Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/_g73lGaLhwt82HyeRNw8vxy7_FU.roa
File:                     _g73lGaLhwt82HyeRNw8vxy7_FU.roa (raw, json)
Hash identifier:          +4DBTMLP3UNfM5oglilB01me8j+Hd/23JUqjfDTYlCM=
Subject key identifier:   FE:0E:F7:94:66:8B:87:0B:7C:D8:7C:9E:44:DC:3C:BF:1C:BB:FC:55
Certificate issuer:       /CN=92f7d213fa13708e3200184ff1bc391577cc252f
Certificate serial:       0184A3D85DD390B6BF1D219B0FAD908CA6E8
Authority key identifier: 92:F7:D2:13:FA:13:70:8E:32:00:18:4F:F1:BC:39:15:77:CC:25:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kvfSE_oTcI4yABhP8bw5FXfMJS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/_g73lGaLhwt82HyeRNw8vxy7_FU.roa
Signing time:             Wed 23 Nov 2022 09:36:16 +0000
ROA not before:           Wed 23 Nov 2022 09:36:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202044
IP address blocks:        2a13:c44::/30 maxlen: 30
                          2a13:c40::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a3:d8:5d:d3:90:b6:bf:1d:21:9b:0f:ad:90:8c:a6:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92f7d213fa13708e3200184ff1bc391577cc252f
        Validity
            Not Before: Nov 23 09:36:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe0ef794668b870b7cd87c9e44dc3cbf1cbbfc55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a2:86:5b:0e:56:0c:4e:08:56:70:93:6b:fc:
                    82:93:9e:9d:f7:88:92:66:6f:d1:76:f2:7f:17:64:
                    72:de:17:52:e1:b7:fc:76:40:e0:c1:dc:20:ed:4f:
                    bb:b2:44:6e:36:9a:4c:22:35:7c:cc:df:da:5d:84:
                    75:c1:ef:6e:3b:95:6c:f5:ac:9f:79:3d:33:87:58:
                    df:5d:ec:27:ee:60:a1:94:76:e2:15:ec:cf:97:bc:
                    55:d7:cf:8f:40:77:83:f9:88:4e:32:bb:be:ab:2e:
                    81:86:f3:1b:60:86:00:6d:8e:3b:1a:fa:47:96:20:
                    25:bd:f8:ce:50:d8:8b:b1:11:39:0a:4a:1b:2d:49:
                    21:ad:0f:10:78:51:17:e9:b5:85:47:33:b3:18:fe:
                    83:d5:44:4f:03:4e:ae:fe:73:ef:f4:85:ba:c5:6a:
                    5f:85:8f:af:4a:27:5c:21:7b:a3:39:15:f1:92:0e:
                    6d:d4:cb:01:d8:ca:46:64:57:c3:ee:9a:1e:e2:63:
                    cd:a4:93:ab:27:11:95:49:49:7d:78:08:f4:38:ba:
                    7a:7d:b9:6c:fa:34:32:e2:13:de:08:bf:2c:e6:37:
                    d3:c5:89:cb:37:40:3e:82:01:c0:99:5e:06:6a:90:
                    0d:1d:e2:52:16:f5:91:69:1c:62:bb:3e:d4:13:90:
                    ce:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:0E:F7:94:66:8B:87:0B:7C:D8:7C:9E:44:DC:3C:BF:1C:BB:FC:55
            X509v3 Authority Key Identifier:
                keyid:92:F7:D2:13:FA:13:70:8E:32:00:18:4F:F1:BC:39:15:77:CC:25:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvfSE_oTcI4yABhP8bw5FXfMJS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/_g73lGaLhwt82HyeRNw8vxy7_FU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/482101-ac94-4f0b-9309-3e18ee6b4a5a/1/kvfSE_oTcI4yABhP8bw5FXfMJS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         64:8b:32:e1:c4:9d:3d:4f:09:8c:a8:bf:c2:a0:6f:03:87:ee:
         64:27:ee:e6:28:a6:68:e4:a2:71:e3:93:a0:f1:6e:69:ee:b4:
         9c:c3:1a:bf:6d:f3:cf:e2:7e:db:e9:9f:dc:6f:f0:a2:63:f9:
         8f:50:5e:8f:f0:32:32:e6:55:ad:51:ca:00:9a:2e:f7:b3:8b:
         47:f1:e0:65:05:eb:41:37:75:47:a2:cb:70:c8:64:e5:4d:65:
         d3:31:cb:a8:1a:95:85:49:b8:b4:9a:d2:81:9a:ea:72:b3:45:
         7a:2a:6b:01:e7:f9:1f:1f:bc:37:62:c7:97:98:51:b2:99:24:
         fa:a8:b9:ff:62:97:28:2b:de:27:aa:3f:6f:ed:37:79:08:fe:
         b7:e8:b2:79:34:5d:11:73:85:cd:ec:ff:1e:35:1c:f2:32:8b:
         be:0a:11:2c:f6:0d:1d:4e:51:8a:83:15:32:35:c3:60:a9:b0:
         28:26:dd:f4:8d:e4:6f:e8:0a:5c:de:e9:cb:84:6e:2b:aa:f8:
         4e:2a:80:30:c3:ee:c3:68:8e:21:74:c3:3e:b0:43:f6:c2:7f:
         11:ab:30:60:c1:ec:85:57:82:67:20:f8:c9:b9:29:f8:2e:fa:
         75:ce:c7:9e:a8:e1:5f:9d:65:99:f7:5f:9e:1f:75:c7:0c:5b:
         7d:1f:c9:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSj2F3TkLa/HSGbD62QjKboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjdkMjEzZmExMzcwOGUzMjAwMTg0ZmYxYmMzOTE1Nzdj
YzI1MmYwHhcNMjIxMTIzMDkzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTBlZjc5NDY2OGI4NzBiN2NkODdjOWU0NGRjM2NiZjFjYmJmYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6KGWw5WDE4IVnCTa/yCk56d94iS
Zm/RdvJ/F2Ry3hdS4bf8dkDgwdwg7U+7skRuNppMIjV8zN/aXYR1we9uO5Vs9ayf
eT0zh1jfXewn7mChlHbiFezPl7xV18+PQHeD+YhOMru+qy6BhvMbYIYAbY47GvpH
liAlvfjOUNiLsRE5CkobLUkhrQ8QeFEX6bWFRzOzGP6D1URPA06u/nPv9IW6xWpf
hY+vSidcIXujORXxkg5t1MsB2MpGZFfD7poe4mPNpJOrJxGVSUl9eAj0OLp6fbls
+jQy4hPeCL8s5jfTxYnLN0A+ggHAmV4GapANHeJSFvWRaRxiuz7UE5DOxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP4O95Rmi4cLfNh8nkTcPL8cu/xVMB8GA1UdIwQY
MBaAFJL30hP6E3COMgAYT/G8ORV3zCUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZmU0Vfb1RjSTR5QUJoUDhidzVGWGZNSlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi80ODIxMDEtYWM5NC00ZjBiLTkzMDkt
M2UxOGVlNmI0YTVhLzEvX2c3M2xHYUxod3Q4Mkh5ZVJOdzh2eHk3X0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi80ODIxMDEtYWM5NC00ZjBiLTkzMDktM2UxOGVlNmI0YTVh
LzEva3ZmU0Vfb1RjSTR5QUJoUDhidzVGWGZNSlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMMQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZIsy4cSdPU8JjKi/wqBvA4fuZCfu5iimaOSiceOT
oPFuae60nMMav23zz+J+2+mf3G/womP5j1Bej/AyMuZVrVHKAJou97OLR/HgZQXr
QTd1R6LLcMhk5U1l0zHLqBqVhUm4tJrSgZrqcrNFeiprAef5Hx+8N2LHl5hRspkk
+qi5/2KXKCveJ6o/b+03eQj+t+iyeTRdEXOFzez/HjUc8jKLvgoRLPYNHU5RioMV
MjXDYKmwKCbd9I3kb+gKXN7py4RuK6r4TiqAMMPuw2iOIXTDPrBD9sJ/EaswYMHs
hVeCZyD4ybkp+C76dc7HnqjhX51lmfdfnh91xwxbfR/Jlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:10 2024 by rpki-client on console-fra.rpki-client.org