Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/uplift/NXcXcvufxaz7UKj3TeiTmbAual4.roa
File:                     NXcXcvufxaz7UKj3TeiTmbAual4.roa (raw, json)
Hash identifier:          Tn49/cJO4lEGWuy166O5hKaAOWvY7uQZgX8Pb914jCM=
Subject key identifier:   35:77:17:72:FB:9F:C5:AC:FB:50:A8:F7:4D:E8:93:99:B0:2E:6A:5E
Certificate issuer:       /CN=2017cc580d273c54ba3064cd2cd6af39b804b887
Certificate serial:       67
Authority key identifier: 20:17:CC:58:0D:27:3C:54:BA:30:64:CD:2C:D6:AF:39:B8:04:B8:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IBfMWA0nPFS6MGTNLNavObgEuIc.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/uplift/NXcXcvufxaz7UKj3TeiTmbAual4.roa
Signing time:             Tue 23 Feb 2021 18:37:46 +0000
ROA not before:           Tue 23 Feb 2021 18:37:46 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     1883
IP address blocks:        2001:67c:2938::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 103 (0x67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2017cc580d273c54ba3064cd2cd6af39b804b887
        Validity
            Not Before: Feb 23 18:37:46 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=35771772FB9FC5ACFB50A8F74DE89399B02E6A5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:63:13:46:a3:88:1c:f9:e7:dd:1b:00:60:56:
                    87:50:51:ea:e5:6d:ca:20:25:41:bc:1f:39:9c:11:
                    3f:66:b1:a5:b4:5a:87:50:8e:cc:22:cf:da:85:70:
                    6e:88:06:f0:5b:73:05:41:7e:31:0e:d6:80:a2:18:
                    09:ad:01:7d:81:5f:2e:32:9f:2f:99:29:76:ef:21:
                    ef:19:78:27:76:fa:10:aa:36:c1:86:6c:98:7e:2f:
                    1d:d7:20:95:88:f4:8b:80:a5:d0:9d:73:d2:54:f7:
                    47:c6:90:a9:26:71:6f:59:2f:66:2a:a7:20:05:88:
                    c3:70:87:4a:f6:d1:91:3b:ee:f1:23:0c:7e:8b:f4:
                    04:4c:0d:db:a3:73:5f:5d:74:cf:68:f5:75:1b:50:
                    8d:58:d0:c7:5f:03:c2:0f:e4:42:af:d6:2a:d4:5f:
                    ee:37:d2:d8:34:e4:2e:1b:dd:f8:70:6a:e3:0b:a4:
                    b0:2d:1c:39:b9:d9:25:3b:a7:0d:50:26:eb:3f:3e:
                    00:e6:ff:df:99:13:2a:f7:d7:40:e6:42:3c:7d:85:
                    f3:83:e7:aa:80:e1:6d:f1:55:9d:1b:38:83:bb:44:
                    e8:58:73:ab:d5:19:3c:11:15:48:f3:1a:04:ed:e7:
                    75:3f:fa:b8:af:e6:39:bb:57:8f:d5:26:10:1a:b1:
                    aa:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:77:17:72:FB:9F:C5:AC:FB:50:A8:F7:4D:E8:93:99:B0:2E:6A:5E
            X509v3 Authority Key Identifier:
                keyid:20:17:CC:58:0D:27:3C:54:BA:30:64:CD:2C:D6:AF:39:B8:04:B8:87

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/uplift/IBfMWA0nPFS6MGTNLNavObgEuIc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IBfMWA0nPFS6MGTNLNavObgEuIc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/uplift/NXcXcvufxaz7UKj3TeiTmbAual4.roa
                RPKI Notify - URI:https://chloe.sobornost.net/rpki/news-public.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2938::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:bb:17:1a:63:65:49:c2:ff:a1:73:a2:b5:0b:da:d7:43:7a:
         61:6c:26:e8:75:3d:fb:ee:3d:84:60:e9:23:cf:92:47:3b:55:
         f3:e1:2a:7e:cc:83:e8:cf:38:0e:d3:a1:fe:09:e6:18:14:1a:
         92:0b:51:a3:0d:59:db:33:21:77:9b:dd:c6:58:aa:e9:74:bf:
         65:a0:e6:05:15:d2:a9:20:a7:15:1e:20:4b:2f:fc:0b:f1:50:
         a7:9a:d2:b2:e1:a8:34:a6:bc:1e:00:34:fd:5f:6c:83:c9:21:
         b9:7e:01:87:35:ff:63:60:8e:31:28:47:c7:97:4b:bc:6f:5e:
         e1:e1:8a:2f:3b:bb:98:79:0a:d0:5e:75:14:4e:ad:cd:f6:21:
         3d:d2:e0:ab:f6:41:80:3a:2a:4c:72:18:74:04:91:e0:54:56:
         0a:cb:2f:cb:cf:88:4e:66:d5:c7:3a:60:38:14:0d:61:9f:07:
         e7:8c:b3:cc:37:b4:57:e3:62:09:4f:1f:46:8d:3c:15:ec:2b:
         3f:3b:7a:2d:89:56:7f:fb:e1:91:7f:98:c3:be:69:3e:49:ee:
         91:95:bf:f7:55:59:5d:7b:32:3e:d5:d2:d2:93:e3:b0:39:fd:
         da:52:83:bf:7e:ab:4b:9f:26:f8:73:d7:84:4d:3a:8b:26:35:
         1d:a3:cc:8a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgIBZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyMDE3
Y2M1ODBkMjczYzU0YmEzMDY0Y2QyY2Q2YWYzOWI4MDRiODg3MB4XDTIxMDIyMzE4
Mzc0NloXDTIyMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU3NzE3NzJGQjlGQzVB
Q0ZCNTBBOEY3NERFODkzOTlCMDJFNkE1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL9jE0ajiBz5590bAGBWh1BR6uVtyiAlQbwfOZwRP2axpbRah1CO
zCLP2oVwbogG8FtzBUF+MQ7WgKIYCa0BfYFfLjKfL5kpdu8h7xl4J3b6EKo2wYZs
mH4vHdcglYj0i4Cl0J1z0lT3R8aQqSZxb1kvZiqnIAWIw3CHSvbRkTvu8SMMfov0
BEwN26NzX110z2j1dRtQjVjQx18Dwg/kQq/WKtRf7jfS2DTkLhvd+HBq4wuksC0c
ObnZJTunDVAm6z8+AOb/35kTKvfXQOZCPH2F84PnqoDhbfFVnRs4g7tE6Fhzq9UZ
PBEVSPMaBO3ndT/6uK/mObtXj9UmEBqxqicCAwEAAaOCAfgwggH0MB0GA1UdDgQW
BBQ1dxdy+5/FrPtQqPdN6JOZsC5qXjAfBgNVHSMEGDAWgBQgF8xYDSc8VLowZM0s
1q85uAS4hzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGA1UdHwRRME8wTaBL
oEmGR3JzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC9JQmZN
V0EwblBGUzZNR1ROTE5hdk9iZ0V1SWMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9JQmZNV0EwblBGUzZNR1ROTE5hdk9iZ0V1SWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBowYIKwYBBQUHAQsEgZYwgZMwUwYIKwYBBQUHMAuGR3JzeW5jOi8vY2hsb2Uu
c29ib3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC9OWGNYY3Z1ZnhhejdVS2ozVGVpVG1i
QXVhbDQucm9hMDwGCCsGAQUFBzANhjBodHRwczovL2NobG9lLnNvYm9ybm9zdC5u
ZXQvcnBraS9uZXdzLXB1YmxpYy54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAgAQZ8KTgwDQYJKoZIhvcNAQELBQADggEBAHy7FxpjZUnC/6FzorUL2tdD
emFsJuh1PfvuPYRg6SPPkkc7VfPhKn7Mg+jPOA7Tof4J5hgUGpILUaMNWdszIXeb
3cZYqul0v2Wg5gUV0qkgpxUeIEsv/AvxUKea0rLhqDSmvB4ANP1fbIPJIbl+AYc1
/2NgjjEoR8eXS7xvXuHhii87u5h5CtBedRROrc32IT3S4Kv2QYA6KkxyGHQEkeBU
VgrLL8vPiE5m1cc6YDgUDWGfB+eMs8w3tFfjYglPH0aNPBXsKz87ei2JVn/74ZF/
mMO+aT5J7pGVv/dVWV17Mj7V0tKT47A5/dpSg79+q0ufJvhz14RNOosmNR2jzIo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org