Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/sa5Xxijx3X3vvpzmcKJZbxxgDhE.roa
File:                     sa5Xxijx3X3vvpzmcKJZbxxgDhE.roa (raw, json)
Hash identifier:          8nAs7CL109lkYCqXkZR7K4iJIPl7avWxzADbTKLl+bI=
Subject key identifier:   B1:AE:57:C6:28:F1:DD:7D:EF:BE:9C:E6:70:A2:59:6F:1C:60:0E:11
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018345CCC2ADC1B04E3C6D08DCE091E1F498
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/sa5Xxijx3X3vvpzmcKJZbxxgDhE.roa
Signing time:             Fri 16 Sep 2022 10:16:30 +0000
ROA not before:           Fri 16 Sep 2022 10:16:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201106
IP address blocks:        2a0c:9a40:808d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:45:cc:c2:ad:c1:b0:4e:3c:6d:08:dc:e0:91:e1:f4:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Sep 16 10:16:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b1ae57c628f1dd7defbe9ce670a2596f1c600e11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:2b:da:2a:17:ea:74:73:fd:24:bb:04:86:f6:
                    8f:1a:be:e8:78:fa:6f:e2:a6:b2:04:7e:b6:30:96:
                    63:e7:97:b4:23:20:ae:6c:e5:c3:dc:9f:0e:dc:e6:
                    dc:89:44:65:04:cd:17:2a:7c:8d:89:e4:76:cb:10:
                    aa:5a:1b:d5:b7:ac:c0:30:ea:be:37:03:52:f3:7c:
                    10:53:f1:25:6f:36:1c:cd:60:ad:35:55:47:79:20:
                    27:b0:60:1c:5b:f6:87:e8:53:ab:14:37:c6:d7:99:
                    32:21:1f:59:f2:01:89:c5:5d:56:f3:a5:63:20:71:
                    7a:16:7c:6e:5e:9d:d0:9b:09:46:63:46:e3:d9:bf:
                    f7:7e:a1:d6:d1:2b:5d:1d:10:81:29:b8:6a:7c:1a:
                    10:b6:dc:2f:6e:0b:ab:a1:d6:c5:f9:09:d8:98:8a:
                    8f:20:6a:f9:5c:f9:35:06:87:e9:a4:a5:60:4a:64:
                    95:5e:57:8e:e4:6f:37:b6:b5:05:69:82:db:f6:49:
                    1a:3f:8d:80:bf:79:7f:7d:ec:d5:da:10:45:c9:62:
                    98:e7:d9:c7:64:af:13:96:83:1d:2b:c2:cd:e6:1f:
                    9c:1a:5e:9b:6c:05:62:9e:1f:e8:a3:c7:b7:c5:9b:
                    b6:72:7d:e0:6b:06:7a:68:be:4f:e1:c0:25:e0:62:
                    a0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:AE:57:C6:28:F1:DD:7D:EF:BE:9C:E6:70:A2:59:6F:1C:60:0E:11
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/sa5Xxijx3X3vvpzmcKJZbxxgDhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:808d::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:53:c1:e5:66:03:81:f0:58:e5:c7:d3:df:42:1f:3c:9b:ce:
         b4:ef:57:f4:9b:08:fb:2f:ed:53:12:61:68:99:b5:54:2b:c4:
         aa:93:25:a1:be:f7:3d:77:3c:1c:b5:5e:57:21:ae:d0:a3:2a:
         8a:32:91:90:6a:74:72:67:4d:be:5e:7d:f9:b8:01:d3:c4:2a:
         ea:3c:f4:86:36:64:f4:6c:f7:8c:67:63:2b:e0:9e:cb:32:3d:
         05:d3:be:84:77:f5:cc:6d:1f:d4:1d:9e:aa:a2:97:20:61:86:
         7d:11:3c:02:ab:be:be:f3:9a:d3:5a:d0:20:ba:32:d9:fb:56:
         ca:66:07:12:f6:6b:b0:f3:27:2e:75:13:f2:d9:6b:c4:e6:d9:
         28:3f:70:2f:8a:8f:05:5e:d8:78:ee:97:0a:9d:9f:43:ec:90:
         eb:d1:33:66:15:23:95:1b:74:29:c3:b5:47:37:af:b5:d7:64:
         e5:af:ee:5a:84:74:3a:ab:96:06:c8:13:c5:d7:89:18:2a:23:
         35:b0:91:79:4e:7b:b3:6c:fb:6f:9d:8b:70:c7:ca:0a:4b:58:
         9c:ca:04:cf:c2:3f:52:56:a6:1e:16:ee:7d:6b:fc:d7:4e:40:
         a0:ee:69:e7:02:66:b9:d4:f0:a1:7b:e2:d4:16:70:62:dd:e2:
         9b:9b:b6:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNFzMKtwbBOPG0I3OCR4fSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwOTE2MTAxNjMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFlNTdjNjI4ZjFkZDdkZWZiZTljZTY3MGEyNTk2ZjFjNjAwZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArivaKhfqdHP9JLsEhvaPGr7oePpv
4qayBH62MJZj55e0IyCubOXD3J8O3ObciURlBM0XKnyNieR2yxCqWhvVt6zAMOq+
NwNS83wQU/ElbzYczWCtNVVHeSAnsGAcW/aH6FOrFDfG15kyIR9Z8gGJxV1W86Vj
IHF6FnxuXp3QmwlGY0bj2b/3fqHW0StdHRCBKbhqfBoQttwvbgurodbF+QnYmIqP
IGr5XPk1BofppKVgSmSVXleO5G83trUFaYLb9kkaP42Av3l/fezV2hBFyWKY59nH
ZK8TloMdK8LN5h+cGl6bbAVinh/oo8e3xZu2cn3gawZ6aL5P4cAl4GKgNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLGuV8Yo8d19776c5nCiWW8cYA4RMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvc2E1WHhpangzWDN2dnB6bWNLSlpieHhnRGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICN
MA0GCSqGSIb3DQEBCwUAA4IBAQAMU8HlZgOB8Fjlx9PfQh88m86071f0mwj7L+1T
EmFombVUK8SqkyWhvvc9dzwctV5XIa7QoyqKMpGQanRyZ02+Xn35uAHTxCrqPPSG
NmT0bPeMZ2Mr4J7LMj0F076Ed/XMbR/UHZ6qopcgYYZ9ETwCq76+85rTWtAgujLZ
+1bKZgcS9muw8ycudRPy2WvE5tkoP3Avio8FXth47pcKnZ9D7JDr0TNmFSOVG3Qp
w7VHN6+112Tlr+5ahHQ6q5YGyBPF14kYKiM1sJF5TnuzbPtvnYtwx8oKS1icygTP
wj9SVqYeFu59a/zXTkCg7mnnAma51PChe+LUFnBi3eKbm7Z2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:34 2023 by rpki-client on console-fra.rpki-client.org