Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/shJPs_vP8RjHDZmf5R4UHmr4DIw.roa
File:                     shJPs_vP8RjHDZmf5R4UHmr4DIw.roa (raw, json)
Hash identifier:          wqgkoRkR6W4DGBDiwgO+BNng1cqm39BLej1FgyROX8g=
Subject key identifier:   B2:12:4F:B3:FB:CF:F1:18:C7:0D:99:9F:E5:1E:14:1E:6A:F8:0C:8C
Certificate issuer:       /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial:       1D0ABC
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/shJPs_vP8RjHDZmf5R4UHmr4DIw.roa
Signing time:             Tue 31 May 2022 14:52:15 +0000
ROA not before:           Tue 31 May 2022 14:52:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50832
IP address blocks:        2a12:f3c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1903292 (0x1d0abc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
        Validity
            Not Before: May 31 14:52:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2124fb3fbcff118c70d999fe51e141e6af80c8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:08:71:e2:3e:16:d9:2c:76:69:a2:31:a1:33:
                    e8:12:f3:52:ac:55:c7:57:d6:ca:75:8e:06:56:be:
                    56:0e:a5:a8:f5:5a:7b:e9:cd:52:03:fa:cb:b6:d6:
                    e2:da:d5:b5:75:59:ff:94:08:4b:ed:4b:6c:ad:4d:
                    82:eb:07:7c:59:6d:86:3b:c3:74:bf:fd:28:c6:43:
                    1c:28:6d:17:8d:72:18:ed:2d:04:05:d8:61:89:f1:
                    44:54:d4:42:eb:23:5d:83:c5:de:23:cc:4f:f8:68:
                    26:a9:53:22:e0:ba:62:f7:fe:6a:ba:cc:5f:44:6f:
                    05:57:33:ee:a1:dc:cf:05:1b:03:c3:2f:af:36:93:
                    43:75:38:c4:a9:f9:66:2a:ff:8d:40:48:40:da:ec:
                    1e:55:44:ef:fa:d5:69:b2:9b:ae:ac:44:47:1d:73:
                    d2:e0:9e:b1:84:f5:3f:1f:49:7e:ce:5d:e5:3a:7e:
                    e2:ed:c2:4c:a6:02:10:75:89:c4:8b:7c:6e:d9:f8:
                    e5:2c:d4:78:3a:dc:e6:79:64:f1:e1:aa:20:23:ad:
                    1a:9c:8e:d2:80:26:28:4d:3a:a0:1a:fe:35:ba:12:
                    88:e8:9c:27:5f:f6:07:40:17:4f:8e:93:9e:e5:3a:
                    b3:99:5d:a0:f2:67:8b:e9:2e:e9:1c:d1:6e:f1:44:
                    40:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:12:4F:B3:FB:CF:F1:18:C7:0D:99:9F:E5:1E:14:1E:6A:F8:0C:8C
            X509v3 Authority Key Identifier:
                keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/shJPs_vP8RjHDZmf5R4UHmr4DIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:f3c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6d:aa:e3:7a:9b:02:72:7c:69:7b:af:54:38:68:a8:7c:47:fc:
         31:f9:d4:3f:1c:a2:b8:b8:1b:53:1b:54:b8:9a:85:26:a4:fd:
         11:25:d0:5f:2c:cb:ba:06:d4:c3:7d:aa:b6:63:8a:07:f4:cd:
         3c:f6:cc:7b:84:1f:b8:58:a9:ee:aa:20:90:b9:78:fe:f0:e8:
         7f:38:cd:c6:4c:4a:13:44:b4:0a:d6:30:7e:26:ab:ee:5f:02:
         51:99:95:f4:d2:23:cd:74:10:77:5d:fa:c5:24:1a:02:65:9f:
         e2:2b:1e:d6:d0:57:9e:0c:78:c2:88:ab:dd:79:f5:66:be:d4:
         2e:5f:7f:8e:74:32:6a:19:21:a9:6d:0f:68:dc:36:58:2b:b7:
         3f:c0:11:95:c4:de:05:c0:e4:5d:43:2b:17:2e:6c:01:24:aa:
         35:ca:c2:27:81:ad:b6:cb:00:12:48:4a:77:df:61:1c:a3:fa:
         97:15:98:c6:8f:ac:5c:b4:96:ad:1f:86:d3:60:7a:5e:6c:54:
         fd:d4:a6:bf:27:84:b5:64:68:80:9b:1e:3b:06:91:41:55:59:
         13:47:e9:63:1a:c5:3f:d6:22:a8:9a:b8:c1:70:ed:39:8f:8f:
         99:24:b7:2c:76:97:ec:6c:7c:23:9b:df:ef:1f:01:c2:48:86:
         ba:5f:f0:7c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDHQq8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
OTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4ODRkMTgwHhcNMjIwNTMx
MTQ1MjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMjEyNGZiM2ZiY2Zm
MTE4YzcwZDk5OWZlNTFlMTQxZTZhZjgwYzhjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoAhx4j4W2Sx2aaIxoTPoEvNSrFXHV9bKdY4GVr5WDqWo9Vp7
6c1SA/rLttbi2tW1dVn/lAhL7UtsrU2C6wd8WW2GO8N0v/0oxkMcKG0XjXIY7S0E
BdhhifFEVNRC6yNdg8XeI8xP+GgmqVMi4Lpi9/5qusxfRG8FVzPuodzPBRsDwy+v
NpNDdTjEqflmKv+NQEhA2uweVUTv+tVpspuurERHHXPS4J6xhPU/H0l+zl3lOn7i
7cJMpgIQdYnEi3xu2fjlLNR4OtzmeWTx4aogI60anI7SgCYoTTqgGv41uhKI6Jwn
X/YHQBdPjpOe5TqzmV2g8meL6S7pHNFu8URAfQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFLIST7P7z/EYxw2Zn+UeFB5q+AyMMB8GA1UdIwQYMBaAFBqRVOHFV4sP74q7
d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEv
c2hKUHNfdlA4UmpIRFptZjVSNFVIbXI0REl3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81
NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEvR3BGVTRjVlhpd192
aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDANBgkqhkiG9w0BAQsFAAOC
AQEAbarjepsCcnxpe69UOGiofEf8MfnUPxyiuLgbUxtUuJqFJqT9ESXQXyzLugbU
w32qtmOKB/TNPPbMe4QfuFip7qogkLl4/vDofzjNxkxKE0S0CtYwfiar7l8CUZmV
9NIjzXQQd136xSQaAmWf4ise1tBXngx4woir3Xn1Zr7ULl9/jnQyahkhqW0PaNw2
WCu3P8ARlcTeBcDkXUMrFy5sASSqNcrCJ4GttssAEkhKd99hHKP6lxWYxo+sXLSW
rR+G02B6XmxU/dSmvyeEtWRogJseOwaRQVVZE0fpYxrFP9YiqJq4wXDtOY+PmSS3
LHaX7Gx8I5vf7x8BwkiGul/wfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:19 2024 by rpki-client on console-fra.rpki-client.org