Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/9LK2UXO7Aw7ph7MuOjoh7XbbBtE.roa
File:                     9LK2UXO7Aw7ph7MuOjoh7XbbBtE.roa (raw, json)
Hash identifier:          UcZqkKKLSOU0CJY06Fv4NG5xw39oaDma6NkE1DUjOzo=
Subject key identifier:   F4:B2:B6:51:73:BB:03:0E:E9:87:B3:2E:3A:3A:21:ED:76:DB:06:D1
Certificate issuer:       /CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
Certificate serial:       1812A4E7
Authority key identifier: B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/9LK2UXO7Aw7ph7MuOjoh7XbbBtE.roa
Signing time:             Sat 01 Jan 2022 10:03:48 +0000
ROA not before:           Sat 01 Jan 2022 10:03:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1133
IP address blocks:        130.89.0.0/16 maxlen: 16
                          2001:67c:2564::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 403875047 (0x1812a4e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
        Validity
            Not Before: Jan  1 10:03:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4b2b65173bb030ee987b32e3a3a21ed76db06d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0b:56:71:7e:24:9f:3e:06:41:c9:72:9a:75:
                    50:07:cd:60:bc:8e:4b:17:c8:12:92:08:c5:0e:d0:
                    07:85:90:8e:f0:47:33:2c:df:a6:b0:ef:cc:24:d4:
                    ac:91:67:04:12:d2:8e:40:ae:82:ca:bc:7a:3e:f6:
                    c3:10:c2:b3:e9:d4:60:99:2c:e8:a2:ed:8e:89:a6:
                    14:d4:9b:a2:bd:c3:a7:56:5a:ce:ae:e7:64:1b:60:
                    5b:e9:1f:ec:83:f5:80:3c:ea:80:c1:fb:50:f8:6d:
                    b0:10:49:e7:a5:40:b2:e7:6d:f0:b5:a9:11:9c:95:
                    cd:c8:1b:2f:dd:32:59:32:f7:88:ed:03:44:27:29:
                    00:53:e8:ff:b2:82:04:fd:13:16:23:49:dc:43:28:
                    46:f0:21:af:d1:63:2a:89:04:8f:bc:19:fa:09:53:
                    52:e6:c7:3d:66:45:6e:5a:8f:ec:9f:7b:15:69:2f:
                    cd:88:7d:7d:13:91:0c:e7:8a:69:f2:e2:fb:6a:db:
                    80:1e:b1:2e:e2:77:7b:e7:00:23:a5:71:0e:45:8b:
                    52:4c:64:55:1e:3e:b2:2a:0c:e7:2f:fa:28:c8:ab:
                    6c:9c:49:97:2b:f9:de:56:91:96:cc:64:fc:68:69:
                    4c:a4:4c:f4:cc:bb:36:fa:eb:7a:00:b2:43:a9:e0:
                    14:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:B2:B6:51:73:BB:03:0E:E9:87:B3:2E:3A:3A:21:ED:76:DB:06:D1
            X509v3 Authority Key Identifier:
                keyid:B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/9LK2UXO7Aw7ph7MuOjoh7XbbBtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/s-98dqs-aXHY-HMC3fksxgmISeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.89.0.0/16
                IPv6:
                  2001:67c:2564::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:96:0b:d1:39:c3:02:66:d9:a0:67:d5:ac:da:31:ea:2d:e7:
         37:78:b0:bb:3b:25:12:08:85:27:d2:ce:4e:75:a3:ab:43:05:
         ab:09:6d:5f:d2:a4:3c:09:28:5d:fa:93:13:0f:11:59:0c:d6:
         31:a1:4c:0f:ae:fc:b8:21:c5:d8:d9:c7:5b:26:cc:33:b8:33:
         3e:34:4c:31:04:7d:d4:9f:b6:cc:c7:f3:00:1d:18:c1:b6:4d:
         c1:7a:47:65:ee:82:19:75:42:73:9f:97:25:7e:1a:88:55:f2:
         12:b8:53:c3:d7:7f:2c:92:e7:58:43:dd:dc:29:a7:5a:d1:0d:
         83:5d:42:f8:c6:f9:49:79:72:cd:1b:7e:0e:76:5e:a2:56:47:
         b3:9e:37:e5:7b:99:ea:a1:99:f5:a1:c3:52:e0:07:88:4a:5c:
         56:77:fc:a1:e2:24:c0:27:2c:c7:90:3d:5d:11:60:83:a1:48:
         c9:23:56:83:d1:c1:00:b9:9d:9b:53:e5:dd:a1:22:16:c0:7f:
         f8:fb:a9:9f:2f:50:87:5c:9e:05:48:47:34:dc:11:85:f0:29:
         7a:5c:af:de:83:7c:bb:9e:69:1e:60:5f:5a:0e:2c:5a:0d:4e:
         1a:50:4b:8b:fc:80:37:33:51:bb:12:2d:72:35:de:42:c1:9e:
         cc:58:3f:7b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEGBKk5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2VmN2M3NmFiM2U2OTcxZDhmODczMDJkZGY5MmNjNjA5ODg0OWVhMB4XDTIyMDEw
MTEwMDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRiMmI2NTE3M2Ji
MDMwZWU5ODdiMzJlM2EzYTIxZWQ3NmRiMDZkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcLVnF+JJ8+BkHJcpp1UAfNYLyOSxfIEpIIxQ7QB4WQjvBH
MyzfprDvzCTUrJFnBBLSjkCugsq8ej72wxDCs+nUYJks6KLtjommFNSbor3Dp1Za
zq7nZBtgW+kf7IP1gDzqgMH7UPhtsBBJ56VAsudt8LWpEZyVzcgbL90yWTL3iO0D
RCcpAFPo/7KCBP0TFiNJ3EMoRvAhr9FjKokEj7wZ+glTUubHPWZFblqP7J97FWkv
zYh9fRORDOeKafLi+2rbgB6xLuJ3e+cAI6VxDkWLUkxkVR4+sioM5y/6KMirbJxJ
lyv53laRlsxk/GhpTKRM9My7NvrregCyQ6ngFK0CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT0srZRc7sDDumHsy46OiHtdtsG0TAfBgNVHSMEGDAWgBSz73x2qz5pcdj4
cwLd+SzGCYhJ6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3MtOThkcXMtYVhIWS1ITUMzZmtzeGdtSVNlby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNzQ5ODBlLTc0ZjktNGI1ZS05Y2YyLTY5NzExZmU4M2QyMy8x
LzlMSzJVWE83QXc3cGg3TXVPam9oN1hiYkJ0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NzQ5ODBlLTc0ZjktNGI1ZS05Y2YyLTY5NzExZmU4M2QyMy8xL3MtOThkcXMtYVhI
WS1ITUMzZmtzeGdtSVNlby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wCwQCAAEwBQMDAIJZMA8EAgACMAkDBwAgAQZ8JWQw
DQYJKoZIhvcNAQELBQADggEBABKWC9E5wwJm2aBn1azaMeot5zd4sLs7JRIIhSfS
zk51o6tDBasJbV/SpDwJKF36kxMPEVkM1jGhTA+u/LghxdjZx1smzDO4Mz40TDEE
fdSftszH8wAdGMG2TcF6R2Xughl1QnOflyV+GohV8hK4U8PXfyyS51hD3dwpp1rR
DYNdQvjG+Ul5cs0bfg52XqJWR7OeN+V7meqhmfWhw1LgB4hKXFZ3/KHiJMAnLMeQ
PV0RYIOhSMkjVoPRwQC5nZtT5d2hIhbAf/j7qZ8vUIdcngVIRzTcEYXwKXpcr96D
fLueaR5gX1oOLFoNThpQS4v8gDczUbsSLXI13kLBnsxYP3s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:07 2024 by rpki-client on console-ams.rpki-client.org