Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa
File:                     c3_q1_5NEkoz802pTAM0yspJMTY.roa (raw, json)
Hash identifier:          9ocjRANHimUG8IIdEICYSaNs3Xgv7MG/bHMdN2MCTdU=
Subject key identifier:   73:7F:EA:D7:FE:4D:12:4A:33:F3:4D:A9:4C:03:34:CA:CA:49:31:36
Certificate issuer:       /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial:       0184DA4B73BA9F373A215671C2F1C29A76A5
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa
Signing time:             Sat 03 Dec 2022 23:21:28 +0000
ROA not before:           Sat 03 Dec 2022 23:21:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211672
IP address blocks:        2a0f:b100:40::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:da:4b:73:ba:9f:37:3a:21:56:71:c2:f1:c2:9a:76:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
        Validity
            Not Before: Dec  3 23:21:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=737fead7fe4d124a33f34da94c0334caca493136
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:5e:cb:e8:fa:e1:8b:93:f1:35:8e:92:41:7b:
                    19:42:e7:c2:c0:86:6e:e4:ec:a2:d6:e8:0c:06:76:
                    b2:c6:a8:93:42:f5:02:91:ac:82:c3:5a:a0:16:aa:
                    8a:c9:57:67:32:d3:e1:db:e1:d1:e6:7f:58:48:1d:
                    dc:88:38:44:35:6b:f8:f6:0e:ca:61:3d:f2:9c:9a:
                    4a:69:21:82:bc:70:9f:fe:58:61:2f:49:b7:7a:7e:
                    3a:8d:eb:79:c7:b3:37:62:f2:e1:09:ca:5e:07:e7:
                    c0:60:e7:8a:71:22:d3:48:2e:4b:24:a7:63:7d:7b:
                    f5:1e:18:d5:dc:82:84:f7:12:36:f1:91:f6:1a:6e:
                    11:5c:66:ba:ef:d4:f2:76:34:2b:8e:70:11:f2:3c:
                    af:da:f4:a1:9b:7d:d1:e7:41:f8:08:03:de:59:dc:
                    ee:76:92:00:b1:79:1f:45:77:ab:ed:56:1b:49:dc:
                    af:3c:11:bd:00:6e:df:f3:18:a9:7c:e8:0d:2a:78:
                    9e:cf:8c:63:46:b8:8e:15:bc:42:29:71:e9:55:c2:
                    19:a7:31:c6:93:77:bf:5b:4e:94:da:0f:00:1a:45:
                    e5:a9:ce:68:53:a5:e7:95:e3:59:31:1f:db:eb:24:
                    e9:f0:38:36:6a:cb:31:9b:82:55:3c:98:30:55:45:
                    26:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:7F:EA:D7:FE:4D:12:4A:33:F3:4D:A9:4C:03:34:CA:CA:49:31:36
            X509v3 Authority Key Identifier:
                keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/c3_q1_5NEkoz802pTAM0yspJMTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:b100:40::/48

    Signature Algorithm: sha256WithRSAEncryption
         bd:70:27:2a:87:88:9a:35:49:76:75:25:26:b2:9b:fe:e8:8e:
         bd:08:7c:b3:f3:aa:f4:f0:d9:4b:23:c4:db:24:6c:11:1c:01:
         ce:34:83:65:b6:5e:67:13:59:c4:c5:96:36:de:ae:5c:6d:bd:
         48:ae:eb:1d:cd:02:40:cf:c9:9c:65:18:5c:b6:16:ae:82:75:
         c3:de:a4:5e:1e:7d:fe:e2:cc:30:40:a1:9c:fc:2b:b4:82:aa:
         9b:b9:31:2e:f0:af:31:a1:0c:78:f3:a1:6b:4e:c1:51:28:82:
         fc:b0:79:45:37:f7:e8:3d:4e:29:d5:55:6c:4d:34:cd:1b:88:
         3d:16:2f:38:ac:b1:3a:57:f0:1c:eb:32:41:cc:9e:d7:fb:5f:
         8a:71:c2:49:04:d5:65:42:df:44:79:82:f4:58:fd:31:75:29:
         be:be:28:2b:02:dd:0b:73:75:ca:17:16:b4:20:b2:6c:f3:92:
         54:7e:88:a9:04:5e:06:b4:80:fb:58:b1:b9:67:9c:64:23:b9:
         c0:c7:62:61:9a:e3:50:93:01:a4:14:43:9b:6f:8f:3a:f7:56:
         15:21:0a:9d:63:4f:31:4c:fd:73:7c:48:c9:89:aa:1e:74:32:
         f6:00:04:fe:25:18:ee:a2:30:cf:7c:f1:ef:05:8d:5a:b3:c4:
         f7:3b:e9:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTaS3O6nzc6IVZxwvHCmnalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIxMjAzMjMyMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdmZWFkN2ZlNGQxMjRhMzNmMzRkYTk0YzAzMzRjYWNhNDkzMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF7L6Prhi5PxNY6SQXsZQufCwIZu
5Oyi1ugMBnayxqiTQvUCkayCw1qgFqqKyVdnMtPh2+HR5n9YSB3ciDhENWv49g7K
YT3ynJpKaSGCvHCf/lhhL0m3en46jet5x7M3YvLhCcpeB+fAYOeKcSLTSC5LJKdj
fXv1HhjV3IKE9xI28ZH2Gm4RXGa679TydjQrjnAR8jyv2vShm33R50H4CAPeWdzu
dpIAsXkfRXer7VYbSdyvPBG9AG7f8xipfOgNKniez4xjRriOFbxCKXHpVcIZpzHG
k3e/W06U2g8AGkXlqc5oU6XnleNZMR/b6yTp8Dg2assxm4JVPJgwVUUmRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHN/6tf+TRJKM/NNqUwDNMrKSTE2MB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvYzNfcTFfNU5Fa296ODAycFRBTTB5c3BKTVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+xAABA
MA0GCSqGSIb3DQEBCwUAA4IBAQC9cCcqh4iaNUl2dSUmspv+6I69CHyz86r08NlL
I8TbJGwRHAHONINltl5nE1nExZY23q5cbb1IrusdzQJAz8mcZRhcthaugnXD3qRe
Hn3+4swwQKGc/Cu0gqqbuTEu8K8xoQx486FrTsFRKIL8sHlFN/foPU4p1VVsTTTN
G4g9Fi84rLE6V/Ac6zJBzJ7X+1+KccJJBNVlQt9EeYL0WP0xdSm+vigrAt0Lc3XK
Fxa0ILJs85JUfoipBF4GtID7WLG5Z5xkI7nAx2JhmuNQkwGkFEObb48691YVIQqd
Y08xTP1zfEjJiaoedDL2AAT+JRjuojDPfPHvBY1as8T3O+kl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org