Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/SYge6O3OJFMiFYniIPfQCkNiqvc.roa
File:                     SYge6O3OJFMiFYniIPfQCkNiqvc.roa (raw, json)
Hash identifier:          OquDir5b+JLccksXSKZggd8Cqjf5/qySvrIaxoA33/Q=
Subject key identifier:   49:88:1E:E8:ED:CE:24:53:22:15:89:E2:20:F7:D0:0A:43:62:AA:F7
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       CC0E
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/SYge6O3OJFMiFYniIPfQCkNiqvc.roa
Signing time:             Fri 16 Dec 2022 12:39:02 +0000
ROA not before:           Fri 16 Dec 2022 12:39:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        2a0e:b240::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52238 (0xcc0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec 16 12:39:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=49881EE8EDCE2453221589E220F7D00A4362AAF7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:81:86:f2:e8:3b:8d:3f:86:f3:8c:07:db:7b:
                    26:6c:03:a8:dd:03:3f:66:96:17:90:c9:2b:22:49:
                    b3:35:37:25:16:7c:8a:e1:43:cc:6a:9b:f3:29:03:
                    5e:b7:f6:69:12:79:15:6d:6c:7d:07:bc:44:da:34:
                    35:d0:8d:bb:3e:28:35:a0:5a:7c:1c:86:bc:ee:de:
                    1e:be:4c:d3:d0:e3:86:51:c9:52:51:38:b1:e0:50:
                    e9:bb:12:f6:3d:e1:2e:84:ce:e5:74:58:16:05:0f:
                    ea:26:68:6a:33:e8:6a:24:61:bf:1b:35:cd:1e:b7:
                    ab:53:6e:ef:14:ed:92:fc:17:d4:f6:26:98:1d:76:
                    c6:44:39:54:3c:5b:8c:d1:dd:61:a9:4b:a5:bc:03:
                    7d:b8:01:1d:ed:8d:9b:ed:38:6c:6a:ed:0a:64:41:
                    c5:05:1f:c1:c7:79:7d:99:b9:ae:7f:67:aa:dd:08:
                    81:8b:62:b3:8f:9b:8c:8f:ec:28:59:14:17:e5:a6:
                    4b:ac:cd:b5:9f:c8:3c:97:97:d6:e7:0f:73:d0:57:
                    62:e1:2e:59:c7:cb:12:a1:a7:d7:0b:dd:bf:79:50:
                    e6:39:f6:3f:d1:5c:2e:10:ac:4f:cd:43:9b:7a:d1:
                    41:da:44:dd:01:c8:97:f9:5f:f0:a9:7b:51:ea:ca:
                    b4:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:88:1E:E8:ED:CE:24:53:22:15:89:E2:20:F7:D0:0A:43:62:AA:F7
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/SYge6O3OJFMiFYniIPfQCkNiqvc.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b240::/29

    Signature Algorithm: sha256WithRSAEncryption
         4b:1d:83:b4:8d:99:60:69:18:88:ad:01:3d:6f:75:3d:ed:68:
         1e:11:0c:81:3d:ca:b4:ca:cc:9d:4b:7d:7f:00:c3:28:a7:ea:
         a4:8c:23:d0:82:46:b1:71:82:8f:c1:5e:ce:ff:3f:58:0c:45:
         71:16:8c:25:35:35:26:34:74:a0:eb:0a:9e:d1:3a:af:85:f8:
         e9:00:19:d3:3f:d3:d9:6d:b8:2c:54:08:4f:91:58:f8:6e:21:
         8b:cb:1c:ff:1b:b5:b2:f7:f5:4c:f8:7c:b8:f8:df:c4:70:3a:
         19:f9:3c:95:f2:9f:21:a3:ec:08:48:62:99:82:0e:d4:02:1b:
         e9:53:86:14:c9:74:3f:2a:06:d1:21:35:56:96:38:f9:7b:b3:
         71:87:d4:13:35:08:ae:36:9a:48:50:93:b4:ee:7c:0a:35:07:
         ce:1e:27:e4:d8:26:0c:c5:be:85:39:80:18:24:e9:71:01:75:
         b9:e6:7b:5c:3e:85:09:a1:82:66:1c:6d:20:9e:24:0c:23:8c:
         37:a7:4c:c3:dc:e6:e6:49:b5:c2:ba:fd:aa:3b:63:47:be:05:
         5d:4c:b9:f3:bd:28:74:15:e2:5e:78:09:ef:1e:6f:de:0d:2f:
         66:71:3a:23:68:c2:27:5b:be:fb:50:1b:71:eb:11:b4:e1:90:
         ae:4b:7a:93
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIDAMwOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjE2
MTIzOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OTg4MUVFOEVEQ0Uy
NDUzMjIxNTg5RTIyMEY3RDAwQTQzNjJBQUY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA9YGG8ug7jT+G84wH23smbAOo3QM/ZpYXkMkrIkmzNTclFnyK
4UPMapvzKQNet/ZpEnkVbWx9B7xE2jQ10I27Pig1oFp8HIa87t4evkzT0OOGUclS
UTix4FDpuxL2PeEuhM7ldFgWBQ/qJmhqM+hqJGG/GzXNHrerU27vFO2S/BfU9iaY
HXbGRDlUPFuM0d1hqUulvAN9uAEd7Y2b7Thsau0KZEHFBR/Bx3l9mbmuf2eq3QiB
i2Kzj5uMj+woWRQX5aZLrM21n8g8l5fW5w9z0Fdi4S5Zx8sSoafXC92/eVDmOfY/
0VwuEKxPzUObetFB2kTdAciX+V/wqXtR6sq0+wIDAQABo4IBzTCCAckwHQYDVR0O
BBYEFEmIHujtziRTIhWJ4iD30ApDYqr3MB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L1NZZ2U2TzNPSkZNaUZZbmlJUGZRQ2tOaXF2Yy5yb2EwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQMqDrJAMA0GCSqGSIb3DQEBCwUAA4IBAQBLHYO0jZlgaRiI
rQE9b3U97WgeEQyBPcq0ysydS31/AMMop+qkjCPQgkaxcYKPwV7O/z9YDEVxFowl
NTUmNHSg6wqe0TqvhfjpABnTP9PZbbgsVAhPkVj4biGLyxz/G7Wy9/VM+Hy4+N/E
cDoZ+TyV8p8ho+wISGKZgg7UAhvpU4YUyXQ/KgbRITVWljj5e7Nxh9QTNQiuNppI
UJO07nwKNQfOHifk2CYMxb6FOYAYJOlxAXW55ntcPoUJoYJmHG0gniQMI4w3p0zD
3ObmSbXCuv2qO2NHvgVdTLnzvSh0FeJeeAnvHm/eDS9mcTojaMInW777UBtx6xG0
4ZCuS3qT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org