Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/JM9oHV3aYpDhfxsnr_kd3g-5Qf8.roa
File:                     JM9oHV3aYpDhfxsnr_kd3g-5Qf8.roa (raw, json)
Hash identifier:          lIKc/usTQd6brzDtVIDwc4PG6RZMtD4c+JTIE9Xkiu4=
Subject key identifier:   24:CF:68:1D:5D:DA:62:90:E1:7F:1B:27:AF:F9:1D:DE:0F:B9:41:FF
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       C8A8
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/JM9oHV3aYpDhfxsnr_kd3g-5Qf8.roa
Signing time:             Wed 07 Dec 2022 17:27:51 +0000
ROA not before:           Wed 07 Dec 2022 17:27:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15562
IP address blocks:        2001:67c:208c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51368 (0xc8a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec  7 17:27:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24CF681D5DDA6290E17F1B27AFF91DDE0FB941FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:db:b3:d5:77:e6:ae:dd:c8:4b:56:42:60:72:
                    53:c5:a0:12:72:64:cf:8e:af:8e:10:86:9e:3c:42:
                    60:67:82:b5:a6:91:92:3a:d9:f7:3c:45:48:fb:b3:
                    78:3d:ba:2c:32:90:b9:fd:41:8f:18:1f:96:9f:f8:
                    73:7e:61:58:aa:e8:1e:e6:e8:02:e9:8c:da:de:98:
                    91:c3:68:c6:c3:e3:2c:2a:49:aa:c7:32:e5:91:ce:
                    f0:bb:9a:ad:5e:c1:57:e9:9b:a0:a0:e6:1b:6b:a8:
                    a5:59:a4:d3:0e:d2:48:84:2c:b3:e6:85:00:8f:fb:
                    13:08:ab:28:02:5b:cc:0d:69:87:a3:b8:f7:d9:95:
                    ee:63:a7:1f:ae:97:30:cf:7a:91:c5:48:cb:6e:4e:
                    9a:c1:ad:1b:cf:b9:1b:73:b1:2d:bc:f8:6c:0a:65:
                    1d:f3:36:36:09:72:17:e3:da:06:e2:72:8b:50:09:
                    39:c1:ac:f7:5a:c3:e9:eb:0a:90:d7:5f:1f:64:77:
                    c4:ff:1c:80:a9:0d:10:07:20:5c:26:0b:03:41:49:
                    34:7c:c5:39:b8:84:d7:a6:b0:33:b2:34:38:e4:fb:
                    10:98:ec:19:48:dc:27:b0:a1:ff:87:a6:dd:18:07:
                    b9:20:a1:64:11:41:a7:80:11:16:47:4d:f3:78:e0:
                    44:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:CF:68:1D:5D:DA:62:90:E1:7F:1B:27:AF:F9:1D:DE:0F:B9:41:FF
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/JM9oHV3aYpDhfxsnr_kd3g-5Qf8.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:208c::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:cc:8e:f7:b8:56:ec:8d:aa:ec:0d:b1:f5:7f:f9:f2:84:39:
         37:35:95:40:68:87:aa:96:be:f0:43:2d:a1:4c:0d:28:6c:0e:
         6b:8e:e3:b3:cb:57:35:6b:79:20:cc:00:a0:8f:67:88:aa:a6:
         a9:45:5c:e8:ed:a4:37:c1:c8:3c:d9:e3:de:45:fc:e3:32:8c:
         79:51:b4:09:85:33:b9:73:4d:92:51:23:79:ac:c5:6a:f4:6a:
         e5:ba:ae:6c:bf:03:9f:6a:74:35:d1:a4:66:91:23:2e:bb:78:
         d6:9c:89:d7:6b:6e:38:cb:87:b1:cf:82:16:71:2c:d4:94:ab:
         3d:ba:23:a8:f8:2d:ce:b7:fc:e0:54:69:b3:64:b0:2b:2e:c9:
         47:15:e7:d8:3a:bb:5e:b7:84:cd:ec:32:6f:55:99:f9:10:9b:
         77:cc:b6:51:15:7b:dc:aa:90:f4:2f:28:03:41:4d:26:0e:64:
         5f:c6:6e:2f:94:85:f6:4c:40:0e:ef:f3:37:e3:ae:1b:8c:a9:
         16:e6:62:5a:6c:94:1f:24:bd:0d:49:2e:63:c3:7e:cd:41:e3:
         d1:b4:50:7f:46:9c:06:b8:20:4b:69:33:13:52:74:f0:3d:0d:
         e7:85:98:0d:bd:e8:82:dc:68:c5:13:9f:e4:21:f1:3c:8e:45:
         15:8e:1e:bf
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIDAMioMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjA3
MTcyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyNENGNjgxRDVEREE2
MjkwRTE3RjFCMjdBRkY5MURERTBGQjk0MUZGMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs9uz1Xfmrt3IS1ZCYHJTxaAScmTPjq+OEIaePEJgZ4K1ppGS
Otn3PEVI+7N4PbosMpC5/UGPGB+Wn/hzfmFYquge5ugC6Yza3piRw2jGw+MsKkmq
xzLlkc7wu5qtXsFX6ZugoOYba6ilWaTTDtJIhCyz5oUAj/sTCKsoAlvMDWmHo7j3
2ZXuY6cfrpcwz3qRxUjLbk6awa0bz7kbc7EtvPhsCmUd8zY2CXIX49oG4nKLUAk5
waz3WsPp6wqQ118fZHfE/xyAqQ0QByBcJgsDQUk0fMU5uITXprAzsjQ45PsQmOwZ
SNwnsKH/h6bdGAe5IKFkEUGngBEWR03zeOBEQQIDAQABo4IBzzCCAcswHQYDVR0O
BBYEFCTPaB1d2mKQ4X8bJ6/5Hd4PuUH/MB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L0pNOW9IVjNhWXBEaGZ4c25yX2tkM2ctNVFmOC5yb2EwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQZ8IIwwDQYJKoZIhvcNAQELBQADggEBAGrMjve4VuyN
quwNsfV/+fKEOTc1lUBoh6qWvvBDLaFMDShsDmuO47PLVzVreSDMAKCPZ4iqpqlF
XOjtpDfByDzZ495F/OMyjHlRtAmFM7lzTZJRI3msxWr0auW6rmy/A59qdDXRpGaR
Iy67eNaciddrbjjLh7HPghZxLNSUqz26I6j4Lc63/OBUabNksCsuyUcV59g6u163
hM3sMm9VmfkQm3fMtlEVe9yqkPQvKANBTSYOZF/Gbi+UhfZMQA7v8zfjrhuMqRbm
YlpslB8kvQ1JLmPDfs1B49G0UH9GnAa4IEtpMxNSdPA9DeeFmA296ILcaMUTn+Qh
8TyORRWOHr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org