Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/hNI7xmJCll7Jhp_I5XSpSE9LETk.roa
File:                     hNI7xmJCll7Jhp_I5XSpSE9LETk.roa (raw, json)
Hash identifier:          4VcWPA2K0HROYvGsBitg//xJ2G0xR2DFmQ7LAQ4Tx6A=
Subject key identifier:   84:D2:3B:C6:62:42:96:5E:C9:86:9F:C8:E5:74:A9:48:4F:4B:11:39
Certificate issuer:       /CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
Certificate serial:       3B72
Authority key identifier: E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/hNI7xmJCll7Jhp_I5XSpSE9LETk.roa
Signing time:             Fri 04 Mar 2022 16:14:55 +0000
ROA not before:           Fri 04 Mar 2022 16:14:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50113
IP address blocks:        2a12:5940::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15218 (0x3b72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e69f2b69f4a95a521e18fb33e6793f467e031bc1
        Validity
            Not Before: Mar  4 16:14:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84d23bc66242965ec9869fc8e574a9484f4b1139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ea:32:9f:6f:74:28:42:4d:fb:01:c3:e3:3e:
                    d7:ed:e8:cd:db:b6:1f:31:4e:b1:69:9b:d0:ca:72:
                    fd:68:6b:99:57:ce:56:5b:46:29:c0:3c:08:49:7e:
                    72:78:a0:74:54:7a:57:7b:27:9d:49:c9:dd:68:e0:
                    88:0e:64:91:23:aa:2f:1b:38:8e:30:6e:be:dc:b5:
                    b9:00:c2:8d:bc:eb:6f:eb:f1:ef:12:eb:17:90:0b:
                    c5:20:d9:f1:6a:c1:c4:f0:71:5f:66:22:dc:f9:3d:
                    e7:d8:86:a7:83:f6:7f:81:14:ff:00:0d:66:90:f7:
                    61:6a:5c:51:41:bb:86:69:b6:a3:82:ac:fb:2b:8c:
                    c0:28:5f:c1:00:64:0c:a6:d2:68:bf:94:75:0b:b0:
                    ad:9b:29:b5:6a:75:8e:2e:c8:eb:c3:19:d6:73:b8:
                    3e:60:a8:8a:44:01:27:95:3d:11:e9:99:e2:fe:c1:
                    22:96:55:4d:f9:fd:63:21:9a:72:f3:a9:ab:cd:c0:
                    f6:ff:6a:0f:a3:e2:b1:45:65:42:98:1e:a2:c2:2b:
                    44:35:d8:7c:82:00:36:04:69:6a:61:a7:22:10:ed:
                    88:0e:e3:69:d6:56:c1:d4:06:ee:22:68:18:08:7a:
                    e7:be:f3:bd:79:f6:b7:67:19:dc:37:ed:01:69:51:
                    7b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:D2:3B:C6:62:42:96:5E:C9:86:9F:C8:E5:74:A9:48:4F:4B:11:39
            X509v3 Authority Key Identifier:
                keyid:E6:9F:2B:69:F4:A9:5A:52:1E:18:FB:33:E6:79:3F:46:7E:03:1B:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5p8rafSpWlIeGPsz5nk_Rn4DG8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/hNI7xmJCll7Jhp_I5XSpSE9LETk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/37eab0-7f53-4b62-b5d4-78006e078171/1/5p8rafSpWlIeGPsz5nk_Rn4DG8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:5940::/29

    Signature Algorithm: sha256WithRSAEncryption
         33:ed:22:f6:a0:17:2f:3c:25:56:46:f4:3a:60:6e:0f:3b:ee:
         03:91:f1:b9:b4:17:21:35:1d:32:ed:f1:6e:9a:bf:13:4d:1a:
         6e:51:c0:38:2c:ea:69:31:90:77:45:9b:4f:10:5c:ae:8c:ba:
         e7:2d:67:77:11:52:09:3d:9b:98:fb:37:db:ed:b8:d2:54:12:
         e3:e5:78:33:1b:55:d0:52:9f:fb:8c:f6:d1:8a:53:66:c6:0a:
         c2:0a:c7:b5:0e:7c:5c:77:6d:c0:c3:70:02:ee:30:9c:62:11:
         44:ee:e7:5e:34:54:4c:57:5b:bf:2a:44:c3:ac:cd:12:68:47:
         e1:e9:04:ea:d2:61:90:d3:4e:18:0e:20:77:90:5d:1b:7d:47:
         22:05:10:45:b4:31:3e:90:42:a6:ad:91:43:31:2e:88:fb:5b:
         91:dc:0a:12:d7:42:af:0c:55:9e:d9:9a:06:9d:db:c9:64:2d:
         75:e2:60:7e:26:a7:88:05:5e:da:3d:d7:e0:bb:ea:02:d3:7f:
         2b:b6:e2:20:21:30:db:40:78:ef:eb:19:8e:12:93:76:56:42:
         8c:1f:f8:30:40:7b:55:75:a7:d8:d5:58:f6:25:af:ea:55:0a:
         85:fb:85:9a:7a:be:dd:7d:3f:15:af:01:03:be:54:25:60:86:
         ec:e0:03:6d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICO3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZTY5
ZjJiNjlmNGE5NWE1MjFlMThmYjMzZTY3OTNmNDY3ZTAzMWJjMTAeFw0yMjAzMDQx
NjE0NTVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg0ZDIzYmM2NjI0Mjk2
NWVjOTg2OWZjOGU1NzRhOTQ4NGY0YjExMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH6jKfb3QoQk37AcPjPtft6M3bth8xTrFpm9DKcv1oa5lXzlZb
RinAPAhJfnJ4oHRUeld7J51Jyd1o4IgOZJEjqi8bOI4wbr7ctbkAwo2862/r8e8S
6xeQC8Ug2fFqwcTwcV9mItz5PefYhqeD9n+BFP8ADWaQ92FqXFFBu4ZptqOCrPsr
jMAoX8EAZAym0mi/lHULsK2bKbVqdY4uyOvDGdZzuD5gqIpEASeVPRHpmeL+wSKW
VU35/WMhmnLzqavNwPb/ag+j4rFFZUKYHqLCK0Q12HyCADYEaWphpyIQ7YgO42nW
VsHUBu4iaBgIeue+87159rdnGdw37QFpUXvnAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUhNI7xmJCll7Jhp/I5XSpSE9LETkwHwYDVR0jBBgwFoAU5p8rafSpWlIeGPsz
5nk/Rn4DG8EwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81
cDhyYWZTcFdsSWVHUHN6NW5rX1JuNERHOEUuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2JkLzM3ZWFiMC03ZjUzLTRiNjItYjVkNC03ODAwNmUwNzgxNzEvMS9o
Tkk3eG1KQ2xsN0pocF9JNVhTcFNFOUxFVGsucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JkLzM3
ZWFiMC03ZjUzLTRiNjItYjVkNC03ODAwNmUwNzgxNzEvMS81cDhyYWZTcFdsSWVH
UHN6NW5rX1JuNERHOEUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYI
KwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqEllAMA0GCSqGSIb3DQEBCwUAA4IB
AQAz7SL2oBcvPCVWRvQ6YG4PO+4DkfG5tBchNR0y7fFumr8TTRpuUcA4LOppMZB3
RZtPEFyujLrnLWd3EVIJPZuY+zfb7bjSVBLj5XgzG1XQUp/7jPbRilNmxgrCCse1
Dnxcd23Aw3AC7jCcYhFE7udeNFRMV1u/KkTDrM0SaEfh6QTq0mGQ004YDiB3kF0b
fUciBRBFtDE+kEKmrZFDMS6I+1uR3AoS10KvDFWe2ZoGndvJZC114mB+JqeIBV7a
Pdfgu+oC038rtuIgITDbQHjv6xmOEpN2VkKMH/gwQHtVdafY1Vj2Ja/qVQqF+4Wa
er7dfT8VrwEDvlQlYIbs4ANt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:54 2024 by rpki-client on console-fra.rpki-client.org