Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HhpYxEYPHPRRzsYQHMcr2Rjq4Lc.roa
File:                     HhpYxEYPHPRRzsYQHMcr2Rjq4Lc.roa (raw, json)
Hash identifier:          hLWkYuJwrk88DzBxdHyF/dZGB+3JNmPCkVYwrOQmw5M=
Subject key identifier:   1E:1A:58:C4:46:0F:1C:F4:51:CE:C6:10:1C:C7:2B:D9:18:EA:E0:B7
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       018497019CB54FF03E55D26BC5E67A43F33D
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HhpYxEYPHPRRzsYQHMcr2Rjq4Lc.roa
Signing time:             Sun 20 Nov 2022 21:46:16 +0000
ROA not before:           Sun 20 Nov 2022 21:46:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     45036
IP address blocks:        2a12:a4c2::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:97:01:9c:b5:4f:f0:3e:55:d2:6b:c5:e6:7a:43:f3:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Nov 20 21:46:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e1a58c4460f1cf451cec6101cc72bd918eae0b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:bc:49:21:5f:54:be:72:52:07:ad:8a:fc:ef:
                    2a:4f:c7:9f:80:b7:20:41:fe:a8:83:fe:08:15:eb:
                    d3:3f:52:13:77:53:8a:2f:81:fb:f5:da:91:bc:b9:
                    7f:f9:7d:f4:2f:29:b6:98:11:dd:c0:de:e0:47:84:
                    4f:2b:01:c4:4c:0b:8b:23:e1:ed:3f:5b:1e:e5:2c:
                    4c:f9:4c:45:7b:e2:db:fd:f7:7a:a0:26:87:3e:50:
                    f2:1c:14:95:a3:e4:8d:a0:1e:ee:90:03:18:12:2f:
                    b9:66:5b:12:a2:87:52:a7:ff:38:1a:f4:86:1b:30:
                    f2:d3:20:7d:a1:de:3f:a8:d4:a7:5c:66:58:99:d4:
                    e3:7a:af:db:fa:33:7e:b2:e9:a4:64:42:6b:e4:d5:
                    89:0b:2f:20:e4:c6:96:02:c9:92:dc:d9:4b:15:bb:
                    97:d6:43:43:20:3a:86:9e:6e:f5:94:db:14:ec:7b:
                    3a:b5:3c:be:f3:bc:2d:a3:e8:f5:3c:a7:8d:7d:05:
                    a0:6c:9c:fe:74:c4:c4:69:d3:25:b9:c9:29:6c:ae:
                    f2:09:ac:09:ac:2a:fb:eb:a5:5a:eb:2a:98:08:fa:
                    65:bf:d3:bf:2a:5e:12:84:f3:4f:1f:cc:93:44:c5:
                    2a:64:f7:07:80:83:06:2d:b8:d2:5e:25:25:66:44:
                    67:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:1A:58:C4:46:0F:1C:F4:51:CE:C6:10:1C:C7:2B:D9:18:EA:E0:B7
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HhpYxEYPHPRRzsYQHMcr2Rjq4Lc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:a4c2::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:18:c5:30:96:7a:b5:db:b1:5a:38:c0:fc:6c:cf:21:fa:ee:
         e3:e8:e0:cb:52:26:22:26:35:f9:17:0e:06:18:1a:2e:b5:da:
         72:e3:ce:f7:5c:5d:c3:61:58:00:f8:4a:e0:e5:73:b8:72:fc:
         24:3e:ce:d7:82:c3:ae:1e:07:1d:d4:e6:e6:ff:ca:09:b9:f4:
         18:77:a4:4e:a0:6d:78:d6:1e:b8:f8:57:b1:fa:31:ab:93:04:
         d2:50:a8:39:54:ee:24:32:54:ef:a5:dd:17:62:0d:68:a8:02:
         bd:ff:19:2e:4a:44:02:54:67:0e:25:bc:e1:ee:c0:26:8a:7c:
         17:0f:d1:6a:b0:7c:95:dc:e3:8b:0e:b0:24:d0:ab:36:6b:52:
         5d:a1:b7:e3:6d:9d:01:b0:b8:62:bb:e8:ea:b9:ee:c2:d4:45:
         49:32:da:a4:c2:f2:eb:bd:02:63:6c:0b:9c:ff:f1:24:19:c5:
         38:66:2a:2f:71:56:78:12:76:eb:63:f4:8e:b8:c7:8f:79:62:
         4d:4a:10:c6:ec:56:5a:74:3c:de:75:6f:c1:85:79:ec:0c:ad:
         b2:79:53:72:dd:23:1d:3d:1a:6c:2b:d8:0e:0a:28:df:84:b2:
         b7:6a:d2:6b:06:54:22:2e:dc:fd:ab:a6:07:e6:ee:b5:47:ee:
         fb:de:33:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSXAZy1T/A+VdJrxeZ6Q/M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIxMTIwMjE0NjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTFhNThjNDQ2MGYxY2Y0NTFjZWM2MTAxY2M3MmJkOTE4ZWFlMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrxJIV9UvnJSB62K/O8qT8efgLcg
Qf6og/4IFevTP1ITd1OKL4H79dqRvLl/+X30Lym2mBHdwN7gR4RPKwHETAuLI+Ht
P1se5SxM+UxFe+Lb/fd6oCaHPlDyHBSVo+SNoB7ukAMYEi+5ZlsSoodSp/84GvSG
GzDy0yB9od4/qNSnXGZYmdTjeq/b+jN+sumkZEJr5NWJCy8g5MaWAsmS3NlLFbuX
1kNDIDqGnm71lNsU7Hs6tTy+87wto+j1PKeNfQWgbJz+dMTEadMluckpbK7yCawJ
rCr766Va6yqYCPplv9O/Kl4ShPNPH8yTRMUqZPcHgIMGLbjSXiUlZkRnFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB4aWMRGDxz0Uc7GEBzHK9kY6uC3MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvSGhwWXhFWVBIUFJSenNZUUhNY3IyUmpxNExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKkwjAN
BgkqhkiG9w0BAQsFAAOCAQEASxjFMJZ6tduxWjjA/GzPIfru4+jgy1ImIiY1+RcO
BhgaLrXacuPO91xdw2FYAPhK4OVzuHL8JD7O14LDrh4HHdTm5v/KCbn0GHekTqBt
eNYeuPhXsfoxq5ME0lCoOVTuJDJU76XdF2INaKgCvf8ZLkpEAlRnDiW84e7AJop8
Fw/RarB8ldzjiw6wJNCrNmtSXaG3422dAbC4Yrvo6rnuwtRFSTLapMLy670CY2wL
nP/xJBnFOGYqL3FWeBJ262P0jrjHj3liTUoQxuxWWnQ83nVvwYV57AytsnlTct0j
HT0abCvYDgoo34Syt2rSawZUIi7c/aumB+butUfu+94zXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org