7a:5f:84:24:47:49:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Aug 28 13:42:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c86afd53fadea8979bb3527c1808fdaf5ab820c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a6:d5:d6:9d:c5:9c:e3:2a:f2:f6:50:bb:eb:
                    a3:dc:73:06:03:47:9c:31:f2:a3:6f:9d:d2:db:be:
                    6b:c3:82:34:35:94:68:33:e0:05:71:fe:4b:02:db:
                    32:dd:a9:6d:83:40:52:07:b2:b3:a7:f2:c8:04:8d:
                    7f:6b:16:d0:b9:55:f0:ec:13:dc:5f:92:30:8d:2d:
                    2a:24:86:2b:1c:f2:d2:c6:64:bd:fc:9a:a8:0c:a4:
                    9f:b3:25:d8:d1:ba:dd:58:99:c4:3a:a7:97:4a:65:
                    b7:89:a5:22:1f:49:5a:de:34:51:6d:a8:14:1d:35:
                    08:40:10:2f:fe:3f:ab:04:c9:7c:32:b2:08:a7:94:
                    b7:26:f9:b5:a1:8a:f3:7e:c9:14:1e:e1:ce:93:40:
                    21:3f:c4:c3:73:1d:32:05:44:93:79:50:54:6f:5d:
                    e8:ec:cb:09:07:c7:ec:85:b8:47:0c:30:44:89:cd:
                    4b:15:2f:d1:4d:27:d3:dc:a8:91:c7:f6:e2:9b:40:
                    7d:0c:4b:90:cb:2f:2d:7e:56:29:51:b6:90:53:8c:
                    7f:1f:aa:94:f3:ed:56:2c:dc:2c:17:3c:b4:06:03:
                    b3:f0:d0:92:c5:f1:15:18:72:b1:f6:c3:fd:d6:1d:
                    ce:e7:93:0f:60:b3:43:92:61:1e:17:5d:8a:7f:e8:
                    0d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:6A:FD:53:FA:DE:A8:97:9B:B3:52:7C:18:08:FD:AF:5A:B8:20:C5
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/yGr9U_reqJebs1J8GAj9r1q4IMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:fe:05:4a:09:80:e7:cf:c6:b1:9e:4e:f4:59:65:1c:21:14:
         8f:3c:c9:e2:16:88:96:ae:6f:26:c2:8f:f2:e7:52:18:38:8f:
         a2:04:da:bd:12:4e:2b:e0:e5:0f:29:b0:03:c4:85:86:64:ca:
         e8:27:b9:27:de:5e:47:b7:74:5d:51:5d:80:e5:c6:08:ab:4b:
         2d:6e:a8:85:f8:41:f3:8e:28:8e:e9:53:69:36:50:1b:ee:ac:
         1f:cb:de:61:fb:5b:3f:ce:68:67:b9:05:5c:d7:21:96:60:b6:
         6c:6c:f3:79:41:5f:05:28:dd:b0:07:1a:56:ee:29:ab:40:84:
         2c:bc:8e:9d:b7:f0:ab:fd:e5:0e:9f:0a:8f:27:16:80:12:9f:
         a1:9b:07:ce:3d:4f:e9:99:7c:62:df:9b:44:de:a0:8b:72:0f:
         43:96:19:c1:ef:50:d3:73:f1:5a:83:3d:10:5d:5c:1d:77:9c:
         0b:cc:c7:e4:f5:71:c0:8c:da:87:b1:d7:ba:59:f5:e1:bf:fc:
         4b:dc:d6:23:49:f2:53:2a:62:0f:c4:59:57:7d:88:eb:0b:83:
         11:dc:e2:a6:71:12:c5:88:5a:27:8a:f7:d6:78:0b:b2:a7:30:
         3b:63:14:87:41:a4:f3:57:03:98:f9:c8:fc:0b:a5:ce:5e:f3:
         cc:85:cc:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLksIMSW4qJOZV6X4QkR0kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIwODI4MTM0MjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODZhZmQ1M2ZhZGVhODk3OWJiMzUyN2MxODA4ZmRhZjVhYjgyMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoabV1p3FnOMq8vZQu+uj3HMGA0ec
MfKjb53S275rw4I0NZRoM+AFcf5LAtsy3altg0BSB7Kzp/LIBI1/axbQuVXw7BPc
X5IwjS0qJIYrHPLSxmS9/JqoDKSfsyXY0brdWJnEOqeXSmW3iaUiH0la3jRRbagU
HTUIQBAv/j+rBMl8MrIIp5S3Jvm1oYrzfskUHuHOk0AhP8TDcx0yBUSTeVBUb13o
7MsJB8fshbhHDDBEic1LFS/RTSfT3KiRx/bim0B9DEuQyy8tflYpUbaQU4x/H6qU
8+1WLNwsFzy0BgOz8NCSxfEVGHKx9sP91h3O55MPYLNDkmEeF12Kf+gNhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMhq/VP63qiXm7NSfBgI/a9auCDFMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEveUdyOVVfcmVxSmViczFKOEdBajlyMXE0SU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAUv4FSgmA58/GsZ5O9FllHCEUjzzJ4haIlq5vJsKP
8udSGDiPogTavRJOK+DlDymwA8SFhmTK6Ce5J95eR7d0XVFdgOXGCKtLLW6ohfhB
844ojulTaTZQG+6sH8veYftbP85oZ7kFXNchlmC2bGzzeUFfBSjdsAcaVu4pq0CE
LLyOnbfwq/3lDp8KjycWgBKfoZsHzj1P6Zl8Yt+bRN6gi3IPQ5YZwe9Q03PxWoM9
EF1cHXecC8zH5PVxwIzah7HXuln14b/8S9zWI0nyUypiD8RZV32I6wuDEdzipnES
xYhaJ4r31ngLsqcwO2MUh0Gk81cDmPnI/Aulzl7zzIXMhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org