Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/qAlrGp9rf1Q9_Nwy8lxQMUgINXw.roa
File:                     qAlrGp9rf1Q9_Nwy8lxQMUgINXw.roa (raw, json)
Hash identifier:          Lq4CPb188qCxsO9kb4e83Wam4x/keuUQ8Oz/+QaFB2w=
Subject key identifier:   A8:09:6B:1A:9F:6B:7F:54:3D:FC:DC:32:F2:5C:50:31:48:08:35:7C
Certificate issuer:       /CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
Certificate serial:       59ABFA
Authority key identifier: 26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/qAlrGp9rf1Q9_Nwy8lxQMUgINXw.roa
Signing time:             Wed 16 Feb 2022 12:44:29 +0000
ROA not before:           Wed 16 Feb 2022 12:44:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62119
IP address blocks:        2a12:42c0::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5876730 (0x59abfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
        Validity
            Not Before: Feb 16 12:44:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8096b1a9f6b7f543dfcdc32f25c50314808357c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:30:90:2c:88:8a:52:0c:0e:66:bd:ef:3a:cd:
                    c6:3d:a5:52:42:c3:d3:65:ab:8e:c8:27:ed:5a:bd:
                    0e:34:60:4f:4e:2a:42:50:37:74:67:a7:57:78:87:
                    07:04:84:fe:8d:51:ef:06:7a:d8:8b:ac:01:f1:36:
                    f0:6d:04:3b:3c:97:9f:e7:b6:15:b6:65:5d:68:04:
                    99:63:65:0d:92:d1:2e:18:47:19:0a:24:e1:95:f9:
                    a0:ae:35:d6:fb:b0:c3:b5:8c:af:83:08:34:16:85:
                    bf:56:cc:f3:51:f5:c7:06:64:31:11:0d:f7:62:35:
                    2f:e2:24:e7:96:18:86:f2:75:d9:ce:9c:88:27:52:
                    8d:69:08:60:4a:c0:97:9c:39:e7:da:c8:fc:e2:75:
                    de:24:92:71:d2:bc:40:ad:c9:b0:a8:54:55:7b:08:
                    a8:08:4d:4e:6d:c9:f1:d9:a9:65:c3:81:ac:c5:aa:
                    69:4f:a6:bc:af:06:f0:18:aa:61:33:18:6e:84:89:
                    c2:83:dc:d3:51:93:95:d6:d3:f9:0c:ed:33:f6:b6:
                    80:92:1b:03:c3:af:1b:2d:8e:03:9b:fe:53:3f:34:
                    75:fc:19:71:90:78:34:c1:4b:c3:c1:84:1f:5a:55:
                    04:ec:a2:c2:01:a9:63:4b:37:b0:96:a1:90:27:9a:
                    f7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:09:6B:1A:9F:6B:7F:54:3D:FC:DC:32:F2:5C:50:31:48:08:35:7C
            X509v3 Authority Key Identifier:
                keyid:26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/qAlrGp9rf1Q9_Nwy8lxQMUgINXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:42c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         26:83:29:a0:25:a5:ff:7c:16:14:97:a9:4c:a0:c5:f8:99:69:
         05:82:11:97:41:86:db:78:8d:08:8a:89:39:92:be:ae:72:10:
         1c:a0:78:28:2f:61:c8:a0:97:16:c2:a4:11:76:2c:81:99:26:
         f6:50:e1:ee:00:12:80:05:0f:db:7a:c6:95:02:27:4f:5f:29:
         2f:22:15:d4:bf:6a:e5:d7:ad:29:7d:04:7e:d7:4d:69:80:8b:
         45:20:84:a6:a6:d1:69:0d:5c:ce:78:ac:53:65:db:8a:32:59:
         69:cc:a4:98:49:04:2f:03:d4:16:e6:34:52:94:90:81:14:6a:
         2f:fa:c0:7a:51:1c:cd:05:a6:cb:16:5c:c9:41:c5:87:47:a9:
         df:f8:cc:ad:09:88:7c:8b:91:2b:45:da:1a:2a:fd:95:5f:6f:
         81:ee:aa:b7:1b:96:16:9b:5e:5a:1b:1f:21:2b:5f:b4:a3:45:
         f5:12:5a:81:96:7f:20:0c:00:73:09:9f:58:89:b7:31:00:f3:
         5c:3d:7a:ee:56:1d:80:03:25:57:23:1c:b5:07:a4:8e:7d:9b:
         8d:d6:e3:aa:65:11:2b:d8:1a:05:58:8c:07:a1:fb:5f:55:a4:
         2e:eb:d1:a1:7e:94:5c:d6:d1:31:cd:89:ab:92:86:f2:da:f8:
         3a:e6:3d:a6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDWav6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI2
OWI4YTM3NDg0NDBjOWQ1YzJjNTA4YmQwM2I0NmQ3MjczZWVlNTYwHhcNMjIwMjE2
MTI0NDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhODA5NmIxYTlmNmI3
ZjU0M2RmY2RjMzJmMjVjNTAzMTQ4MDgzNTdjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1DCQLIiKUgwOZr3vOs3GPaVSQsPTZauOyCftWr0ONGBPTipC
UDd0Z6dXeIcHBIT+jVHvBnrYi6wB8TbwbQQ7PJef57YVtmVdaASZY2UNktEuGEcZ
CiThlfmgrjXW+7DDtYyvgwg0FoW/VszzUfXHBmQxEQ33YjUv4iTnlhiG8nXZzpyI
J1KNaQhgSsCXnDnn2sj84nXeJJJx0rxArcmwqFRVewioCE1Obcnx2allw4Gsxapp
T6a8rwbwGKphMxhuhInCg9zTUZOV1tP5DO0z9raAkhsDw68bLY4Dm/5TPzR1/Blx
kHg0wUvDwYQfWlUE7KLCAaljSzewlqGQJ5r3wwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFKgJaxqfa39UPfzcMvJcUDFICDV8MB8GA1UdIwQYMBaAFCabijdIRAydXCxQ
i9A7RtcnPu5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SnB1S04waEVESjFjTEZDTDBEdEcxeWMtN2xZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OC85NGFhZTQtNzcxYy00MjlhLWE3Y2QtZjg3YmMxNzNkMmFhLzEv
cUFsckdwOXJmMVE5X053eThseFFNVWdJTlh3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85
NGFhZTQtNzcxYy00MjlhLWE3Y2QtZjg3YmMxNzNkMmFhLzEvSnB1S04waEVESjFj
TEZDTDBEdEcxeWMtN2xZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJCwDANBgkqhkiG9w0BAQsFAAOC
AQEAJoMpoCWl/3wWFJepTKDF+JlpBYIRl0GG23iNCIqJOZK+rnIQHKB4KC9hyKCX
FsKkEXYsgZkm9lDh7gASgAUP23rGlQInT18pLyIV1L9q5detKX0EftdNaYCLRSCE
pqbRaQ1cznisU2XbijJZacykmEkELwPUFuY0UpSQgRRqL/rAelEczQWmyxZcyUHF
h0ep3/jMrQmIfIuRK0XaGir9lV9vge6qtxuWFpteWhsfIStftKNF9RJagZZ/IAwA
cwmfWIm3MQDzXD167lYdgAMlVyMctQekjn2bjdbjqmURK9gaBViMB6H7X1WkLuvR
oX6UXNbRMc2Jq5KG8tr4OuY9pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:57 2024 by rpki-client on console-ams.rpki-client.org