Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/ek2svrpJaT-qSOV50hYfIDNXn4U.roa
File:                     ek2svrpJaT-qSOV50hYfIDNXn4U.roa (raw, json)
Hash identifier:          OLpq20pLuaGE65zqkRZWgl4rzl+hQTbzG+mEPSXWK7M=
Subject key identifier:   7A:4D:AC:BE:BA:49:69:3F:AA:48:E5:79:D2:16:1F:20:33:57:9F:85
Certificate issuer:       /CN=45962ea566054656ef82aace2d71c76d1b0b88bb
Certificate serial:       C491C4
Authority key identifier: 45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/ek2svrpJaT-qSOV50hYfIDNXn4U.roa
Signing time:             Sat 01 Jan 2022 01:56:03 +0000
ROA not before:           Sat 01 Jan 2022 01:56:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        130.193.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12882372 (0xc491c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45962ea566054656ef82aace2d71c76d1b0b88bb
        Validity
            Not Before: Jan  1 01:56:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a4dacbeba49693faa48e579d2161f2033579f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:05:aa:3f:49:b9:b9:11:64:1e:af:4e:4c:d7:
                    38:00:04:16:55:68:70:d2:86:c1:aa:86:20:b7:b6:
                    c6:51:fd:b8:2e:39:62:87:73:5a:f0:4d:f5:18:0d:
                    35:fb:3c:2e:37:87:2d:d6:9c:ef:ba:c0:3a:e0:21:
                    0c:a6:27:e5:97:94:f2:66:6f:8e:2b:e1:2b:db:8a:
                    c1:42:a1:3b:67:b8:bc:91:33:a4:50:06:20:f9:c6:
                    36:45:0e:ef:00:9a:e0:41:95:96:41:cd:fe:2a:3b:
                    40:69:33:54:05:51:0e:ea:69:e5:75:5b:26:49:d7:
                    05:f5:29:9f:4b:1f:63:fd:75:94:82:06:2b:c9:4d:
                    2e:ce:df:fc:b5:2d:19:f5:d3:ae:bf:c3:88:2d:a0:
                    e4:df:9a:9a:c8:5b:27:fc:6f:93:15:d7:7b:c3:18:
                    5f:8e:57:e6:6d:d4:88:70:1c:1a:59:ce:6f:b7:42:
                    02:e4:1d:53:d6:a8:9a:c5:fc:70:ca:23:79:5a:35:
                    23:5f:a6:fd:d8:b7:a4:3a:c4:c3:42:21:d1:f9:6e:
                    de:13:aa:59:fa:e1:8f:1c:ee:1b:3f:55:a5:b2:cd:
                    05:31:03:c9:c2:b4:4d:8c:b4:60:25:83:be:48:08:
                    1f:28:dc:42:79:1f:2a:00:9a:28:39:8e:ba:2d:3c:
                    4b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:4D:AC:BE:BA:49:69:3F:AA:48:E5:79:D2:16:1F:20:33:57:9F:85
            X509v3 Authority Key Identifier:
                keyid:45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/ek2svrpJaT-qSOV50hYfIDNXn4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/RZYupWYFRlbvgqrOLXHHbRsLiLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.193.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:64:95:d0:e1:b3:f0:7b:7c:70:16:ff:28:f6:8d:58:b0:61:
         cf:07:61:3e:86:d0:f3:ef:c7:71:3c:01:f1:1d:1b:ff:78:49:
         f3:4d:2d:b5:04:6a:00:8c:da:2c:68:d9:13:86:4e:ee:4d:58:
         48:4d:cf:2d:07:ea:5a:eb:1e:69:14:2b:7a:91:b9:02:e6:92:
         2b:7f:64:6c:94:64:b9:27:f2:57:ca:e5:95:a4:a0:c1:11:c6:
         c3:43:31:c1:9f:62:b7:4c:6e:ac:44:b9:0c:cb:29:53:04:0a:
         3a:2c:e6:81:2d:47:46:c8:b7:a6:e8:cc:57:33:95:2e:19:d8:
         2e:a8:48:ad:e1:e4:e3:4b:38:8b:7f:7c:39:38:52:91:17:c3:
         be:c5:5f:ea:41:9b:aa:22:de:28:f2:cf:92:6c:fc:da:85:c6:
         15:19:de:07:99:69:fa:a9:af:60:71:7e:67:85:80:f8:7d:c8:
         a2:a4:10:e6:41:de:5d:c2:64:34:72:4b:d5:50:e1:e0:c8:60:
         86:8c:03:af:5c:e3:61:7f:61:7f:03:66:1f:e9:01:9b:78:f3:
         ad:e3:86:89:b5:c9:70:34:98:6b:b0:87:27:7f:d4:6e:c2:2e:
         ee:2a:e8:d9:2a:74:db:4e:d4:c1:20:8c:18:f6:14:c9:c9:4d:
         2c:8a:06:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMSRxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTk2MmVhNTY2MDU0NjU2ZWY4MmFhY2UyZDcxYzc2ZDFiMGI4OGJiMB4XDTIyMDEw
MTAxNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E0ZGFjYmViYTQ5
NjkzZmFhNDhlNTc5ZDIxNjFmMjAzMzU3OWY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEFqj9JubkRZB6vTkzXOAAEFlVocNKGwaqGILe2xlH9uC45
YodzWvBN9RgNNfs8LjeHLdac77rAOuAhDKYn5ZeU8mZvjivhK9uKwUKhO2e4vJEz
pFAGIPnGNkUO7wCa4EGVlkHN/io7QGkzVAVRDupp5XVbJknXBfUpn0sfY/11lIIG
K8lNLs7f/LUtGfXTrr/DiC2g5N+amshbJ/xvkxXXe8MYX45X5m3UiHAcGlnOb7dC
AuQdU9aomsX8cMojeVo1I1+m/di3pDrEw0Ih0flu3hOqWfrhjxzuGz9VpbLNBTED
ycK0TYy0YCWDvkgIHyjcQnkfKgCaKDmOui08SysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6Tay+uklpP6pI5XnSFh8gM1efhTAfBgNVHSMEGDAWgBRFli6lZgVGVu+C
qs4tccdtGwuIuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JaWXVwV1lGUmxidmdxck9MWEhIYlJzTGlMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMWVkM2UyLWEwOWMtNDljMi05OTI4LWM1YzA4MmEzMTNmNy8x
L2VrMnN2cnBKYVQtcVNPVjUwaFlmSUROWG40VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MWVkM2UyLWEwOWMtNDljMi05OTI4LWM1YzA4MmEzMTNmNy8xL1JaWXVwV1lGUmxi
dmdxck9MWEhIYlJzTGlMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAILBAjANBgkqhkiG9w0BAQsFAAOC
AQEAXWSV0OGz8Ht8cBb/KPaNWLBhzwdhPobQ8+/HcTwB8R0b/3hJ800ttQRqAIza
LGjZE4ZO7k1YSE3PLQfqWuseaRQrepG5AuaSK39kbJRkuSfyV8rllaSgwRHGw0Mx
wZ9it0xurES5DMspUwQKOizmgS1HRsi3pujMVzOVLhnYLqhIreHk40s4i398OThS
kRfDvsVf6kGbqiLeKPLPkmz82oXGFRneB5lp+qmvYHF+Z4WA+H3IoqQQ5kHeXcJk
NHJL1VDh4MhghowDr1zjYX9hfwNmH+kBm3jzreOGibXJcDSYa7CHJ3/UbsIu7iro
2Sp0207UwSCMGPYUyclNLIoG7w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:46 2023 by rpki-client on console-fra.rpki-client.org