Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/a0SwfEEUJbviD8zjigaXLm5BGmM.roa
File:                     a0SwfEEUJbviD8zjigaXLm5BGmM.roa (raw, json)
Hash identifier:          TU444GCmK+nzsf4sFKRnofckTKGyHTlI9BK4GYyVWd8=
Subject key identifier:   6B:44:B0:7C:41:14:25:BB:E2:0F:CC:E3:8A:06:97:2E:6E:41:1A:63
Certificate issuer:       /CN=b0e25bcc5530b6f46f3d11cb8113f219a46dfdab
Certificate serial:       097F64
Authority key identifier: B0:E2:5B:CC:55:30:B6:F4:6F:3D:11:CB:81:13:F2:19:A4:6D:FD:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sOJbzFUwtvRvPRHLgRPyGaRt_as.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/a0SwfEEUJbviD8zjigaXLm5BGmM.roa
Signing time:             Fri 11 Feb 2022 12:14:08 +0000
ROA not before:           Fri 11 Feb 2022 12:14:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208869
IP address blocks:        2a12:6bc0::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 622436 (0x97f64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0e25bcc5530b6f46f3d11cb8113f219a46dfdab
        Validity
            Not Before: Feb 11 12:14:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6b44b07c411425bbe20fcce38a06972e6e411a63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:01:46:08:93:39:7c:ee:62:1d:c8:a4:fe:d1:
                    ca:27:01:6f:d8:29:b4:b5:8b:5f:53:75:78:6f:af:
                    b3:1d:f9:c8:52:9e:98:98:01:ca:b8:18:87:4b:4e:
                    31:85:a5:7a:c9:a4:ff:2a:96:22:85:05:3b:13:97:
                    b1:a7:a7:26:f0:15:a7:9b:39:e9:ad:19:61:66:ae:
                    f8:dc:ab:9d:80:72:41:e6:95:80:cc:2a:4c:11:0c:
                    f4:88:02:6b:27:dc:27:0b:88:3d:de:87:5a:2e:31:
                    43:39:7b:a5:c1:ac:44:7a:57:07:07:19:a2:7f:43:
                    e5:65:f1:10:5d:f0:90:55:f9:3e:13:a9:1c:04:80:
                    ac:5c:ac:17:e4:bb:e7:84:0a:08:0f:4d:f8:ab:10:
                    1d:e4:1b:38:45:fa:13:52:a8:e8:9b:26:f8:f2:a3:
                    b9:16:fb:a2:b3:57:0e:f3:50:ed:97:62:be:fa:2a:
                    3f:a8:ad:34:d5:d9:c1:ec:0e:fe:99:57:75:f9:87:
                    6a:f3:d7:f4:86:02:23:6e:de:38:f7:2b:48:82:6e:
                    f2:47:5c:70:4b:5e:fa:79:e5:ed:18:2f:d9:7a:0f:
                    89:e1:dc:8e:ba:41:c6:b7:b1:38:7d:2e:5d:7b:ce:
                    a7:92:8b:93:88:cc:b6:ed:7f:5a:1e:25:00:fa:f0:
                    4d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:44:B0:7C:41:14:25:BB:E2:0F:CC:E3:8A:06:97:2E:6E:41:1A:63
            X509v3 Authority Key Identifier:
                keyid:B0:E2:5B:CC:55:30:B6:F4:6F:3D:11:CB:81:13:F2:19:A4:6D:FD:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sOJbzFUwtvRvPRHLgRPyGaRt_as.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/a0SwfEEUJbviD8zjigaXLm5BGmM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3830c8-802f-4846-b6e5-1aadaba80072/1/sOJbzFUwtvRvPRHLgRPyGaRt_as.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:6bc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         52:61:6e:be:c8:3c:6e:62:3d:37:57:b8:d0:e2:78:5b:ae:66:
         6f:b2:5c:ac:b5:e7:bc:13:3f:0e:be:22:82:b9:ae:46:35:b1:
         2c:55:9c:25:33:b5:35:f4:fa:a2:f2:64:d9:cc:2f:9f:9d:19:
         4c:50:f9:3e:94:56:12:48:55:fa:a2:e3:62:07:4c:0d:e4:75:
         c2:19:f1:ed:a5:4f:24:d1:a3:32:f0:27:71:8b:4f:8a:ed:8f:
         e4:c5:e2:40:0c:4d:af:33:7f:19:fc:c2:14:ea:98:3d:f8:7d:
         ae:ee:01:7f:25:79:bc:78:51:62:ff:60:9a:b0:4d:bc:6f:15:
         26:70:e1:a0:3a:53:4c:ae:58:f7:4c:83:29:03:e1:e5:e4:54:
         e2:6a:5a:19:21:e9:25:c1:27:9e:dc:cc:b3:40:50:c7:7a:0e:
         af:17:b5:b2:35:a5:2e:cc:2b:35:89:bc:12:48:28:ee:96:ff:
         3f:94:63:a9:03:26:f2:30:e0:27:3b:9d:02:f3:b8:5f:32:e3:
         0f:1a:2e:23:f8:2a:68:2d:03:79:b4:d6:02:ca:7e:f6:68:69:
         22:40:7e:7b:a7:68:1d:33:d3:d7:81:4b:44:da:2f:73:6d:40:
         9d:63:ba:c1:48:4a:18:27:3d:03:67:2e:e5:7d:07:d4:7e:1e:
         95:5b:30:70
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDCX9kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
ZTI1YmNjNTUzMGI2ZjQ2ZjNkMTFjYjgxMTNmMjE5YTQ2ZGZkYWIwHhcNMjIwMjEx
MTIxNDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YjQ0YjA3YzQxMTQy
NWJiZTIwZmNjZTM4YTA2OTcyZTZlNDExYTYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApwFGCJM5fO5iHcik/tHKJwFv2Cm0tYtfU3V4b6+zHfnIUp6Y
mAHKuBiHS04xhaV6yaT/KpYihQU7E5exp6cm8BWnmznprRlhZq743KudgHJB5pWA
zCpMEQz0iAJrJ9wnC4g93odaLjFDOXulwaxEelcHBxmif0PlZfEQXfCQVfk+E6kc
BICsXKwX5LvnhAoID034qxAd5Bs4RfoTUqjomyb48qO5Fvuis1cO81Dtl2K++io/
qK001dnB7A7+mVd1+Ydq89f0hgIjbt449ytIgm7yR1xwS176eeXtGC/Zeg+J4dyO
ukHGt7E4fS5de86nkouTiMy27X9aHiUA+vBNUQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFGtEsHxBFCW74g/M44oGly5uQRpjMB8GA1UdIwQYMBaAFLDiW8xVMLb0bz0R
y4ET8hmkbf2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c09KYnpGVXd0dlJ2UFJITGdSUHlHYVJ0X2FzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84ZS8zODMwYzgtODAyZi00ODQ2LWI2ZTUtMWFhZGFiYTgwMDcyLzEv
YTBTd2ZFRVVKYnZpRDh6amlnYVhMbTVCR21NLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8z
ODMwYzgtODAyZi00ODQ2LWI2ZTUtMWFhZGFiYTgwMDcyLzEvc09KYnpGVXd0dlJ2
UFJITGdSUHlHYVJ0X2FzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJrwDANBgkqhkiG9w0BAQsFAAOC
AQEAUmFuvsg8bmI9N1e40OJ4W65mb7JcrLXnvBM/Dr4igrmuRjWxLFWcJTO1NfT6
ovJk2cwvn50ZTFD5PpRWEkhV+qLjYgdMDeR1whnx7aVPJNGjMvAncYtPiu2P5MXi
QAxNrzN/GfzCFOqYPfh9ru4BfyV5vHhRYv9gmrBNvG8VJnDhoDpTTK5Y90yDKQPh
5eRU4mpaGSHpJcEnntzMs0BQx3oOrxe1sjWlLswrNYm8Ekgo7pb/P5RjqQMm8jDg
JzudAvO4XzLjDxouI/gqaC0DebTWAsp+9mhpIkB+e6doHTPT14FLRNovc21AnWO6
wUhKGCc9A2cu5X0H1H4elVswcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org