Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lVI6oIc8MTq-qw-DVUy7OpmTKgI.roa
File:                     lVI6oIc8MTq-qw-DVUy7OpmTKgI.roa (raw, json)
Hash identifier:          EZDih5HEv9wbNMgbVMWQvK8mgJLwmwbdU8TuteYRg0I=
Subject key identifier:   95:52:3A:A0:87:3C:31:3A:BE:AB:0F:83:55:4C:BB:3A:99:93:2A:02
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018562F68A703F7B74B49D24C75B6955C6D2
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lVI6oIc8MTq-qw-DVUy7OpmTKgI.roa
Signing time:             Fri 30 Dec 2022 12:16:42 +0000
ROA not before:           Fri 30 Dec 2022 12:16:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205911
IP address blocks:        2a13:4800::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:62:f6:8a:70:3f:7b:74:b4:9d:24:c7:5b:69:55:c6:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Dec 30 12:16:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95523aa0873c313abeab0f83554cbb3a99932a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:17:b5:7d:56:a5:18:19:d5:ee:f2:b6:f5:49:
                    d8:61:3a:7e:9e:06:96:a7:93:c5:3b:bd:92:12:2f:
                    d5:18:9c:a0:61:9d:ed:d0:ce:05:8c:63:5e:f0:7b:
                    7a:a4:86:8c:e2:d2:b8:42:c6:0c:6d:0c:f1:36:c8:
                    42:e0:bc:ef:cb:c2:33:85:4a:8a:e9:6a:4e:e1:c9:
                    51:3c:55:85:e1:36:27:98:54:87:ac:11:fa:32:de:
                    d4:59:c1:1b:61:03:b3:b7:95:57:c4:49:5c:bb:e2:
                    05:05:01:f6:af:90:02:58:f6:74:eb:28:a6:f1:64:
                    2f:cd:fb:41:9d:73:eb:1d:3e:56:5a:a9:63:aa:d8:
                    34:5b:45:6f:e8:a3:d9:ee:64:ac:bb:10:06:24:50:
                    06:dd:c4:c8:17:79:ee:45:d7:c8:c6:50:fd:49:07:
                    c9:cb:6b:5b:05:20:8e:62:cd:47:3b:18:14:e9:dd:
                    64:77:06:0b:67:3a:4b:64:93:b8:f4:23:e3:f0:e5:
                    b5:0e:fa:55:5d:1b:bb:37:f1:94:d3:1f:a6:32:c5:
                    eb:a4:d5:a2:99:81:f2:25:1e:08:0b:6c:ac:40:b6:
                    f9:7b:25:c1:72:1d:8a:e2:ff:53:54:54:5a:6a:19:
                    4b:d0:cc:49:d6:8e:00:8a:44:0c:36:69:98:d4:5a:
                    11:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:52:3A:A0:87:3C:31:3A:BE:AB:0F:83:55:4C:BB:3A:99:93:2A:02
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lVI6oIc8MTq-qw-DVUy7OpmTKgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:4800::/29

    Signature Algorithm: sha256WithRSAEncryption
         1c:58:38:5d:fe:49:6c:a4:94:42:4f:1e:16:d5:31:38:a5:13:
         5c:c7:89:89:93:55:e2:b8:3d:3a:59:c8:50:be:b2:c1:15:38:
         0e:93:63:cb:7b:2d:b4:9b:de:d1:41:d4:a7:60:76:0e:c2:aa:
         61:b0:17:26:7f:1b:9f:f5:94:a1:8c:b7:fa:b7:ab:70:ba:36:
         19:cc:9a:30:ba:4a:a1:45:cf:45:c0:6b:90:b4:32:8c:95:4a:
         9a:4a:e9:04:ba:2f:b6:36:94:17:25:8f:50:af:d0:0c:43:09:
         40:6d:12:03:6f:1c:71:3c:95:3c:18:f6:c2:f6:4c:9c:2c:64:
         ad:a6:3a:ec:5d:63:48:90:04:c1:bd:96:06:52:61:42:b2:ff:
         a8:bc:8e:1f:cf:14:57:3a:a8:1e:22:db:e3:56:f5:86:8a:7b:
         2c:f0:cd:8f:36:ce:02:04:52:65:04:27:36:bb:47:57:e8:69:
         bd:89:30:56:1e:49:3a:e6:d6:37:d2:d4:df:2b:4a:fd:b3:b8:
         a6:0f:e0:e5:88:07:eb:47:f4:93:c5:4b:c6:ad:60:ed:be:03:
         8f:54:d2:4c:ff:72:d8:59:76:bb:f7:e1:a4:54:f1:65:5c:09:
         16:0b:12:84:6b:70:1d:fc:d9:4c:28:f5:af:62:c5:f5:16:9e:
         6b:c6:f8:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVi9opwP3t0tJ0kx1tpVcbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjMwMTIxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTUyM2FhMDg3M2MzMTNhYmVhYjBmODM1NTRjYmIzYTk5OTMyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxe1fValGBnV7vK29UnYYTp+ngaW
p5PFO72SEi/VGJygYZ3t0M4FjGNe8Ht6pIaM4tK4QsYMbQzxNshC4Lzvy8IzhUqK
6WpO4clRPFWF4TYnmFSHrBH6Mt7UWcEbYQOzt5VXxElcu+IFBQH2r5ACWPZ06yim
8WQvzftBnXPrHT5WWqljqtg0W0Vv6KPZ7mSsuxAGJFAG3cTIF3nuRdfIxlD9SQfJ
y2tbBSCOYs1HOxgU6d1kdwYLZzpLZJO49CPj8OW1DvpVXRu7N/GU0x+mMsXrpNWi
mYHyJR4IC2ysQLb5eyXBch2K4v9TVFRaahlL0MxJ1o4AikQMNmmY1FoRWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJVSOqCHPDE6vqsPg1VMuzqZkyoCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbFZJNm9JYzhNVHEtcXctRFZVeTdPcG1US2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNIADAN
BgkqhkiG9w0BAQsFAAOCAQEAHFg4Xf5JbKSUQk8eFtUxOKUTXMeJiZNV4rg9OlnI
UL6ywRU4DpNjy3sttJve0UHUp2B2DsKqYbAXJn8bn/WUoYy3+rercLo2GcyaMLpK
oUXPRcBrkLQyjJVKmkrpBLovtjaUFyWPUK/QDEMJQG0SA28ccTyVPBj2wvZMnCxk
raY67F1jSJAEwb2WBlJhQrL/qLyOH88UVzqoHiLb41b1hop7LPDNjzbOAgRSZQQn
NrtHV+hpvYkwVh5JOubWN9LU3ytK/bO4pg/g5YgH60f0k8VLxq1g7b4Dj1TSTP9y
2Fl2u/fhpFTxZVwJFgsShGtwHfzZTCj1r2LF9Raea8b4yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org