Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/sugC05eq1I7yqtG6WZ6V3i-ru-A.roa
File:                     sugC05eq1I7yqtG6WZ6V3i-ru-A.roa (raw, json)
Hash identifier:          MwKLYgHEeRIsB+SRelXZH70oWPKnzjJ3/iqMt5dzaYY=
Subject key identifier:   B2:E8:02:D3:97:AA:D4:8E:F2:AA:D1:BA:59:9E:95:DE:2F:AB:BB:E0
Certificate issuer:       /CN=a3e6332cc397d338e1d6a1fb86c2b71c92cb2559
Certificate serial:       0183130E8AB655AD4B08E6A479EA85345AF1
Authority key identifier: A3:E6:33:2C:C3:97:D3:38:E1:D6:A1:FB:86:C2:B7:1C:92:CB:25:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o-YzLMOX0zjh1qH7hsK3HJLLJVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/sugC05eq1I7yqtG6WZ6V3i-ru-A.roa
Signing time:             Tue 06 Sep 2022 13:47:43 +0000
ROA not before:           Tue 06 Sep 2022 13:47:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        2a11:8380::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:13:0e:8a:b6:55:ad:4b:08:e6:a4:79:ea:85:34:5a:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3e6332cc397d338e1d6a1fb86c2b71c92cb2559
        Validity
            Not Before: Sep  6 13:47:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2e802d397aad48ef2aad1ba599e95de2fabbbe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f0:db:b9:e7:76:5e:56:f1:10:26:45:ba:26:
                    8f:73:2c:1e:be:72:63:c8:0a:5d:41:d6:11:97:5b:
                    f5:d4:cf:92:e5:8c:a8:f8:20:3c:af:6a:17:8f:7e:
                    b4:89:ea:90:f5:a9:8d:8e:39:d7:1f:63:2a:21:4e:
                    32:53:b0:63:8b:ac:97:46:fd:18:89:4e:8b:6b:82:
                    b3:99:69:07:4e:37:c2:61:0e:98:1b:c1:91:42:17:
                    1f:80:0c:db:57:2d:72:6c:62:f8:50:6f:f5:0a:7c:
                    1f:b5:d5:0c:68:9d:d8:68:7c:51:cc:6d:4f:77:f4:
                    40:0a:9f:86:b6:b7:82:c8:42:61:80:f6:ca:e5:d1:
                    63:0a:6b:54:37:29:38:ee:38:98:8c:9c:b2:d0:6f:
                    6a:77:53:d5:46:b2:53:a5:65:86:97:e8:2e:a6:a0:
                    25:46:58:7d:6e:d7:48:67:f5:b4:08:eb:97:6c:d6:
                    4d:a5:d8:77:ed:c3:c4:ec:a7:46:80:f4:bc:c4:69:
                    7c:5b:a6:73:66:16:34:c2:23:8d:91:c3:99:f4:bb:
                    3b:74:4c:ce:15:46:44:28:28:f4:52:c7:70:91:81:
                    27:6d:21:bb:34:fe:d8:2b:54:d7:1b:09:aa:75:ca:
                    d8:1a:59:56:b2:dc:6f:c7:c5:84:39:d2:b6:3c:b6:
                    d3:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:E8:02:D3:97:AA:D4:8E:F2:AA:D1:BA:59:9E:95:DE:2F:AB:BB:E0
            X509v3 Authority Key Identifier:
                keyid:A3:E6:33:2C:C3:97:D3:38:E1:D6:A1:FB:86:C2:B7:1C:92:CB:25:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-YzLMOX0zjh1qH7hsK3HJLLJVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/sugC05eq1I7yqtG6WZ6V3i-ru-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5ec55a-7461-408e-b45c-e5f26bc4d46e/1/o-YzLMOX0zjh1qH7hsK3HJLLJVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:8380::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:ed:d9:62:b5:d2:dc:00:d5:2e:d9:2c:57:b8:98:de:0f:85:
         af:43:18:58:e7:8e:08:9e:9c:29:ee:e5:fc:36:ea:83:94:23:
         87:0a:ef:7b:c5:a5:05:fe:a5:a4:94:21:2f:66:af:4d:45:fb:
         fe:66:09:d3:77:c1:73:21:8d:e3:58:72:a2:0c:46:aa:4f:e0:
         14:0b:05:a3:9b:eb:2f:24:a7:d4:70:46:5b:04:9e:e8:d5:1b:
         26:d3:f4:26:d3:d5:f8:5b:7e:ae:04:ed:f1:80:e2:34:0c:d9:
         d0:64:59:1b:68:52:d5:48:0e:76:b4:86:60:ca:1d:8e:35:46:
         a4:56:d3:6a:b4:5d:d6:e2:28:22:4b:0f:96:ee:7c:0e:fa:67:
         a9:b0:a2:b1:d0:04:4c:b4:0d:5a:5f:c8:09:73:88:97:d7:b0:
         88:27:75:30:27:72:fe:b5:40:38:4d:91:4d:f4:c0:93:16:76:
         eb:86:a8:30:09:81:bb:3c:08:73:99:de:ef:b4:78:9e:a8:98:
         d7:49:0f:f5:83:a8:19:9b:bc:5c:3c:89:dc:ed:e3:2c:2d:fa:
         de:2b:ad:37:87:ae:db:62:01:8c:1f:15:5e:ad:c3:22:82:84:
         b6:50:07:94:83:5e:ee:96:9e:cd:3e:9c:b5:06:6a:31:58:d8:
         e8:5f:b3:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYMTDoq2Va1LCOakeeqFNFrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTYzMzJjYzM5N2QzMzhlMWQ2YTFmYjg2YzJiNzFjOTJj
YjI1NTkwHhcNMjIwOTA2MTM0NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU4MDJkMzk3YWFkNDhlZjJhYWQxYmE1OTllOTVkZTJmYWJiYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPDbued2XlbxECZFuiaPcywevnJj
yApdQdYRl1v11M+S5Yyo+CA8r2oXj360ieqQ9amNjjnXH2MqIU4yU7Bji6yXRv0Y
iU6La4KzmWkHTjfCYQ6YG8GRQhcfgAzbVy1ybGL4UG/1CnwftdUMaJ3YaHxRzG1P
d/RACp+GtreCyEJhgPbK5dFjCmtUNyk47jiYjJyy0G9qd1PVRrJTpWWGl+gupqAl
Rlh9btdIZ/W0COuXbNZNpdh37cPE7KdGgPS8xGl8W6ZzZhY0wiONkcOZ9Ls7dEzO
FUZEKCj0UsdwkYEnbSG7NP7YK1TXGwmqdcrYGllWstxvx8WEOdK2PLbTMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLLoAtOXqtSO8qrRulmeld4vq7vgMB8GA1UdIwQY
MBaAFKPmMyzDl9M44dah+4bCtxySyyVZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1ZekxNT1gwempoMXFIN2hzSzNISkxMSlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS81ZWM1NWEtNzQ2MS00MDhlLWI0NWMt
ZTVmMjZiYzRkNDZlLzEvc3VnQzA1ZXExSTd5cXRHNldaNlYzaS1ydS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS81ZWM1NWEtNzQ2MS00MDhlLWI0NWMtZTVmMjZiYzRkNDZl
LzEvby1ZekxNT1gwempoMXFIN2hzSzNISkxMSlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAk+3ZYrXS3ADVLtksV7iY3g+Fr0MYWOeOCJ6cKe7l
/Dbqg5Qjhwrve8WlBf6lpJQhL2avTUX7/mYJ03fBcyGN41hyogxGqk/gFAsFo5vr
LySn1HBGWwSe6NUbJtP0JtPV+Ft+rgTt8YDiNAzZ0GRZG2hS1UgOdrSGYModjjVG
pFbTarRd1uIoIksPlu58DvpnqbCisdAETLQNWl/ICXOIl9ewiCd1MCdy/rVAOE2R
TfTAkxZ264aoMAmBuzwIc5ne77R4nqiY10kP9YOoGZu8XDyJ3O3jLC363iutN4eu
22IBjB8VXq3DIoKEtlAHlINe7paezT6ctQZqMVjY6F+zvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:54 2023 by rpki-client on console-fra.rpki-client.org