Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/AQIIAKFM_q2hgpR4yvUlSIy6eFU.roa
File:                     AQIIAKFM_q2hgpR4yvUlSIy6eFU.roa (raw, json)
Hash identifier:          sbK+o9wI2150ejelEN2FY1cAwvYsxJ1BengaTNbqwFI=
Subject key identifier:   01:02:08:00:A1:4C:FE:AD:A1:82:94:78:CA:F5:25:48:8C:BA:78:55
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       C8B2
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/AQIIAKFM_q2hgpR4yvUlSIy6eFU.roa
Signing time:             Wed 07 Dec 2022 17:41:53 +0000
ROA not before:           Wed 07 Dec 2022 17:41:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        2a0e:b240::/29 maxlen: 29
                          2a0e:b240::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51378 (0xc8b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec  7 17:41:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=01020800A14CFEADA1829478CAF525488CBA7855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ff:59:c1:9c:99:2f:08:3b:d1:4c:bf:3d:0a:
                    55:1d:9e:07:dd:13:5a:4a:09:09:50:98:b9:d1:5f:
                    db:8f:44:9a:31:03:74:6a:7f:7a:d6:01:c6:e1:3a:
                    99:4b:9b:1e:dc:bc:0c:cb:92:98:ae:29:09:8a:01:
                    d1:83:05:8d:7a:99:e4:18:58:a2:28:97:7d:8f:74:
                    81:2d:4e:72:5e:ea:fe:ce:8c:00:ba:af:e9:b0:36:
                    eb:04:8d:67:91:64:12:ec:36:0d:1a:a4:ca:5a:6c:
                    18:37:e4:32:a9:6d:51:13:b8:46:49:9f:9c:92:b8:
                    1b:99:e8:d0:29:c5:bb:8d:9c:11:37:f5:cd:d2:c4:
                    56:1b:93:98:90:90:67:b4:82:dc:bb:e2:4b:18:db:
                    7c:16:ac:37:ed:3e:e0:33:e3:50:32:10:05:ad:4a:
                    33:9f:1a:5d:d9:a5:01:8c:13:52:07:ed:ec:5f:16:
                    9e:b2:6a:67:7c:b1:93:f7:10:9d:86:99:6b:23:33:
                    64:65:02:5e:3c:d8:bc:16:a3:4e:dc:65:e5:d8:89:
                    97:38:e9:89:4e:39:7a:5a:55:3f:f5:d1:f0:40:7d:
                    3c:79:38:22:15:83:5e:b1:81:d4:a8:1b:82:65:6b:
                    24:bb:bd:34:37:9e:c9:48:bd:ca:ed:d3:9d:1b:48:
                    6e:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:02:08:00:A1:4C:FE:AD:A1:82:94:78:CA:F5:25:48:8C:BA:78:55
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/AQIIAKFM_q2hgpR4yvUlSIy6eFU.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b240::/29

    Signature Algorithm: sha256WithRSAEncryption
         a9:c3:b5:57:53:13:18:d6:a0:6c:af:88:d2:d7:e3:76:69:18:
         44:76:ca:7c:a3:c6:fb:23:47:58:8c:94:75:4d:c7:4b:29:cf:
         70:3a:30:f3:9f:a4:a6:3c:da:97:2d:8d:95:fa:4e:b7:83:29:
         bd:55:50:f2:f9:cb:d6:cf:c9:d4:05:4a:83:c9:4f:bc:81:17:
         66:e5:9a:98:06:fb:fc:5b:64:06:4d:3c:0a:c7:63:4f:d7:d6:
         f3:c0:bf:c9:cd:f0:91:44:00:55:e3:3f:6f:e6:fb:83:27:b1:
         b6:9d:69:0f:5c:32:90:3c:e5:6c:6c:6d:7b:b2:71:07:2a:03:
         78:9e:3d:ff:2d:e4:ac:a0:9e:b9:63:e5:9f:04:b3:85:13:58:
         37:4a:26:96:39:89:d9:88:e9:85:b2:db:70:b5:2b:34:d3:27:
         d4:81:23:1b:ff:cb:c5:ee:83:ba:3a:c3:a0:09:0d:e9:66:15:
         19:37:69:ed:dc:57:3e:ce:64:70:74:77:3a:7d:8c:eb:f1:e4:
         a5:3d:d0:27:90:18:d9:18:ba:2f:fd:b6:59:57:13:3c:0d:e1:
         91:58:b6:cd:1c:69:e6:9f:e6:7b:d8:4d:e5:6d:b5:f9:ae:38:
         9d:9b:b3:75:08:6d:42:eb:2d:5e:7c:bf:cb:41:0f:0d:f3:1a:
         7c:78:5c:f1
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAMiyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjA3
MTc0MTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMTAyMDgwMEExNENG
RUFEQTE4Mjk0NzhDQUY1MjU0ODhDQkE3ODU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArv9ZwZyZLwg70Uy/PQpVHZ4H3RNaSgkJUJi50V/bj0SaMQN0
an961gHG4TqZS5se3LwMy5KYrikJigHRgwWNepnkGFiiKJd9j3SBLU5yXur+zowA
uq/psDbrBI1nkWQS7DYNGqTKWmwYN+QyqW1RE7hGSZ+ckrgbmejQKcW7jZwRN/XN
0sRWG5OYkJBntILcu+JLGNt8Fqw37T7gM+NQMhAFrUoznxpd2aUBjBNSB+3sXxae
smpnfLGT9xCdhplrIzNkZQJePNi8FqNO3GXl2ImXOOmJTjl6WlU/9dHwQH08eTgi
FYNesYHUqBuCZWsku700N57JSL3K7dOdG0hukwIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFAECCAChTP6toYKUeMr1JUiMunhVMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L0FRSUlBS0ZNX3EyaGdwUjR5dlVsU0l5NmVGVS5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQCpw7VXUxMY1qBs
r4jS1+N2aRhEdsp8o8b7I0dYjJR1TcdLKc9wOjDzn6SmPNqXLY2V+k63gym9VVDy
+cvWz8nUBUqDyU+8gRdm5ZqYBvv8W2QGTTwKx2NP19bzwL/JzfCRRABV4z9v5vuD
J7G2nWkPXDKQPOVsbG17snEHKgN4nj3/LeSsoJ65Y+WfBLOFE1g3SiaWOYnZiOmF
sttwtSs00yfUgSMb/8vF7oO6OsOgCQ3pZhUZN2nt3Fc+zmRwdHc6fYzr8eSlPdAn
kBjZGLov/bZZVxM8DeGRWLbNHGnmn+Z72E3lbbX5rjidm7N1CG1C6y1efL/LQQ8N
8xp8eFzx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org