Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/3fe1a0-c6fd-4bc4-aae1-9ee006942b4b/1/hsqt7s2vfNKoptC4h9l8fHypu4k.roa
File:                     hsqt7s2vfNKoptC4h9l8fHypu4k.roa (raw, json)
Hash identifier:          SZueTl/2Q5/nwcJlpob157vKAazrJkIVH69BqSvsmz8=
Subject key identifier:   86:CA:AD:EE:CD:AF:7C:D2:A8:A6:D0:B8:87:D9:7C:7C:7C:A9:BB:89
Certificate issuer:       /CN=7f03a1f8c334fdbf4b78def0c592ff0490ddf4b0
Certificate serial:       05BC1994
Authority key identifier: 7F:03:A1:F8:C3:34:FD:BF:4B:78:DE:F0:C5:92:FF:04:90:DD:F4:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fwOh-MM0_b9LeN7wxZL_BJDd9LA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/3fe1a0-c6fd-4bc4-aae1-9ee006942b4b/1/hsqt7s2vfNKoptC4h9l8fHypu4k.roa
Signing time:             Sat 01 Jan 2022 10:59:30 +0000
ROA not before:           Sat 01 Jan 2022 10:59:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.13.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96213396 (0x5bc1994)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f03a1f8c334fdbf4b78def0c592ff0490ddf4b0
        Validity
            Not Before: Jan  1 10:59:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86caadeecdaf7cd2a8a6d0b887d97c7c7ca9bb89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:50:99:1d:bd:e4:a5:fc:0b:ef:a2:0b:ac:b3:
                    33:1b:3c:20:19:61:c7:df:92:b2:c1:f0:70:c1:f3:
                    e2:5b:e2:95:42:a4:38:84:c4:ac:9a:32:31:80:a4:
                    c7:90:60:63:5c:3f:94:a1:49:2c:18:1f:f2:b1:17:
                    16:7e:6f:9d:fb:b5:a9:56:7b:e0:f5:8d:78:6b:34:
                    a4:c9:a7:7b:b7:53:77:54:0c:7e:02:0d:56:2f:bb:
                    32:0c:83:0d:17:cf:1f:b9:d7:b9:aa:8a:4e:1b:a2:
                    59:94:3f:de:ba:09:9d:cc:00:77:3b:46:a9:a8:f2:
                    c9:f0:eb:2d:5e:8a:de:a8:13:6c:ff:21:dd:53:2d:
                    22:5d:cf:32:c9:12:2f:47:59:6b:86:cd:57:2e:dd:
                    df:df:29:af:df:ff:5c:05:95:75:02:ae:f7:44:2b:
                    0c:dc:ff:fb:0a:92:24:60:10:14:e8:5c:b3:dc:39:
                    dc:bf:a6:e0:e9:59:a1:75:a0:86:30:30:4b:5f:7e:
                    12:7a:57:cc:81:97:63:2a:66:fc:bb:c9:d8:77:e5:
                    ac:93:ea:0e:50:53:8d:da:a3:c8:1b:e3:56:6d:13:
                    14:3b:5e:dd:ed:f3:1f:c9:5f:97:b9:b8:8f:dc:05:
                    0c:b8:68:28:b3:35:0f:49:50:13:08:37:86:bf:66:
                    f9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:CA:AD:EE:CD:AF:7C:D2:A8:A6:D0:B8:87:D9:7C:7C:7C:A9:BB:89
            X509v3 Authority Key Identifier:
                keyid:7F:03:A1:F8:C3:34:FD:BF:4B:78:DE:F0:C5:92:FF:04:90:DD:F4:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fwOh-MM0_b9LeN7wxZL_BJDd9LA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/3fe1a0-c6fd-4bc4-aae1-9ee006942b4b/1/hsqt7s2vfNKoptC4h9l8fHypu4k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/3fe1a0-c6fd-4bc4-aae1-9ee006942b4b/1/fwOh-MM0_b9LeN7wxZL_BJDd9LA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:a4:ef:d0:1d:11:82:b3:ce:f8:32:28:1a:7f:b3:c7:6e:8d:
         f3:0c:03:97:73:53:8d:67:76:51:7d:65:f1:92:94:46:dd:d4:
         27:5c:33:42:a9:f4:b4:95:1c:9f:d8:a2:e9:c4:4a:98:18:be:
         41:d9:12:5c:f7:07:9f:31:27:0b:e1:cc:c6:7c:0a:e1:58:26:
         9a:29:18:e5:43:e2:a8:78:8c:8f:50:fa:e1:50:6d:88:38:19:
         fb:9c:5e:7b:c6:c2:d5:22:6a:90:6e:56:5c:45:2f:b9:76:a2:
         e6:fe:82:6c:90:96:01:17:02:4b:54:b5:90:5e:c1:0d:2f:48:
         64:51:f6:a0:f6:3e:3e:04:0d:7c:bd:ed:3c:48:93:b8:e4:c9:
         41:60:33:7f:18:eb:d4:35:e2:9f:c9:d3:56:d5:d4:3c:ba:95:
         12:e0:db:5a:41:e3:1e:df:8a:f2:2e:a4:93:e8:a9:b1:69:70:
         61:0a:69:3e:8a:e4:ab:50:1c:cf:ac:a8:01:c9:55:69:00:76:
         c7:d4:fc:88:10:2d:85:be:b9:dd:33:5f:f0:d5:75:3e:ba:c0:
         47:28:9a:ba:0d:75:35:05:9e:cb:56:fc:30:56:a2:07:7e:ba:
         b8:6c:98:61:a4:f7:8f:22:e6:f9:cf:52:53:8b:27:ee:81:a5:
         cc:e3:b2:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbwZlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZjAzYTFmOGMzMzRmZGJmNGI3OGRlZjBjNTkyZmYwNDkwZGRmNGIwMB4XDTIyMDEw
MTEwNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjYWFkZWVjZGFm
N2NkMmE4YTZkMGI4ODdkOTdjN2M3Y2E5YmI4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRQmR295KX8C++iC6yzMxs8IBlhx9+SssHwcMHz4lvilUKk
OITErJoyMYCkx5BgY1w/lKFJLBgf8rEXFn5vnfu1qVZ74PWNeGs0pMmne7dTd1QM
fgINVi+7MgyDDRfPH7nXuaqKThuiWZQ/3roJncwAdztGqajyyfDrLV6K3qgTbP8h
3VMtIl3PMskSL0dZa4bNVy7d398pr9//XAWVdQKu90QrDNz/+wqSJGAQFOhcs9w5
3L+m4OlZoXWghjAwS19+EnpXzIGXYypm/LvJ2HflrJPqDlBTjdqjyBvjVm0TFDte
3e3zH8lfl7m4j9wFDLhoKLM1D0lQEwg3hr9m+YMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGyq3uza980qim0LiH2Xx8fKm7iTAfBgNVHSMEGDAWgBR/A6H4wzT9v0t4
3vDFkv8EkN30sDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z3T2gtTU0wX2I5TGVON3d4WkxfQkpEZDlMQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvM2ZlMWEwLWM2ZmQtNGJjNC1hYWUxLTllZTAwNjk0MmI0Yi8x
L2hzcXQ3czJ2Zk5Lb3B0QzRoOWw4Zkh5cHU0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
M2ZlMWEwLWM2ZmQtNGJjNC1hYWUxLTllZTAwNjk0MmI0Yi8xL2Z3T2gtTU0wX2I5
TGVON3d4WkxfQkpEZDlMQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkNDjANBgkqhkiG9w0BAQsFAAOC
AQEAWaTv0B0RgrPO+DIoGn+zx26N8wwDl3NTjWd2UX1l8ZKURt3UJ1wzQqn0tJUc
n9ii6cRKmBi+QdkSXPcHnzEnC+HMxnwK4VgmmikY5UPiqHiMj1D64VBtiDgZ+5xe
e8bC1SJqkG5WXEUvuXai5v6CbJCWARcCS1S1kF7BDS9IZFH2oPY+PgQNfL3tPEiT
uOTJQWAzfxjr1DXin8nTVtXUPLqVEuDbWkHjHt+K8i6kk+ipsWlwYQppPorkq1Ac
z6yoAclVaQB2x9T8iBAthb653TNf8NV1PrrARyiaug11NQWey1b8MFaiB366uGyY
YaT3jyLm+c9SU4sn7oGlzOOy1g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:54 2023 by rpki-client on console-ams.rpki-client.org