Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/lUJDjd_SAncIT2Z7JfaHuIl3vbI.roa
File:                     lUJDjd_SAncIT2Z7JfaHuIl3vbI.roa (raw, json)
Hash identifier:          1b3obtNnhg9Mhwx5uVsUZOddNefrhCh87SZkOmQh9Uw=
Subject key identifier:   95:42:43:8D:DF:D2:02:77:08:4F:66:7B:25:F6:87:B8:89:77:BD:B2
Certificate issuer:       /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial:       D623
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/lUJDjd_SAncIT2Z7JfaHuIl3vbI.roa
Signing time:             Fri 17 Jun 2022 00:05:08 +0000
ROA not before:           Fri 17 Jun 2022 00:05:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3130
IP address blocks:        198.180.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54819 (0xd623)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
        Validity
            Not Before: Jun 17 00:05:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9542438DDFD20277084F667B25F687B88977BDB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:03:20:5b:b8:25:5b:dd:9e:d2:fd:80:01:d1:
                    25:be:a1:fe:34:25:76:29:c5:fa:10:77:d1:20:1d:
                    41:31:0b:ae:7e:e8:5c:11:e1:ee:37:f6:29:30:92:
                    60:ad:9e:c7:d0:fe:a7:30:0b:09:fa:a7:89:ae:32:
                    7d:d0:2c:a7:da:52:51:c8:6b:dc:8b:75:6b:10:64:
                    eb:3a:2f:7b:2e:2b:1a:0f:0e:fe:69:20:96:2b:8e:
                    51:ef:42:d7:e3:96:8f:bb:1a:0e:f3:a0:dd:18:b2:
                    81:36:00:4d:ed:7c:72:37:c8:7e:20:7a:85:7c:42:
                    bf:16:9b:cd:e4:e0:6f:99:be:d1:c4:1c:8d:03:2c:
                    48:7e:d1:45:8b:47:7d:fa:28:40:fe:14:3a:99:0e:
                    10:5d:b1:f4:aa:09:b7:15:e6:2a:05:8a:5e:13:73:
                    e8:86:9a:b2:4a:ed:66:9b:10:5d:28:06:6d:9a:30:
                    78:af:48:f0:d0:98:65:9d:76:b6:d2:2e:c1:9b:a4:
                    e7:29:4c:c2:ec:a0:a3:7f:88:37:07:f2:e7:b5:0c:
                    0a:2b:24:bd:a8:5b:86:86:91:66:72:f0:2f:6d:fc:
                    b8:a4:58:d6:a0:85:b6:5c:d7:70:d1:45:8e:71:ab:
                    30:34:d7:ea:50:d7:dd:23:ac:9a:bf:fc:63:f4:b7:
                    42:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:42:43:8D:DF:D2:02:77:08:4F:66:7B:25:F6:87:B8:89:77:BD:B2
            X509v3 Authority Key Identifier:
                keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/lUJDjd_SAncIT2Z7JfaHuIl3vbI.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.180.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:01:c9:eb:25:0b:a9:a9:2e:9e:36:d3:27:1b:76:7a:36:2a:
         59:d1:4e:6c:47:54:a7:ab:d8:b3:51:c2:31:0f:00:da:48:38:
         31:da:8c:e6:34:39:7f:8e:24:df:6b:92:25:70:83:cc:5c:35:
         1f:c9:25:b6:8f:14:5a:f1:7a:09:d2:b7:ed:53:94:ba:79:1e:
         a3:b3:ba:8d:b4:70:e3:a2:c6:fd:3e:76:42:db:3f:c5:85:69:
         60:61:fd:c9:88:45:42:11:36:44:ca:cb:62:02:c4:30:8e:ae:
         39:0f:97:4a:27:fa:d0:46:ca:67:72:21:69:00:97:a0:26:8b:
         dc:72:ee:99:63:7b:6e:bd:89:b1:51:fc:f9:d7:cf:00:42:4f:
         64:dc:e4:c6:04:8e:c9:be:13:9d:f2:45:69:ca:ac:1e:3e:34:
         27:90:65:47:12:3e:75:ab:44:75:a8:e9:42:9e:bc:d1:13:eb:
         5a:b3:41:28:52:70:b5:f6:50:02:65:ae:49:35:e9:fd:7e:8b:
         15:43:90:2e:82:ac:df:c2:37:a6:56:bf:f2:6c:ab:66:90:d3:
         c6:8c:8b:1d:0f:5a:87:2a:38:38:79:66:ef:6f:a5:d6:c8:6a:
         bc:f2:45:46:b0:d4:13:1d:7f:e2:b4:a2:12:f1:b5:e9:74:cd:
         f3:9a:29:a0
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NTQyNDM4RERGRDIw
Mjc3MDg0RjY2N0IyNUY2ODdCODg5NzdCREIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6QMgW7glW92e0v2AAdElvqH+NCV2KcX6EHfRIB1BMQuufuhc
EeHuN/YpMJJgrZ7H0P6nMAsJ+qeJrjJ90Cyn2lJRyGvci3VrEGTrOi97LisaDw7+
aSCWK45R70LX45aPuxoO86DdGLKBNgBN7XxyN8h+IHqFfEK/FpvN5OBvmb7RxByN
AyxIftFFi0d9+ihA/hQ6mQ4QXbH0qgm3FeYqBYpeE3PohpqySu1mmxBdKAZtmjB4
r0jw0JhlnXa20i7Bm6TnKUzC7KCjf4g3B/LntQwKKyS9qFuGhpFmcvAvbfy4pFjW
oIW2XNdw0UWOcaswNNfqUNfdI6yav/xj9LdCdwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFJVCQ43f0gJ3CE9meyX2h7iJd72yMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL2xVSkRqZF9TQW5jSVQyWjdKZmFIdUlsM3ZiSS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0mTANBgkqhkiG9w0BAQsFAAOCAQEAfwHJ
6yULqakunjbTJxt2ejYqWdFObEdUp6vYs1HCMQ8A2kg4MdqM5jQ5f44k32uSJXCD
zFw1H8klto8UWvF6CdK37VOUunkeo7O6jbRw46LG/T52Qts/xYVpYGH9yYhFQhE2
RMrLYgLEMI6uOQ+XSif60EbKZ3IhaQCXoCaL3HLumWN7br2JsVH8+dfPAEJPZNzk
xgSOyb4TnfJFacqsHj40J5BlRxI+datEdajpQp680RPrWrNBKFJwtfZQAmWuSTXp
/X6LFUOQLoKs38I3pla/8myrZpDTxoyLHQ9ahyo4OHlm72+l1shqvPJFRrDUEx1/
4rSiEvG16XTN85opoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:35 2023 by rpki-client on console-fra.rpki-client.org