Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Omxg7XLjsW9e2WYh_Y7I-NUVFBk.roa
File:                     Omxg7XLjsW9e2WYh_Y7I-NUVFBk.roa (raw, json)
Hash identifier:          ypFNIPde22I+rB1lb4doEz5liSBxD1hMIIThSgRfyEY=
Subject key identifier:   3A:6C:60:ED:72:E3:B1:6F:5E:D9:66:21:FD:8E:C8:F8:D5:15:14:19
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0905DAA6
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Omxg7XLjsW9e2WYh_Y7I-NUVFBk.roa
Signing time:             Wed 11 May 2022 18:41:02 +0000
ROA not before:           Wed 11 May 2022 18:41:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        185.230.13.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151378598 (0x905daa6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 11 18:41:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a6c60ed72e3b16f5ed96621fd8ec8f8d5151419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:01:a2:01:4a:55:9b:d7:f5:58:9f:9a:68:40:
                    37:7c:b9:7b:2d:f8:d0:1a:6f:3a:a5:9d:26:b7:29:
                    8a:73:25:ed:c2:0b:9a:e1:fd:b1:7c:14:93:ea:7c:
                    9a:00:67:ea:34:31:17:df:33:db:08:19:3f:27:a1:
                    a7:eb:a4:1f:e7:1a:db:b3:3f:51:61:48:38:d8:2f:
                    e6:04:18:d3:1d:18:f8:e3:f8:36:e6:2f:74:29:e3:
                    99:fd:11:76:1a:50:7b:86:a3:40:26:12:d2:31:d2:
                    7f:6b:60:52:3e:a2:1c:72:fd:a8:65:fd:cb:67:9d:
                    2b:cd:49:a9:1a:40:42:cb:54:fc:a1:e1:07:b0:98:
                    7d:4d:a3:c5:de:8a:14:1b:95:c5:35:16:84:76:01:
                    5f:1a:26:bb:63:29:2c:10:4c:91:26:fa:e5:c0:83:
                    48:77:84:c8:7e:0e:65:eb:19:81:0d:5a:ef:ce:24:
                    56:79:d5:d4:4f:b9:da:bb:74:e4:e4:07:a8:6e:99:
                    83:3d:b9:f3:75:98:8a:5c:e3:99:39:c1:1d:76:85:
                    28:82:3b:95:ce:39:3d:c6:6c:25:d1:b4:2f:ab:1f:
                    14:bf:2d:63:7a:37:f4:e4:40:53:ac:8d:f2:ca:68:
                    24:26:c1:4c:5b:71:e0:d1:9c:d6:6a:43:0a:cf:ac:
                    fd:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6C:60:ED:72:E3:B1:6F:5E:D9:66:21:FD:8E:C8:F8:D5:15:14:19
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/Omxg7XLjsW9e2WYh_Y7I-NUVFBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:60:8f:c1:14:2b:68:f1:dc:93:37:17:30:34:db:b1:20:1b:
         5f:c0:61:8c:ff:d6:54:90:7b:81:c8:5c:68:2b:2b:83:77:c2:
         12:3c:19:e5:2c:43:2a:1a:4e:21:e9:ce:0c:b8:67:f8:c7:e3:
         f4:f7:d1:64:d8:02:6e:cb:2c:7a:3f:4f:de:fb:25:a5:21:ba:
         a6:9e:10:d6:7e:01:31:ee:73:f2:ac:01:2b:6f:98:d5:58:52:
         ef:2a:54:97:06:ac:f7:3c:7c:91:69:a8:93:2e:d0:cb:9a:8e:
         f6:37:d0:84:dd:14:35:1a:0f:bd:83:30:25:ed:54:a0:de:06:
         11:ce:2f:1b:20:45:c8:ce:bd:82:2c:ed:e3:48:12:04:71:fc:
         37:a1:4a:6c:1a:e2:07:8d:a7:2e:22:65:b7:2c:18:ec:8f:48:
         2a:7f:7a:b8:79:7a:37:e1:de:05:2d:86:04:5c:ec:4e:71:99:
         7d:6f:7b:eb:c7:f8:59:f1:cc:cb:f4:df:ef:bb:b6:43:84:5c:
         8b:64:64:04:4d:1f:3d:fd:62:b6:dc:87:88:34:c2:b3:53:2f:
         d0:2b:de:46:17:f8:6c:79:2b:23:91:25:9d:66:43:7a:5e:15:
         73:7e:7b:0f:12:8d:5e:7b:a5:00:01:7b:22:47:5f:8d:e7:55:
         3d:e2:3e:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQXapjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
MTE4NDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E2YzYwZWQ3MmUz
YjE2ZjVlZDk2NjIxZmQ4ZWM4ZjhkNTE1MTQxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoBogFKVZvX9VifmmhAN3y5ey340BpvOqWdJrcpinMl7cIL
muH9sXwUk+p8mgBn6jQxF98z2wgZPyehp+ukH+ca27M/UWFIONgv5gQY0x0Y+OP4
NuYvdCnjmf0RdhpQe4ajQCYS0jHSf2tgUj6iHHL9qGX9y2edK81JqRpAQstU/KHh
B7CYfU2jxd6KFBuVxTUWhHYBXxomu2MpLBBMkSb65cCDSHeEyH4OZesZgQ1a784k
VnnV1E+52rt05OQHqG6Zgz2583WYilzjmTnBHXaFKII7lc45PcZsJdG0L6sfFL8t
Y3o39ORAU6yN8spoJCbBTFtx4NGc1mpDCs+s/RcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6bGDtcuOxb17ZZiH9jsj41RUUGTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L09teGc3WExqc1c5ZTJXWWhfWTdJLU5VVkZCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnmDTANBgkqhkiG9w0BAQsFAAOC
AQEAEmCPwRQraPHckzcXMDTbsSAbX8BhjP/WVJB7gchcaCsrg3fCEjwZ5SxDKhpO
IenODLhn+Mfj9PfRZNgCbsssej9P3vslpSG6pp4Q1n4BMe5z8qwBK2+Y1VhS7ypU
lwas9zx8kWmoky7Qy5qO9jfQhN0UNRoPvYMwJe1UoN4GEc4vGyBFyM69gizt40gS
BHH8N6FKbBriB42nLiJltywY7I9IKn96uHl6N+HeBS2GBFzsTnGZfW9768f4WfHM
y/Tf77u2Q4Rci2RkBE0fPf1ittyHiDTCs1Mv0CveRhf4bHkrI5ElnWZDel4Vc357
DxKNXnulAAF7IkdfjedVPeI++w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org