Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/mBy1PvGSJRf3IMuQ9oe6Bti_hI8.roa
File:                     mBy1PvGSJRf3IMuQ9oe6Bti_hI8.roa (raw, json)
Hash identifier:          uTomKBpbL0dScKTrqjEsysgWkWkTIlFda0Mwnyq1LYs=
Subject key identifier:   98:1C:B5:3E:F1:92:25:17:F7:20:CB:90:F6:87:BA:06:D8:BF:84:8F
Certificate issuer:       /CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
Certificate serial:       10EFCE
Authority key identifier: B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/mBy1PvGSJRf3IMuQ9oe6Bti_hI8.roa
Signing time:             Thu 23 Jun 2022 12:12:12 +0000
ROA not before:           Thu 23 Jun 2022 12:12:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a13:2e01::/36 maxlen: 48
                          2a13:2e00::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1109966 (0x10efce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
        Validity
            Not Before: Jun 23 12:12:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=981cb53ef1922517f720cb90f687ba06d8bf848f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:82:bc:2d:ae:e5:e9:67:a9:b5:52:17:da:1c:
                    3f:ed:7f:7c:c3:5c:ba:85:8e:a9:fe:d5:4d:07:21:
                    a7:2f:31:46:47:78:c9:8f:5f:8f:3d:07:12:75:a4:
                    6a:76:81:9d:f1:c8:05:e9:96:97:cc:5e:f2:e5:e8:
                    c3:03:ec:35:89:41:46:d1:61:2a:9b:46:e5:52:ef:
                    df:32:20:c2:54:47:78:c1:7f:35:dc:cf:0e:a9:6a:
                    3d:96:12:43:5e:de:de:9e:58:56:b8:88:1c:0e:db:
                    20:1b:fb:21:5e:7c:88:7e:6a:2c:12:16:7d:b5:d5:
                    58:ac:93:dc:54:3c:5d:23:27:01:12:28:fa:e5:34:
                    74:c2:b4:77:fc:09:ca:ff:65:81:8a:19:57:62:11:
                    1c:47:d7:38:48:3b:6f:5d:93:7c:da:43:46:9a:cd:
                    58:54:ed:93:23:a6:f0:f4:7e:70:1d:e5:eb:a9:e3:
                    ec:f6:d5:ad:c4:94:68:56:c2:fa:ea:3f:bf:08:c0:
                    e8:c5:d7:61:01:73:66:3f:02:03:03:89:87:6e:c2:
                    76:d1:23:30:1a:7e:a6:03:8c:33:5f:3f:fe:c2:78:
                    0c:eb:e4:f4:31:15:78:e2:ad:bd:bf:a9:46:a0:f3:
                    2b:1b:2b:6b:e7:fa:a7:46:13:3b:75:84:78:d5:9c:
                    34:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:1C:B5:3E:F1:92:25:17:F7:20:CB:90:F6:87:BA:06:D8:BF:84:8F
            X509v3 Authority Key Identifier:
                keyid:B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/mBy1PvGSJRf3IMuQ9oe6Bti_hI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:2e00::/36
                  2a13:2e01::/36

    Signature Algorithm: sha256WithRSAEncryption
         9a:13:40:5c:5e:a4:65:ea:c0:9b:0e:b2:b5:74:60:f0:a4:31:
         0f:95:b3:13:80:bd:b6:6e:55:07:14:42:0c:c7:14:45:18:56:
         88:0a:c6:e5:15:4f:09:48:06:b8:70:5a:e5:31:5c:4b:66:24:
         9c:87:a8:c5:97:08:72:36:1c:fe:60:33:82:8e:22:a5:21:f8:
         1a:89:82:76:c3:2b:fa:fd:ee:83:55:d8:88:a7:aa:2e:6a:c6:
         9c:83:47:a5:ed:3d:00:a5:ef:d4:d2:fe:2e:4e:13:60:5f:11:
         47:fb:53:64:8a:85:8b:59:5d:61:b7:ab:00:b1:1b:fb:b6:ff:
         1b:70:6e:22:49:e6:29:04:83:c0:4c:6a:01:81:71:10:b8:c6:
         74:42:d5:84:15:13:e5:84:c2:6e:96:b8:8f:1e:c2:19:ec:97:
         76:ae:bc:bb:3b:10:9b:71:f9:da:83:3f:a4:61:d7:e0:97:8c:
         b3:ba:e5:87:fa:cb:ea:84:9d:d6:63:4c:7c:2c:0d:d7:32:ae:
         1d:32:80:a7:c9:ac:a5:f7:b4:7c:f3:a2:9e:4e:f9:8d:71:41:
         ef:e7:12:bc:e6:b2:8d:3a:7c:d7:a1:2d:50:9b:62:e0:97:8d:
         52:77:a0:0d:d2:b9:24:8c:03:aa:2d:a1:fa:97:70:69:4a:29:
         12:72:ff:18
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIDEO/OMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI5
YWIzNjEzOTQ2ODNlNGYyNDM5N2NmYzhmMjNlYWIyYzY4MjhkZWEwHhcNMjIwNjIz
MTIxMjEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ODFjYjUzZWYxOTIy
NTE3ZjcyMGNiOTBmNjg3YmEwNmQ4YmY4NDhmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwYK8La7l6WeptVIX2hw/7X98w1y6hY6p/tVNByGnLzFGR3jJ
j1+PPQcSdaRqdoGd8cgF6ZaXzF7y5ejDA+w1iUFG0WEqm0blUu/fMiDCVEd4wX81
3M8OqWo9lhJDXt7enlhWuIgcDtsgG/shXnyIfmosEhZ9tdVYrJPcVDxdIycBEij6
5TR0wrR3/AnK/2WBihlXYhEcR9c4SDtvXZN82kNGms1YVO2TI6bw9H5wHeXrqePs
9tWtxJRoVsL66j+/CMDoxddhAXNmPwIDA4mHbsJ20SMwGn6mA4wzXz/+wngM6+T0
MRV44q29v6lGoPMrGytr5/qnRhM7dYR41Zw0YwIDAQABo4ICEzCCAg8wHQYDVR0O
BBYEFJgctT7xkiUX9yDLkPaHugbYv4SPMB8GA1UdIwQYMBaAFLmrNhOUaD5PJDl8
/I8j6rLGgo3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDctZGRmZWI0MjRhZGY1LzEv
bUJ5MVB2R1NKUmYzSU11UTlvZTZCdGlfaEk4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8z
NjBlZjktZWMyMC00ZTEzLTk2NDctZGRmZWI0MjRhZGY1LzEvdWFzMkU1Um9Qazhr
T1h6OGp5UHFzc2FDamVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCkG
CCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhMuAAADBgQqEy4BADANBgkqhkiG
9w0BAQsFAAOCAQEAmhNAXF6kZerAmw6ytXRg8KQxD5WzE4C9tm5VBxRCDMcURRhW
iArG5RVPCUgGuHBa5TFcS2YknIeoxZcIcjYc/mAzgo4ipSH4GomCdsMr+v3ug1XY
iKeqLmrGnINHpe09AKXv1NL+Lk4TYF8RR/tTZIqFi1ldYberALEb+7b/G3BuIknm
KQSDwExqAYFxELjGdELVhBUT5YTCbpa4jx7CGeyXdq68uzsQm3H52oM/pGHX4JeM
s7rlh/rL6oSd1mNMfCwN1zKuHTKAp8mspfe0fPOink75jXFB7+cSvOayjTp816Et
UJti4JeNUnegDdK5JIwDqi2h+pdwaUopEnL/GA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:37 2024 by rpki-client on console-ams.rpki-client.org