Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/zCkHrgOfHe-93VAMn4HCbZ5Ghjw.roa
File:                     zCkHrgOfHe-93VAMn4HCbZ5Ghjw.roa (raw, json)
Hash identifier:          PrkqHVSBsdEeyTKXYScJcSs1Tcgj1tqlf9uxLMEQeBM=
Subject key identifier:   CC:29:07:AE:03:9F:1D:EF:BD:DD:50:0C:9F:81:C2:6D:9E:46:86:3C
Certificate issuer:       /CN=7981ea4d507fb0ae07159f6f88def958430fd070
Certificate serial:       01548BDD
Authority key identifier: 79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/zCkHrgOfHe-93VAMn4HCbZ5Ghjw.roa
Signing time:             Mon 09 May 2022 18:18:04 +0000
ROA not before:           Mon 09 May 2022 18:18:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62257
IP address blocks:        2a12:eb80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22318045 (0x1548bdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7981ea4d507fb0ae07159f6f88def958430fd070
        Validity
            Not Before: May  9 18:18:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc2907ae039f1defbddd500c9f81c26d9e46863c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:dd:8f:e1:c4:b7:91:4e:c0:14:10:b8:3f:72:
                    cd:5c:25:ce:1e:9a:0d:f2:4d:56:8d:c0:d8:ec:cd:
                    c5:26:5b:69:e2:f2:b1:4f:b4:ff:ee:c9:72:78:ba:
                    4a:d5:d5:d3:d1:52:d6:74:ed:b9:54:db:3d:95:ad:
                    35:cd:75:62:d4:3f:9f:48:2c:fa:2e:18:30:0d:18:
                    3d:21:20:d9:fb:14:b7:9c:bd:fb:12:b1:f3:09:22:
                    2e:a6:7d:60:fe:20:ba:67:8d:50:c4:0f:46:a5:ba:
                    06:54:ce:db:d0:b4:ec:c5:37:bb:6f:23:be:d8:e0:
                    05:8e:96:16:59:4e:d8:b3:5c:c0:e4:03:dd:b0:e4:
                    40:b7:20:40:9d:f8:b9:0c:a0:2d:79:bb:58:19:65:
                    e0:a5:c4:c8:ee:9e:2f:e5:41:76:58:79:cd:6a:6b:
                    b2:44:e3:10:45:4d:de:25:15:66:5a:45:7e:c8:f6:
                    d1:8e:48:8f:8b:46:ff:ba:24:81:e8:be:69:7c:90:
                    c6:48:a3:4e:67:c1:17:0b:d7:66:82:df:ff:55:d3:
                    51:0f:39:9c:1f:54:e7:8a:4f:08:b9:3c:3f:d8:f5:
                    31:62:c5:fa:e7:51:80:93:a9:31:be:cc:d1:a6:71:
                    41:f8:5b:7f:4e:31:7d:80:be:d8:ff:a0:25:3e:49:
                    fd:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:29:07:AE:03:9F:1D:EF:BD:DD:50:0C:9F:81:C2:6D:9E:46:86:3C
            X509v3 Authority Key Identifier:
                keyid:79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/zCkHrgOfHe-93VAMn4HCbZ5Ghjw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/eYHqTVB_sK4HFZ9viN75WEMP0HA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:eb80::/29

    Signature Algorithm: sha256WithRSAEncryption
         de:ee:9d:94:95:d3:d5:2c:bc:7c:09:15:04:a0:77:4c:cb:f0:
         d5:74:81:64:31:d6:c1:d5:5d:a3:da:02:c3:de:86:99:a3:08:
         58:ec:71:19:b0:58:9c:9a:e4:12:7a:d4:d3:81:dd:63:74:99:
         fe:39:51:05:a7:db:ce:5f:b3:e5:3f:97:da:65:a4:54:ed:d7:
         28:16:42:ac:92:52:8a:a5:03:ea:a2:2b:6f:65:a4:2b:db:f5:
         c8:b5:ce:3b:c6:2c:04:41:35:ff:c6:d4:ad:bf:ed:df:cb:3b:
         77:51:96:6a:e3:f0:3b:24:69:00:33:f8:f4:7e:5b:71:35:82:
         a5:ab:f8:46:f9:11:3d:74:52:4b:8c:6f:88:3f:a0:3c:d5:84:
         7d:52:2b:8c:9d:4a:cf:fe:2c:a2:86:ae:cf:78:c9:98:dc:a7:
         94:2d:9b:88:0f:97:34:4b:e7:19:48:40:d3:3d:eb:8b:a3:50:
         31:07:58:52:13:05:7d:76:08:bb:9a:16:80:fe:49:63:45:5f:
         17:9e:90:8e:41:88:8e:6b:09:6a:9c:86:31:14:7a:51:c4:70:
         80:26:98:1c:9f:ab:e3:39:7a:a3:69:fa:a0:1f:e6:a3:8c:13:
         ef:4d:7a:a6:7f:81:45:8e:36:6c:62:36:54:17:15:aa:55:d1:
         ce:72:4d:bd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAVSL3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTgxZWE0ZDUwN2ZiMGFlMDcxNTlmNmY4OGRlZjk1ODQzMGZkMDcwMB4XDTIyMDUw
OTE4MTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MyOTA3YWUwMzlm
MWRlZmJkZGQ1MDBjOWY4MWMyNmQ5ZTQ2ODYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3dj+HEt5FOwBQQuD9yzVwlzh6aDfJNVo3A2OzNxSZbaeLy
sU+0/+7Jcni6StXV09FS1nTtuVTbPZWtNc11YtQ/n0gs+i4YMA0YPSEg2fsUt5y9
+xKx8wkiLqZ9YP4gumeNUMQPRqW6BlTO29C07MU3u28jvtjgBY6WFllO2LNcwOQD
3bDkQLcgQJ34uQygLXm7WBll4KXEyO6eL+VBdlh5zWprskTjEEVN3iUVZlpFfsj2
0Y5Ij4tG/7okgei+aXyQxkijTmfBFwvXZoLf/1XTUQ85nB9U54pPCLk8P9j1MWLF
+udRgJOpMb7M0aZxQfhbf04xfYC+2P+gJT5J/UsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTMKQeuA58d773dUAyfgcJtnkaGPDAfBgNVHSMEGDAWgBR5gepNUH+wrgcV
n2+I3vlYQw/QcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VZSHFUVkJfc0s0SEZaOXZpTjc1V0VNUDBIQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvZTQ0YmQ3LTBmNzAtNDVjOC04NTZlLTQwZTJlZjMzODNiMC8x
L3pDa0hyZ09mSGUtOTNWQU1uNEhDYlo1R2hqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
ZTQ0YmQ3LTBmNzAtNDVjOC04NTZlLTQwZTJlZjMzODNiMC8xL2VZSHFUVkJfc0s0
SEZaOXZpTjc1V0VNUDBIQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoS64AwDQYJKoZIhvcNAQELBQAD
ggEBAN7unZSV09UsvHwJFQSgd0zL8NV0gWQx1sHVXaPaAsPehpmjCFjscRmwWJya
5BJ61NOB3WN0mf45UQWn285fs+U/l9plpFTt1ygWQqySUoqlA+qiK29lpCvb9ci1
zjvGLARBNf/G1K2/7d/LO3dRlmrj8DskaQAz+PR+W3E1gqWr+Eb5ET10UkuMb4g/
oDzVhH1SK4ydSs/+LKKGrs94yZjcp5Qtm4gPlzRL5xlIQNM964ujUDEHWFITBX12
CLuaFoD+SWNFXxeekI5BiI5rCWqchjEUelHEcIAmmByfq+M5eqNp+qAf5qOME+9N
eqZ/gUWONmxiNlQXFapV0c5yTb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:15 2024 by rpki-client on console-ams.rpki-client.org