Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/2Ie_Y_JKq_KZhfkZUjITaU-orlg.roa
File:                     2Ie_Y_JKq_KZhfkZUjITaU-orlg.roa (raw, json)
Hash identifier:          0ZPbrmID+f5/BAkMD4Rxh0jF8BwPSunhmhXTZPy+lCM=
Subject key identifier:   D8:87:BF:63:F2:4A:AB:F2:99:85:F9:19:52:32:13:69:4F:A8:AE:58
Certificate issuer:       /CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Certificate serial:       644034
Authority key identifier: 11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/2Ie_Y_JKq_KZhfkZUjITaU-orlg.roa
Signing time:             Wed 08 Jun 2022 13:49:17 +0000
ROA not before:           Wed 08 Jun 2022 13:49:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        193.32.92.0/24 maxlen: 24
                          2a13:1000::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6570036 (0x644034)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
        Validity
            Not Before: Jun  8 13:49:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d887bf63f24aabf29985f919523213694fa8ae58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ea:6a:11:67:c2:75:eb:df:fe:f9:b7:07:8e:
                    0e:c5:2a:7a:03:b6:44:10:06:0f:52:ac:b8:a7:47:
                    e6:16:14:1d:97:9f:9b:0a:1a:c7:72:2d:b3:06:d9:
                    02:84:33:da:8e:03:01:ec:f4:e5:eb:35:3f:98:0c:
                    9c:28:94:65:f5:5f:cf:f6:b8:58:2b:4e:a5:be:1e:
                    1c:d6:4f:51:67:f1:cc:3d:eb:fa:4a:1d:03:9a:a6:
                    66:5a:7c:fd:22:40:26:69:cb:7b:d3:34:5d:9d:7e:
                    bb:d8:34:e2:60:b9:01:76:76:83:f6:e4:bb:87:a1:
                    68:be:55:d1:50:43:03:bd:18:50:9f:b2:37:49:a4:
                    e0:9b:4a:02:11:44:85:75:59:a7:bc:bd:71:bf:d2:
                    0f:34:e5:0f:47:63:7e:48:8c:b3:f6:2d:87:d3:0e:
                    1e:8b:28:c1:af:04:26:23:21:37:35:9f:b0:46:f2:
                    76:ad:58:8a:a2:14:af:bb:6b:33:3b:5c:7b:42:92:
                    a6:c0:76:bd:99:93:e7:91:a8:6a:69:a8:02:0d:1b:
                    e8:78:45:88:4c:3e:a9:d0:a0:ca:58:ee:3d:24:76:
                    1b:5e:9a:2f:8f:be:d9:1e:91:a4:49:70:56:fe:8b:
                    d9:c7:2f:02:f1:4c:7c:c1:e6:b4:81:88:b5:0b:4d:
                    d6:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:87:BF:63:F2:4A:AB:F2:99:85:F9:19:52:32:13:69:4F:A8:AE:58
            X509v3 Authority Key Identifier:
                keyid:11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/2Ie_Y_JKq_KZhfkZUjITaU-orlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.92.0/24
                IPv6:
                  2a13:1000::/29

    Signature Algorithm: sha256WithRSAEncryption
         b7:15:fa:f2:a6:1e:ca:2e:8b:9b:d4:84:ce:b7:63:1f:d6:79:
         e8:0c:1d:9b:b2:90:bd:9e:0a:d9:91:e6:a2:7c:81:b3:36:a5:
         1e:4e:e1:23:c3:0d:30:83:5f:a7:92:d0:d8:26:ea:f5:e2:fb:
         eb:da:74:8c:a1:0c:80:c6:80:87:8a:99:cf:51:5d:84:43:d2:
         88:b8:f8:bb:85:bb:f3:ba:b1:7f:ad:48:bf:86:6a:c5:9c:f3:
         74:5e:81:78:d4:bb:57:0d:aa:f4:da:29:06:09:e2:08:49:da:
         dc:b7:d3:f5:ae:6b:56:39:86:47:66:32:96:be:33:e2:37:94:
         57:ec:1e:76:12:a5:f2:aa:c3:ff:d2:b5:2b:2e:4b:01:67:da:
         f7:f0:40:53:b6:7e:59:25:48:db:cc:9b:a7:64:77:26:ad:61:
         f9:16:2a:6d:c6:43:9e:15:86:24:c8:01:4f:ae:be:7f:0c:f6:
         03:42:51:45:28:d5:26:d5:1d:76:68:d1:59:be:12:be:92:5f:
         b1:e6:6e:fa:49:08:6b:24:80:bd:8a:0c:aa:35:c0:c5:7b:39:
         2a:48:95:00:15:12:31:fa:73:ec:ac:4f:c5:72:e1:94:2b:dd:
         94:90:06:e6:7e:ba:40:85:aa:fb:0d:d7:e5:10:8d:39:f3:c8:
         7f:0d:75:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDZEA0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEx
ZTJhNzhkZGM3ZjEzOWYwYzIyYTJhNjM2NjJiNDgxMmFlNTEzMmUwHhcNMjIwNjA4
MTM0OTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkODg3YmY2M2YyNGFh
YmYyOTk4NWY5MTk1MjMyMTM2OTRmYThhZTU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjupqEWfCdevf/vm3B44OxSp6A7ZEEAYPUqy4p0fmFhQdl5+b
ChrHci2zBtkChDPajgMB7PTl6zU/mAycKJRl9V/P9rhYK06lvh4c1k9RZ/HMPev6
Sh0DmqZmWnz9IkAmact70zRdnX672DTiYLkBdnaD9uS7h6FovlXRUEMDvRhQn7I3
SaTgm0oCEUSFdVmnvL1xv9IPNOUPR2N+SIyz9i2H0w4eiyjBrwQmIyE3NZ+wRvJ2
rViKohSvu2szO1x7QpKmwHa9mZPnkahqaagCDRvoeEWITD6p0KDKWO49JHYbXpov
j77ZHpGkSXBW/ovZxy8C8Ux8wea0gYi1C03WgQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFNiHv2PySqvymYX5GVIyE2lPqK5YMB8GA1UdIwQYMBaAFBHip43cfxOfDCKi
pjZitIEq5RMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQtZGU1ZjdiZjU5ODM5LzEv
MkllX1lfSktxX0taaGZrWlVqSVRhVS1vcmxnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9j
ZDE1YzctNDc2YS00YzU3LWJhZjQtZGU1ZjdiZjU5ODM5LzEvRWVLbmpkeF9FNThN
SXFLbU5tSzBnU3JsRXk0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSBcMA0EAgACMAcDBQMqExAAMA0G
CSqGSIb3DQEBCwUAA4IBAQC3Ffryph7KLoub1ITOt2Mf1nnoDB2bspC9ngrZkeai
fIGzNqUeTuEjww0wg1+nktDYJur14vvr2nSMoQyAxoCHipnPUV2EQ9KIuPi7hbvz
urF/rUi/hmrFnPN0XoF41LtXDar02ikGCeIISdrct9P1rmtWOYZHZjKWvjPiN5RX
7B52EqXyqsP/0rUrLksBZ9r38EBTtn5ZJUjbzJunZHcmrWH5FiptxkOeFYYkyAFP
rr5/DPYDQlFFKNUm1R12aNFZvhK+kl+x5m76SQhrJIC9igyqNcDFezkqSJUAFRIx
+nPsrE/FcuGUK92UkAbmfrpAhar7DdflEI0588h/DXUB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:53 2023 by rpki-client on console-fra.rpki-client.org