Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa
File:                     92QtGfhcusGrOtw-J63QgD7iR8o.roa (raw, json)
Hash identifier:          g7l9Gn4drx6/3I2AinIOeDqzIgX9ghegeO1/3zEyr98=
Subject key identifier:   F7:64:2D:19:F8:5C:BA:C1:AB:3A:DC:3E:27:AD:D0:80:3E:E2:47:CA
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       01170013
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa
Signing time:             Sat 01 Jan 2022 00:59:39 +0000
ROA not before:           Sat 01 Jan 2022 00:59:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206499
IP address blocks:        2a0c:b642::/36 maxlen: 48
                          2a0c:b642:a00::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18284563 (0x1170013)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  1 00:59:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f7642d19f85cbac1ab3adc3e27add0803ee247ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:41:b2:6e:4f:cd:60:e2:ea:ad:6c:6d:7c:fe:
                    6d:09:31:45:2b:a1:da:21:37:e7:62:24:03:c2:e9:
                    07:2a:e8:79:3f:b3:78:1c:14:81:37:bd:15:03:09:
                    06:ac:24:ef:f8:45:4c:0a:a0:54:42:64:e1:da:31:
                    ef:ee:9e:6a:45:fb:41:b7:9e:03:c9:cf:b5:d6:05:
                    4f:94:e3:0c:eb:ab:23:ad:cb:ec:59:44:da:45:02:
                    62:d6:1b:45:28:76:db:64:4d:48:3f:35:57:3b:77:
                    49:c3:f8:14:74:98:c9:32:64:5d:b8:56:73:f0:1e:
                    fb:b9:82:13:7c:23:49:e9:d9:93:06:65:d2:7c:22:
                    2e:46:d6:5a:e8:ed:06:6e:af:51:88:87:c3:8c:8e:
                    18:c5:b1:1a:d4:a6:60:c0:85:79:de:7f:11:c2:53:
                    11:5e:d8:bd:94:60:05:08:07:b5:d6:0a:2d:94:fa:
                    6d:a9:d4:ce:0f:9b:ff:b4:de:f0:06:7b:ac:77:e6:
                    0c:7a:99:ec:75:80:54:ac:7a:4f:7c:0f:58:7c:81:
                    fc:a4:98:81:f6:d5:92:98:e4:9b:15:d7:4d:4c:91:
                    f6:1e:17:b3:10:ab:77:98:10:75:0c:c0:cf:8e:13:
                    76:0d:0f:aa:0f:84:88:aa:18:7c:3f:8f:b1:42:2b:
                    15:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:64:2D:19:F8:5C:BA:C1:AB:3A:DC:3E:27:AD:D0:80:3E:E2:47:CA
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b642::/36

    Signature Algorithm: sha256WithRSAEncryption
         07:a6:87:4e:a6:53:1c:ee:97:05:0d:91:b3:02:22:4d:b3:dc:
         79:6f:e8:70:b6:34:0a:1f:58:28:de:ed:ed:34:53:c5:68:52:
         7b:fc:c7:94:1e:85:cd:d6:d9:23:f5:46:eb:37:ed:0f:0f:e9:
         75:92:5a:5d:55:7e:33:ca:14:40:44:28:96:36:15:af:97:ce:
         54:5c:06:dd:7d:67:c8:0a:04:a7:9e:54:e6:f6:4c:09:8d:01:
         92:60:64:08:27:60:8c:3b:7c:a9:33:5f:15:5e:10:08:fa:76:
         64:f1:c4:8f:15:83:c8:c0:4f:5f:6c:4e:0c:e7:bd:62:04:7c:
         a8:65:61:74:e0:0c:dd:c1:c3:76:bf:ee:05:82:32:ae:b2:f3:
         ea:29:95:74:f9:13:4d:36:9c:f1:bb:d3:d9:00:cb:ee:b2:e1:
         49:c8:92:ce:66:f6:50:db:63:5b:ff:ac:fd:83:99:64:a4:79:
         2d:d8:d7:ea:92:e6:4f:51:b5:e1:5c:84:bb:50:65:37:7b:ef:
         2b:a3:09:06:e8:19:3c:f8:45:42:b6:ec:18:d7:cb:6a:34:79:
         a5:4e:77:9c:87:2b:31:ab:4f:66:9c:53:a5:44:13:43:c5:3a:
         77:2a:1d:fa:3f:2f:34:b8:fc:f6:e3:92:5c:3b:2e:6a:af:fb:
         3e:5e:e9:2c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEARcAEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc2NDJkMTlmODVj
YmFjMWFiM2FkYzNlMjdhZGQwODAzZWUyNDdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxBsm5PzWDi6q1sbXz+bQkxRSuh2iE352IkA8LpByroeT+z
eBwUgTe9FQMJBqwk7/hFTAqgVEJk4dox7+6eakX7QbeeA8nPtdYFT5TjDOurI63L
7FlE2kUCYtYbRSh222RNSD81Vzt3ScP4FHSYyTJkXbhWc/Ae+7mCE3wjSenZkwZl
0nwiLkbWWujtBm6vUYiHw4yOGMWxGtSmYMCFed5/EcJTEV7YvZRgBQgHtdYKLZT6
banUzg+b/7Te8AZ7rHfmDHqZ7HWAVKx6T3wPWHyB/KSYgfbVkpjkmxXXTUyR9h4X
sxCrd5gQdQzAz44Tdg0Pqg+EiKoYfD+PsUIrFWUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT3ZC0Z+Fy6was63D4nrdCAPuJHyjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzkyUXRHZmhjdXNHck90dy1KNjNRZ0Q3aVI4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoMtkIAMA0GCSqGSIb3DQEBCwUA
A4IBAQAHpodOplMc7pcFDZGzAiJNs9x5b+hwtjQKH1go3u3tNFPFaFJ7/MeUHoXN
1tkj9UbrN+0PD+l1klpdVX4zyhRARCiWNhWvl85UXAbdfWfICgSnnlTm9kwJjQGS
YGQIJ2CMO3ypM18VXhAI+nZk8cSPFYPIwE9fbE4M571iBHyoZWF04AzdwcN2v+4F
gjKusvPqKZV0+RNNNpzxu9PZAMvusuFJyJLOZvZQ22Nb/6z9g5lkpHkt2NfqkuZP
UbXhXIS7UGU3e+8rowkG6Bk8+EVCtuwY18tqNHmlTnechysxq09mnFOlRBNDxTp3
Kh36Py80uPz245JcOy5qr/s+Xuks
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org