Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/PHIYQ_8zZrDdtFbj9WUQXqGqJM0.roa
File:                     PHIYQ_8zZrDdtFbj9WUQXqGqJM0.roa (raw, json)
Hash identifier:          rhM6ZQ6RcJyR4m2m/Dvpcq7ZuGg5iD06gC/pK3IGsUE=
Subject key identifier:   3C:72:18:43:FF:33:66:B0:DD:B4:56:E3:F5:65:10:5E:A1:AA:24:CD
Certificate issuer:       /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial:       1F77F0
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/PHIYQ_8zZrDdtFbj9WUQXqGqJM0.roa
Signing time:             Tue 12 Apr 2022 20:03:52 +0000
ROA not before:           Tue 12 Apr 2022 20:03:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206023
IP address blocks:        2a12:bec0:10::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2062320 (0x1f77f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
        Validity
            Not Before: Apr 12 20:03:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c721843ff3366b0ddb456e3f565105ea1aa24cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:55:ef:26:cd:06:a2:d8:cc:95:47:52:d3:e3:
                    be:11:3f:66:46:28:72:3a:54:e1:b5:42:f7:eb:80:
                    72:a0:23:1a:04:cb:35:7c:75:84:b7:84:d0:49:36:
                    f0:76:8d:0d:97:d5:ab:23:6b:25:cd:66:72:22:02:
                    e5:4c:41:a0:ad:f8:73:ad:23:45:7b:0f:ba:73:17:
                    7b:ef:9c:c9:02:c8:f1:2c:97:a5:53:8a:db:be:7c:
                    a3:29:80:c1:f6:3f:f4:06:97:7f:a4:94:08:7f:24:
                    51:7f:67:0f:f3:90:59:99:24:92:f8:99:76:e9:96:
                    af:3f:c7:e5:93:9e:b2:f2:b9:ee:bf:c2:f1:bb:cb:
                    5a:4f:80:ed:ad:8e:f4:2d:54:6a:f5:cc:63:98:a6:
                    3f:75:43:84:6e:d5:3b:3c:33:1c:94:34:cb:88:e1:
                    5a:b1:a4:b1:97:97:24:59:62:11:6a:58:e9:9b:40:
                    f8:88:2f:b5:89:6b:12:f0:48:e8:18:4e:87:a2:bc:
                    01:fa:88:6b:ab:8f:7d:f0:ba:27:73:4c:12:54:4c:
                    94:76:c4:50:ce:8f:af:df:63:fa:df:f6:6c:87:12:
                    03:8d:d3:b6:2b:e8:2a:0d:b5:ac:9a:fd:b3:a8:d4:
                    69:96:50:db:f1:d3:88:6a:cf:b8:64:e8:f9:84:fd:
                    12:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:72:18:43:FF:33:66:B0:DD:B4:56:E3:F5:65:10:5E:A1:AA:24:CD
            X509v3 Authority Key Identifier:
                keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/PHIYQ_8zZrDdtFbj9WUQXqGqJM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:bec0:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         77:74:fd:85:05:63:11:66:8a:50:cf:c8:68:37:62:26:c2:59:
         de:92:3a:a9:59:4a:95:ab:b9:42:74:99:64:a3:9c:65:91:37:
         65:c0:a9:00:54:79:b2:c5:2e:13:ee:c8:a7:98:34:70:91:b1:
         ef:d1:db:06:91:d4:ea:4d:d9:7b:44:1c:c8:b9:19:24:72:63:
         bc:44:6b:17:fe:8d:f6:69:1a:04:5b:b7:aa:cd:44:d1:5b:d6:
         a2:5d:4f:a2:5d:70:f5:5d:c6:99:66:ad:c4:9b:0f:92:04:e0:
         b7:6f:d6:fd:25:1e:13:ae:d8:d7:56:02:4b:bc:53:cf:18:53:
         67:32:db:45:26:85:3a:8e:7c:58:6e:bd:15:6a:7b:b9:28:70:
         6e:bd:5f:8b:66:5b:5b:69:5d:3e:f1:d6:f2:a9:64:83:2d:92:
         45:84:6f:94:32:38:ec:32:fd:f6:f7:52:ae:1c:ef:f5:02:e4:
         59:a1:9e:96:0c:c2:4b:15:59:1d:a8:9a:c0:72:32:ac:82:ae:
         b0:bc:fa:e3:8d:41:46:4c:90:a8:bd:16:61:b6:b7:40:29:01:
         a3:68:ba:f7:4d:cf:07:59:0b:bf:2b:6d:6a:b8:96:d9:15:c5:
         5a:c2:13:7b:ad:f9:3f:74:fb:43:15:cb:23:58:70:d4:2f:d3:
         6a:d6:cd:e9
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDH3fwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
N2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBjM2Q2NmYwHhcNMjIwNDEy
MjAwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYzcyMTg0M2ZmMzM2
NmIwZGRiNDU2ZTNmNTY1MTA1ZWExYWEyNGNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmlXvJs0GotjMlUdS0+O+ET9mRihyOlThtUL364ByoCMaBMs1
fHWEt4TQSTbwdo0Nl9WrI2slzWZyIgLlTEGgrfhzrSNFew+6cxd775zJAsjxLJel
U4rbvnyjKYDB9j/0Bpd/pJQIfyRRf2cP85BZmSSS+Jl26ZavP8flk56y8rnuv8Lx
u8taT4DtrY70LVRq9cxjmKY/dUOEbtU7PDMclDTLiOFasaSxl5ckWWIRaljpm0D4
iC+1iWsS8EjoGE6HorwB+ohrq4998Lonc0wSVEyUdsRQzo+v32P63/ZshxIDjdO2
K+gqDbWsmv2zqNRpllDb8dOIas+4ZOj5hP0S7wIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFDxyGEP/M2aw3bRW4/VlEF6hqiTNMB8GA1UdIwQYMBaAFLN+IVpBXte13ktt
wS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
czM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2VlLzEv
UEhJWVFfOHpackRkdEZiajlXVVFYcUdxSk0wLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85
N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2VlLzEvczM0aFdrRmUxN1hl
UzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAAQMA0GCSqGSIb3DQEBCwUA
A4IBAQB3dP2FBWMRZopQz8hoN2ImwlnekjqpWUqVq7lCdJlko5xlkTdlwKkAVHmy
xS4T7sinmDRwkbHv0dsGkdTqTdl7RBzIuRkkcmO8RGsX/o32aRoEW7eqzUTRW9ai
XU+iXXD1XcaZZq3Emw+SBOC3b9b9JR4TrtjXVgJLvFPPGFNnMttFJoU6jnxYbr0V
anu5KHBuvV+LZltbaV0+8dbyqWSDLZJFhG+UMjjsMv3291KuHO/1AuRZoZ6WDMJL
FVkdqJrAcjKsgq6wvPrjjUFGTJCovRZhtrdAKQGjaLr3Tc8HWQu/K21quJbZFcVa
whN7rfk/dPtDFcsjWHDUL9Nq1s3p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org