Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TVgekdU2RQwsYZdVAsp9PlaBoCo.roa
File:                     TVgekdU2RQwsYZdVAsp9PlaBoCo.roa (raw, json)
Hash identifier:          B8E/7I/CKRA/rBOWulDdXsTbSrfhXh8MvLnxOIvsHOM=
Subject key identifier:   4D:58:1E:91:D5:36:45:0C:2C:61:97:55:02:CA:7D:3E:56:81:A0:2A
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01840582D8BA6FBC4CC24B9A1330AEDEA649
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TVgekdU2RQwsYZdVAsp9PlaBoCo.roa
Signing time:             Sun 23 Oct 2022 15:42:51 +0000
ROA not before:           Sun 23 Oct 2022 15:42:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        213.209.129.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:05:82:d8:ba:6f:bc:4c:c2:4b:9a:13:30:ae:de:a6:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Oct 23 15:42:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d581e91d536450c2c61975502ca7d3e5681a02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:4e:35:34:98:73:10:a6:20:b7:a7:d9:6b:0f:
                    ae:d8:58:81:76:ee:20:89:ac:47:60:0a:e2:a0:0e:
                    29:b6:d0:98:9e:99:70:ff:94:af:b6:9f:2e:12:c5:
                    89:57:a0:29:76:b3:2f:41:8d:1f:f3:7f:5c:e7:05:
                    49:d5:d8:d4:c5:50:a7:c0:33:14:ab:36:60:c5:f3:
                    5a:91:cc:27:f5:64:8b:2f:bd:33:a1:1e:49:e9:a8:
                    22:83:c6:e8:2b:49:1f:23:cc:85:ba:b5:ff:7d:1c:
                    4d:a7:8b:0d:fa:c8:14:72:71:a9:e0:63:a5:4f:3d:
                    69:e9:86:57:62:fb:72:4a:f8:3e:ea:86:23:c1:af:
                    66:56:39:53:b5:2c:58:bc:fd:78:56:b7:71:ba:f1:
                    20:a9:e6:f0:56:c6:f9:90:73:cd:54:dd:df:2a:66:
                    8e:a7:66:d5:59:63:18:f9:58:14:26:a2:8c:aa:3e:
                    2f:b5:9d:d7:df:cb:b1:73:1e:0b:41:ce:81:d1:57:
                    7e:cf:9d:2d:92:17:30:02:c3:ab:95:62:72:10:5b:
                    9b:52:6c:b0:0b:b8:9c:2e:29:b4:56:ea:4a:8f:ae:
                    60:68:1a:d8:fe:f3:88:d1:60:05:20:ec:51:07:db:
                    78:27:32:2c:c0:50:27:ce:8d:87:e4:98:cf:06:0d:
                    23:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:58:1E:91:D5:36:45:0C:2C:61:97:55:02:CA:7D:3E:56:81:A0:2A
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TVgekdU2RQwsYZdVAsp9PlaBoCo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.129.0/24
                  213.209.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:83:0d:0a:e9:c6:3c:32:18:dc:3d:c6:58:98:4e:f3:16:81:
         ec:0e:56:98:01:ac:bd:7e:39:d2:cc:9b:27:c7:12:f3:d6:a3:
         f9:bb:ad:6d:a9:76:b5:5c:07:9b:02:14:45:59:e0:36:92:f3:
         3f:7a:5b:f8:0e:c8:65:9d:9e:49:3a:2b:87:a8:f0:b1:ec:be:
         8b:fb:3d:6e:73:ba:03:79:f8:e9:69:0e:36:a2:84:fd:23:1a:
         07:8c:d0:aa:fc:22:c6:5a:bf:d9:be:6d:dd:89:ba:07:ac:de:
         45:c1:2d:87:14:b0:cc:3b:50:6a:06:cf:12:ea:49:13:9f:5a:
         09:5a:03:d8:86:32:30:13:af:5a:76:72:ab:4f:10:39:15:2e:
         4c:c5:b3:6f:c0:ca:f7:f6:0d:d5:01:8c:de:7c:72:fa:87:25:
         b6:87:6f:25:94:93:fa:9e:d6:ac:2e:3b:46:bf:bc:df:19:8d:
         9d:6d:ae:ca:5a:aa:eb:85:cf:93:45:43:cb:ad:3e:30:08:c7:
         1f:d4:7a:dc:77:c8:f7:32:92:d2:b0:2d:5d:fd:a4:da:49:57:
         3b:ca:b8:35:bd:04:9a:ac:b8:c0:c0:db:97:d3:a0:7e:1b:f9:
         4c:47:fe:c9:09:f8:3d:26:94:ac:e2:aa:e5:53:ba:8a:5d:77:
         5b:04:2e:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQFgti6b7xMwkuaEzCu3qZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMDIzMTU0MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU4MWU5MWQ1MzY0NTBjMmM2MTk3NTUwMmNhN2QzZTU2ODFhMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj041NJhzEKYgt6fZaw+u2FiBdu4g
iaxHYArioA4pttCYnplw/5Svtp8uEsWJV6ApdrMvQY0f839c5wVJ1djUxVCnwDMU
qzZgxfNakcwn9WSLL70zoR5J6agig8boK0kfI8yFurX/fRxNp4sN+sgUcnGp4GOl
Tz1p6YZXYvtySvg+6oYjwa9mVjlTtSxYvP14VrdxuvEgqebwVsb5kHPNVN3fKmaO
p2bVWWMY+VgUJqKMqj4vtZ3X38uxcx4LQc6B0Vd+z50tkhcwAsOrlWJyEFubUmyw
C7icLim0VupKj65gaBrY/vOI0WAFIOxRB9t4JzIswFAnzo2H5JjPBg0jJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1YHpHVNkUMLGGXVQLKfT5WgaAqMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvVFZnZWtkVTJSUXdzWVpkVkFzcDlQbGFCb0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dGBAwQA
1dGXMA0GCSqGSIb3DQEBCwUAA4IBAQCsgw0K6cY8MhjcPcZYmE7zFoHsDlaYAay9
fjnSzJsnxxLz1qP5u61tqXa1XAebAhRFWeA2kvM/elv4DshlnZ5JOiuHqPCx7L6L
+z1uc7oDefjpaQ42ooT9IxoHjNCq/CLGWr/Zvm3diboHrN5FwS2HFLDMO1BqBs8S
6kkTn1oJWgPYhjIwE69adnKrTxA5FS5MxbNvwMr39g3VAYzefHL6hyW2h28llJP6
ntasLjtGv7zfGY2dba7KWqrrhc+TRUPLrT4wCMcf1Hrcd8j3MpLSsC1d/aTaSVc7
yrg1vQSarLjAwNuX06B+G/lMR/7JCfg9JpSs4qrlU7qKXXdbBC67
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org