Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/nBkqydCcPayCO1t96-xCjuj2iXM.roa
File:                     nBkqydCcPayCO1t96-xCjuj2iXM.roa (raw, json)
Hash identifier:          Wxe20rA8r1QzJX9SM7Vd1TLRj97m3YcFIVMp3XDEK1w=
Subject key identifier:   9C:19:2A:C9:D0:9C:3D:AC:82:3B:5B:7D:EB:EC:42:8E:E8:F6:89:73
Certificate issuer:       /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial:       01852A126378E2B9E2B2BBC482198A60BF7B
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/nBkqydCcPayCO1t96-xCjuj2iXM.roa
Signing time:             Mon 19 Dec 2022 11:08:46 +0000
ROA not before:           Mon 19 Dec 2022 11:08:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        2a13:27c0:10::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2a:12:63:78:e2:b9:e2:b2:bb:c4:82:19:8a:60:bf:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
        Validity
            Not Before: Dec 19 11:08:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9c192ac9d09c3dac823b5b7debec428ee8f68973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:99:b4:d7:a0:16:ae:93:46:3d:5b:0c:82:5b:
                    51:10:af:88:73:46:65:02:15:d3:f1:1c:55:03:62:
                    f9:d6:63:5f:5f:7d:15:b0:80:72:ec:dc:ef:16:e0:
                    38:79:d8:d3:be:ca:cd:d9:2c:a9:81:d9:92:d4:b9:
                    19:69:74:a2:73:7b:69:da:1d:b9:49:65:35:a6:9c:
                    76:66:57:f2:2a:06:1e:ae:57:27:10:c2:17:fd:89:
                    0b:80:80:cc:10:f3:5f:86:ce:e6:b6:0a:c1:7d:66:
                    57:21:39:66:90:ea:d1:b4:dc:fd:30:4b:df:af:a5:
                    dd:1d:ad:a7:04:5f:a5:f5:fa:05:ac:e0:4d:b2:aa:
                    de:17:1c:e6:3b:95:13:2c:34:09:68:6a:9c:af:e6:
                    62:25:12:46:4c:33:3a:37:99:52:b6:50:0e:ad:70:
                    49:50:e0:22:35:2b:01:14:ee:5b:72:fb:38:b8:52:
                    02:ed:94:a6:77:60:ce:f2:cc:d2:fa:e7:e2:0f:42:
                    50:84:65:a9:de:2a:17:91:b9:c2:c2:a8:77:91:52:
                    55:69:ad:a0:bd:85:e0:05:65:90:65:72:68:4a:d8:
                    c5:54:1a:7c:d6:a4:01:37:9e:08:3d:b9:53:9f:fe:
                    5e:02:8e:3f:56:c1:ed:e4:5e:4f:2f:f9:ed:34:4d:
                    10:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:19:2A:C9:D0:9C:3D:AC:82:3B:5B:7D:EB:EC:42:8E:E8:F6:89:73
            X509v3 Authority Key Identifier:
                keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/nBkqydCcPayCO1t96-xCjuj2iXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:27c0:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         08:7b:ab:0b:eb:e9:3f:18:a4:d4:f2:ac:be:ac:5c:b5:fd:4c:
         72:ed:70:84:0f:55:9c:a0:a4:eb:b6:d5:c1:ed:0d:bc:bc:5d:
         b7:06:bb:54:98:18:e1:37:92:2b:12:c1:60:b3:22:b2:60:e3:
         3a:00:0d:79:f1:77:c6:d7:b5:0c:b8:21:e6:cb:bf:4c:37:0a:
         ee:62:77:d7:08:d9:d3:17:4b:25:37:8c:6c:d2:8d:17:75:71:
         23:eb:c3:99:95:9a:08:27:a0:9c:67:39:d4:bf:ab:24:3c:9c:
         dc:a6:68:f2:13:6e:db:9a:8d:ee:d4:e2:9d:d2:50:d5:31:a0:
         87:40:8a:b6:08:f7:60:bc:6f:c6:43:ba:93:45:d2:d3:29:90:
         32:d7:cc:b5:54:8f:24:57:88:bd:a4:c2:de:ae:f2:c3:06:84:
         8c:fc:3c:ab:81:b0:ce:74:53:c1:b7:26:bf:c5:5c:b7:b7:fe:
         43:2f:52:24:5e:fe:7e:2b:3b:56:55:56:5f:92:a3:53:f1:4a:
         cf:a4:09:14:81:c8:fb:ad:59:72:5c:b1:1d:0a:71:55:db:ae:
         00:f5:38:5c:c2:3a:ed:73:1f:42:87:22:ad:9a:0e:00:f9:bc:
         07:69:c2:3b:be:8c:4a:98:c4:c6:c0:91:33:51:7f:93:28:d8:
         a6:d4:c2:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUqEmN44rnisrvEghmKYL97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjIxMjE5MTEwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE5MmFjOWQwOWMzZGFjODIzYjViN2RlYmVjNDI4ZWU4ZjY4OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZm016AWrpNGPVsMgltREK+Ic0Zl
AhXT8RxVA2L51mNfX30VsIBy7NzvFuA4edjTvsrN2SypgdmS1LkZaXSic3tp2h25
SWU1ppx2ZlfyKgYerlcnEMIX/YkLgIDMEPNfhs7mtgrBfWZXITlmkOrRtNz9MEvf
r6XdHa2nBF+l9foFrOBNsqreFxzmO5UTLDQJaGqcr+ZiJRJGTDM6N5lStlAOrXBJ
UOAiNSsBFO5bcvs4uFIC7ZSmd2DO8szS+ufiD0JQhGWp3ioXkbnCwqh3kVJVaa2g
vYXgBWWQZXJoStjFVBp81qQBN54IPblTn/5eAo4/VsHt5F5PL/ntNE0QTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJwZKsnQnD2sgjtbfevsQo7o9olzMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvbkJrcXlkQ2NQYXlDTzF0OTYteENqdWoyaVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhMnwAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAIe6sL6+k/GKTU8qy+rFy1/Uxy7XCED1WcoKTr
ttXB7Q28vF23BrtUmBjhN5IrEsFgsyKyYOM6AA158XfG17UMuCHmy79MNwruYnfX
CNnTF0slN4xs0o0XdXEj68OZlZoIJ6CcZznUv6skPJzcpmjyE27bmo3u1OKd0lDV
MaCHQIq2CPdgvG/GQ7qTRdLTKZAy18y1VI8kV4i9pMLervLDBoSM/DyrgbDOdFPB
tya/xVy3t/5DL1IkXv5+KztWVVZfkqNT8UrPpAkUgcj7rVlyXLEdCnFV264A9Thc
wjrtcx9ChyKtmg4A+bwHacI7voxKmMTGwJEzUX+TKNim1MJo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:02 2024 by rpki-client on console-fra.rpki-client.org