Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa
File:                     LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa (raw, json)
Hash identifier:          1b8q19fHyUYfqixEOcbhWMszYuSk8rxpbt8Hl6HrG/c=
Subject key identifier:   2D:9D:A6:F6:0F:7D:4A:C8:3D:56:4C:EC:F2:AD:9C:72:35:13:0C:EB
Certificate issuer:       /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial:       0182D89748B656B3E0B3BA3983CDF772DC7E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa
Signing time:             Fri 26 Aug 2022 05:19:29 +0000
ROA not before:           Fri 26 Aug 2022 05:19:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        2a0e:1b43::/32 maxlen: 32
                          2a10:12c3::/32 maxlen: 32
                          2a10:12c0::/29 maxlen: 29
                          2a10:12c7::/32 maxlen: 32
                          2a0e:1b47::/32 maxlen: 32
                          2a0e:1b40::/32 maxlen: 32
                          2a10:12c0::/32 maxlen: 32
                          2a10:12c6::/32 maxlen: 32
                          2a0e:1b46::/32 maxlen: 32
                          2a0e:1b41::/32 maxlen: 32
                          2a0e:1b45::/32 maxlen: 32
                          2a10:12c5::/32 maxlen: 32
                          2a10:12c1::/32 maxlen: 32
                          2a0e:1b44::/32 maxlen: 32
                          2a10:12c4::/32 maxlen: 32
                          2a10:12c2::/32 maxlen: 32
                          2a0e:1b42::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d8:97:48:b6:56:b3:e0:b3:ba:39:83:cd:f7:72:dc:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
        Validity
            Not Before: Aug 26 05:19:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d9da6f60f7d4ac83d564cecf2ad9c7235130ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:15:f6:ee:51:97:19:55:e8:2f:a8:49:f6:7e:
                    55:1a:eb:8b:fe:a8:36:e4:7e:ef:15:32:cc:26:ab:
                    c7:9e:f6:bb:cf:a0:ae:3d:02:43:68:8d:6b:cf:b6:
                    9e:50:d1:8c:60:09:3d:89:94:56:d7:60:54:7e:fd:
                    2b:83:39:f4:80:f7:4e:90:97:0b:ab:fe:fd:6a:94:
                    18:97:93:56:12:a2:c9:0a:7c:fd:9e:fb:b1:20:6e:
                    71:4a:48:6a:44:cd:2c:65:60:3d:fd:b6:10:0c:76:
                    e6:61:8b:56:51:33:2a:16:ba:3a:86:a6:a7:d8:9f:
                    bc:5d:45:cf:ff:d5:9b:5f:ad:e7:88:c4:d7:1b:88:
                    a4:ab:bb:db:7c:43:80:5e:d3:60:c4:b7:7f:6a:68:
                    95:20:76:b2:0a:19:4b:fb:69:5a:77:02:a5:10:ac:
                    7f:df:9b:e5:93:59:40:fc:a1:8b:ab:63:f8:b9:9c:
                    65:7b:a5:3c:bd:8b:5a:33:db:3a:2d:b9:26:87:13:
                    b4:af:f5:89:e9:24:b3:3c:9b:1d:c2:f7:fb:82:cf:
                    fc:f7:e5:7f:cf:3d:c1:ee:0a:df:cc:2d:7b:07:bc:
                    17:dd:53:21:62:b5:5e:33:cf:fc:e2:02:5f:ff:c5:
                    42:1e:ab:cf:37:89:a4:b0:42:5d:ff:67:21:e4:8e:
                    24:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:9D:A6:F6:0F:7D:4A:C8:3D:56:4C:EC:F2:AD:9C:72:35:13:0C:EB
            X509v3 Authority Key Identifier:
                keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:1b40::/29
                  2a10:12c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         72:4a:2f:d2:63:0b:40:b4:80:23:a2:e8:38:fb:de:e3:b2:02:
         93:ee:e4:05:b0:fe:62:40:9a:1d:04:4e:91:2e:db:8c:34:39:
         d7:80:9c:10:d8:a6:05:c3:01:50:0c:87:cd:7f:22:3d:c9:00:
         04:0e:a9:e7:8a:07:61:24:43:44:cf:cd:0d:cd:bd:be:35:f8:
         f9:db:1a:dd:7f:51:1d:59:d3:02:d7:ba:92:59:af:05:fe:0b:
         e3:47:b7:e0:5f:ab:69:6a:fe:9d:de:6f:69:c8:a7:e1:50:36:
         47:62:f5:cb:59:b0:de:d8:7f:38:ab:54:54:3d:43:7f:b9:1d:
         82:eb:92:14:4f:26:99:85:00:34:93:91:7b:e7:a7:88:e4:3b:
         f4:ed:3f:ea:6d:a6:29:b4:b8:90:1c:22:67:cb:e5:72:9b:e5:
         9c:0b:01:6a:4b:14:4a:d5:39:68:71:05:27:63:ac:a9:d5:dc:
         5e:e0:47:15:60:6c:52:17:5e:c8:a3:b6:d4:04:8b:1e:df:0d:
         97:a4:d5:98:03:97:e5:70:7c:01:7a:33:85:8b:b7:3c:c5:3e:
         d6:5c:15:a1:43:a2:50:44:18:df:6a:89:5e:7f:d5:39:e4:98:
         d7:3c:d0:c3:72:5d:a6:8d:54:f0:1e:98:db:92:8f:e2:bc:bf:
         69:cb:e4:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLYl0i2VrPgs7o5g833ctx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIwODI2MDUxOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDlkYTZmNjBmN2Q0YWM4M2Q1NjRjZWNmMmFkOWM3MjM1MTMwY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBX27lGXGVXoL6hJ9n5VGuuL/qg2
5H7vFTLMJqvHnva7z6CuPQJDaI1rz7aeUNGMYAk9iZRW12BUfv0rgzn0gPdOkJcL
q/79apQYl5NWEqLJCnz9nvuxIG5xSkhqRM0sZWA9/bYQDHbmYYtWUTMqFro6hqan
2J+8XUXP/9WbX63niMTXG4ikq7vbfEOAXtNgxLd/amiVIHayChlL+2ladwKlEKx/
35vlk1lA/KGLq2P4uZxle6U8vYtaM9s6LbkmhxO0r/WJ6SSzPJsdwvf7gs/89+V/
zz3B7grfzC17B7wX3VMhYrVeM8/84gJf/8VCHqvPN4mksEJd/2ch5I4k0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC2dpvYPfUrIPVZM7PKtnHI1EwzrMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvTFoybTlnOTlTc2c5Vmt6czhxMmNjalVURE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg4bQAMF
AyoQEsAwDQYJKoZIhvcNAQELBQADggEBAHJKL9JjC0C0gCOi6Dj73uOyApPu5AWw
/mJAmh0ETpEu24w0OdeAnBDYpgXDAVAMh81/Ij3JAAQOqeeKB2EkQ0TPzQ3Nvb41
+PnbGt1/UR1Z0wLXupJZrwX+C+NHt+Bfq2lq/p3eb2nIp+FQNkdi9ctZsN7Yfzir
VFQ9Q3+5HYLrkhRPJpmFADSTkXvnp4jkO/TtP+ptpim0uJAcImfL5XKb5ZwLAWpL
FErVOWhxBSdjrKnV3F7gRxVgbFIXXsijttQEix7fDZek1ZgDl+VwfAF6M4WLtzzF
PtZcFaFDolBEGN9qiV5/1TnkmNc80MNyXaaNVPAemNuSj+K8v2nL5Is=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org