Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/ncJXcXUYxYzrXv2ONP0i8QvMMBY.roa
File:                     ncJXcXUYxYzrXv2ONP0i8QvMMBY.roa (raw, json)
Hash identifier:          Zh78G6yM+siHLHQGDRkqi704gYrI0AAGLtVzPmldyI0=
Subject key identifier:   9D:C2:57:71:75:18:C5:8C:EB:5E:FD:8E:34:FD:22:F1:0B:CC:30:16
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       C8A5
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/ncJXcXUYxYzrXv2ONP0i8QvMMBY.roa
Signing time:             Wed 07 Dec 2022 17:27:50 +0000
ROA not before:           Wed 07 Dec 2022 17:27:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206238
IP address blocks:        45.138.228.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51365 (0xc8a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec  7 17:27:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9DC257717518C58CEB5EFD8E34FD22F10BCC3016
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:66:5c:54:21:57:98:90:48:48:55:60:79:a7:
                    7f:5c:bc:d5:46:eb:25:1c:51:7a:74:fa:88:ce:80:
                    10:e7:58:d6:da:cf:88:d5:29:67:ca:ec:25:41:c2:
                    d6:b5:11:e0:52:c4:0b:ea:bd:ac:39:e7:aa:b2:19:
                    2f:6d:68:1f:f2:ba:7e:6c:c5:f4:2f:c2:5e:88:3a:
                    8f:9b:21:b1:ad:cc:81:55:98:c0:c3:ba:7f:12:ca:
                    b8:89:19:76:ae:cc:a9:45:d5:f3:b5:4c:73:df:0a:
                    51:8e:7c:ca:17:de:0d:64:65:c8:57:9b:c9:3c:ef:
                    fd:22:c5:c4:ac:0a:fd:3c:9e:04:ac:cb:fd:1f:aa:
                    26:3b:9c:02:ad:21:75:c4:5b:f2:ce:96:79:29:c1:
                    ca:0f:1f:69:b6:80:67:62:cb:71:8d:62:21:ec:c2:
                    a3:69:23:b5:5c:9e:0a:91:b2:9e:e9:6d:4e:74:68:
                    8b:1f:0b:38:c4:c8:1c:60:7d:28:ab:31:52:a5:8e:
                    81:08:3c:5f:68:54:97:43:66:a9:52:db:6b:87:58:
                    de:b4:1a:15:32:44:b1:08:ce:4d:2f:1f:71:3f:e7:
                    ac:61:83:54:81:6e:2f:20:0d:52:59:13:47:be:1e:
                    8f:82:f5:cf:8e:bf:e1:70:92:fb:91:38:81:a8:ba:
                    de:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:C2:57:71:75:18:C5:8C:EB:5E:FD:8E:34:FD:22:F1:0B:CC:30:16
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/ncJXcXUYxYzrXv2ONP0i8QvMMBY.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.138.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:ed:7e:fe:b0:e0:d5:25:92:e1:f4:01:f3:e4:b4:07:11:69:
         82:97:bc:7e:33:90:72:f5:44:8b:9a:f0:1f:33:65:8e:e7:a1:
         ff:b8:00:26:3d:33:6b:42:bc:78:0c:60:1e:12:ba:bb:0c:13:
         72:ca:7b:91:17:f3:80:e2:b7:78:33:ec:5a:11:73:09:a0:bc:
         1d:f1:c9:5e:a1:7d:01:67:fc:48:4f:16:d4:d3:cb:6a:01:11:
         38:2a:a5:1d:f7:e0:66:d4:fe:fd:d9:89:2d:0a:e9:3f:4b:cb:
         fc:b0:09:8d:ff:a9:e7:f6:86:95:7f:d5:0f:4a:12:15:14:4a:
         ce:dc:33:3c:c4:82:13:fc:a2:2c:03:57:a0:14:ec:6d:ea:c9:
         49:ab:76:bb:d2:16:ec:da:6e:cb:29:e0:2d:26:b6:6f:f0:ff:
         04:94:d5:c2:00:9f:2e:b8:1d:01:b2:24:c0:f8:85:fe:e4:ef:
         c4:c4:fd:78:97:da:89:b9:b3:58:f3:60:08:21:d4:26:8a:2d:
         2a:57:46:5a:33:f7:27:f4:e8:63:f6:94:d9:b1:1d:89:19:67:
         2a:88:f8:f8:5b:0e:61:83:1c:10:d7:f2:03:a7:27:b9:c5:79:
         41:1f:b8:d3:0e:1f:e5:c8:73:1f:93:62:bf:b6:5a:c1:40:44:
         62:5f:71:7a
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIDAMilMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjA3
MTcyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5REMyNTc3MTc1MThD
NThDRUI1RUZEOEUzNEZEMjJGMTBCQ0MzMDE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0GZcVCFXmJBISFVgead/XLzVRuslHFF6dPqIzoAQ51jW2s+I
1SlnyuwlQcLWtRHgUsQL6r2sOeeqshkvbWgf8rp+bMX0L8JeiDqPmyGxrcyBVZjA
w7p/Esq4iRl2rsypRdXztUxz3wpRjnzKF94NZGXIV5vJPO/9IsXErAr9PJ4ErMv9
H6omO5wCrSF1xFvyzpZ5KcHKDx9ptoBnYstxjWIh7MKjaSO1XJ4KkbKe6W1OdGiL
Hws4xMgcYH0oqzFSpY6BCDxfaFSXQ2apUttrh1jetBoVMkSxCM5NLx9xP+esYYNU
gW4vIA1SWRNHvh6PgvXPjr/hcJL7kTiBqLrePQIDAQABo4IBzDCCAcgwHQYDVR0O
BBYEFJ3CV3F1GMWM6179jjT9IvELzDAWMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L25jSlhjWFVZeFl6clh2Mk9OUDBpOFF2TU1CWS5yb2EwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItiuQwDQYJKoZIhvcNAQELBQADggEBAB3tfv6w4NUlkuH0
AfPktAcRaYKXvH4zkHL1RIua8B8zZY7nof+4ACY9M2tCvHgMYB4SursME3LKe5EX
84Dit3gz7FoRcwmgvB3xyV6hfQFn/EhPFtTTy2oBETgqpR334GbU/v3ZiS0K6T9L
y/ywCY3/qef2hpV/1Q9KEhUUSs7cMzzEghP8oiwDV6AU7G3qyUmrdrvSFuzabssp
4C0mtm/w/wSU1cIAny64HQGyJMD4hf7k78TE/XiX2om5s1jzYAgh1CaKLSpXRloz
9yf06GP2lNmxHYkZZyqI+PhbDmGDHBDX8gOnJ7nFeUEfuNMOH+XIcx+TYr+2WsFA
RGJfcXo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org