Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/wZmvZjlPlTEFsM68Zo8MsmUM9nA.roa
File:                     wZmvZjlPlTEFsM68Zo8MsmUM9nA.roa (raw, json)
Hash identifier:          wXZ+JLRcHo7jVXyRsC0ebVJtfFue443zZIZGA1iRsiw=
Subject key identifier:   C1:99:AF:66:39:4F:95:31:05:B0:CE:BC:66:8F:0C:B2:65:0C:F6:70
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       C8B6
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/wZmvZjlPlTEFsM68Zo8MsmUM9nA.roa
Signing time:             Wed 07 Dec 2022 17:45:13 +0000
ROA not before:           Wed 07 Dec 2022 17:45:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        2a0e:b240::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51382 (0xc8b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec  7 17:45:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=C199AF66394F953105B0CEBC668F0CB2650CF670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4b:8b:da:08:28:f0:f1:49:2d:e6:31:4c:23:
                    be:1f:57:86:b1:36:0f:98:be:c7:ca:0d:b6:86:2c:
                    8a:77:64:bb:13:d2:c3:1e:78:28:2a:8b:9e:9c:76:
                    08:ee:1e:7c:a1:0e:30:92:45:ba:d6:9c:26:6d:70:
                    b2:95:9e:91:6c:fb:2c:48:0d:12:bb:b2:15:85:2e:
                    9c:92:0e:1d:db:99:46:32:38:59:4b:21:7e:8c:ec:
                    04:e0:62:03:be:a1:84:06:8e:b3:ea:8d:4b:35:2d:
                    6e:07:71:8a:4a:f5:c0:6b:5a:dd:02:88:11:62:8b:
                    fb:1a:46:02:f3:6b:2f:90:78:70:de:b4:71:63:ff:
                    79:ef:b5:ab:3d:c9:f2:42:e4:74:0c:8f:f5:22:24:
                    4a:93:7f:8c:ce:92:e3:98:4a:40:d6:68:59:40:43:
                    a8:32:ca:77:65:ba:cb:e1:d6:d3:17:c5:88:82:82:
                    f7:53:ee:fc:44:47:ac:1b:a0:64:e2:39:ce:97:4e:
                    04:e6:24:a2:c3:27:b3:e9:7a:3e:36:d8:82:b4:ba:
                    85:15:2e:ad:31:38:7c:f7:24:fc:34:a4:86:f1:5e:
                    ea:fd:6b:16:a2:35:ca:8d:11:2c:83:03:49:b0:71:
                    f9:84:c0:eb:36:1e:e7:90:3c:ea:c8:1f:ec:82:55:
                    94:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:99:AF:66:39:4F:95:31:05:B0:CE:BC:66:8F:0C:B2:65:0C:F6:70
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/wZmvZjlPlTEFsM68Zo8MsmUM9nA.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b240::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:0f:29:8c:97:2f:80:1d:f5:eb:21:cf:ab:b7:ab:44:3a:b9:
         c6:2e:e3:7e:66:3e:a8:fd:39:33:79:bb:91:5d:a1:03:2a:b8:
         70:d8:73:b3:b7:3a:f1:d8:be:27:c6:e7:12:e2:e3:5b:ee:b3:
         8b:6a:ea:56:71:05:34:98:c1:27:93:7e:b3:3b:03:06:b6:1a:
         f7:51:f5:34:c4:ba:8a:b4:24:22:d8:b5:41:67:c1:80:a4:90:
         ba:e8:a6:53:72:c0:27:07:e1:c8:69:17:5e:74:a2:6c:f3:a3:
         07:e7:45:01:cc:3d:df:47:e7:3d:69:07:50:86:ec:0a:b3:47:
         88:86:5b:62:ef:a5:dd:81:f4:d9:6b:26:94:eb:78:ee:38:04:
         1d:59:b8:94:d4:06:d9:e1:3f:29:8b:30:01:c2:fc:92:2b:82:
         b5:b6:27:71:8a:1d:69:4d:64:73:35:87:5d:b7:a8:5c:41:7c:
         fa:cd:a3:08:a6:cd:43:0a:e8:55:0f:b0:be:b1:04:c6:6f:ee:
         ca:b8:1a:f2:95:bb:4c:89:46:b4:6e:da:8e:b4:5d:c2:e2:fb:
         68:f4:76:5e:fb:f9:b1:a2:02:cd:f4:3d:5e:3a:61:17:5d:17:
         b0:e8:44:da:c3:ba:ea:42:8d:7e:8d:90:b6:d2:ba:d6:39:2b:
         58:cf:c5:85
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIDAMi2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjA3
MTc0NTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhDMTk5QUY2NjM5NEY5
NTMxMDVCMENFQkM2NjhGMENCMjY1MENGNjcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvUuL2ggo8PFJLeYxTCO+H1eGsTYPmL7Hyg22hiyKd2S7E9LD
HngoKouenHYI7h58oQ4wkkW61pwmbXCylZ6RbPssSA0Su7IVhS6ckg4d25lGMjhZ
SyF+jOwE4GIDvqGEBo6z6o1LNS1uB3GKSvXAa1rdAogRYov7GkYC82svkHhw3rRx
Y/9577WrPcnyQuR0DI/1IiRKk3+MzpLjmEpA1mhZQEOoMsp3ZbrL4dbTF8WIgoL3
U+78REesG6Bk4jnOl04E5iSiwyez6Xo+NtiCtLqFFS6tMTh89yT8NKSG8V7q/WsW
ojXKjREsgwNJsHH5hMDrNh7nkDzqyB/sglWUvwIDAQABo4IBzzCCAcswHQYDVR0O
BBYEFMGZr2Y5T5UxBbDOvGaPDLJlDPZwMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L3dabXZaamxQbFRFRnNNNjhabzhNc21VTTluQS5yb2EwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAqDrJAAAAwDQYJKoZIhvcNAQELBQADggEBAEsPKYyXL4Ad
9eshz6u3q0Q6ucYu435mPqj9OTN5u5FdoQMquHDYc7O3OvHYvifG5xLi41vus4tq
6lZxBTSYwSeTfrM7Awa2GvdR9TTEuoq0JCLYtUFnwYCkkLroplNywCcH4chpF150
omzzowfnRQHMPd9H5z1pB1CG7AqzR4iGW2Lvpd2B9NlrJpTreO44BB1ZuJTUBtnh
PymLMAHC/JIrgrW2J3GKHWlNZHM1h123qFxBfPrNowimzUMK6FUPsL6xBMZv7sq4
GvKVu0yJRrRu2o60XcLi+2j0dl77+bGiAs30PV46YRddF7DoRNrDuupCjX6NkLbS
utY5K1jPxYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org