Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/tJbxwSmRbBUMm_KedpWNlVxNk1c.roa
File:                     tJbxwSmRbBUMm_KedpWNlVxNk1c.roa (raw, json)
Hash identifier:          aIjCb+9WwjZVrDMYkdbYzp5ytWFEyKLC71ipg9nb5+I=
Subject key identifier:   B4:96:F1:C1:29:91:6C:15:0C:9B:F2:9E:76:95:8D:95:5C:4D:93:57
Certificate issuer:       /CN=e7507db088a7c81a0dbec8f1addb52f95bd10143
Certificate serial:       0797D2F4
Authority key identifier: E7:50:7D:B0:88:A7:C8:1A:0D:BE:C8:F1:AD:DB:52:F9:5B:D1:01:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51B9sIinyBoNvsjxrdtS-VvRAUM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/tJbxwSmRbBUMm_KedpWNlVxNk1c.roa
Signing time:             Sat 01 Jan 2022 14:05:21 +0000
ROA not before:           Sat 01 Jan 2022 14:05:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50673
IP address blocks:        45.141.28.0/22 maxlen: 22
                          91.199.167.0/24 maxlen: 24
                          2a0e:c9c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127390452 (0x797d2f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7507db088a7c81a0dbec8f1addb52f95bd10143
        Validity
            Not Before: Jan  1 14:05:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b496f1c129916c150c9bf29e76958d955c4d9357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:46:38:7a:05:6f:6e:e4:22:ae:5f:27:5f:da:
                    7b:2a:12:0d:cf:9a:37:f9:ae:01:72:1f:c3:96:0b:
                    93:4f:ab:42:91:34:ea:a2:0e:36:6e:c5:c1:f8:ad:
                    51:ec:aa:f0:32:ec:92:7a:cc:2d:07:d9:71:5f:e5:
                    e5:2f:5b:0f:bd:34:a8:9a:f7:e1:5d:f1:e2:00:cb:
                    44:fd:d4:5f:69:c3:84:03:80:b6:f9:65:6d:82:65:
                    32:07:fb:16:24:c7:d8:a9:cf:b7:ca:da:ec:d3:57:
                    5b:57:3c:84:0f:a1:b1:0f:41:b4:9f:60:8c:21:63:
                    d2:04:8c:6c:45:31:e1:4f:92:99:da:a9:d5:26:f9:
                    89:16:cf:f6:db:44:de:96:84:f6:cc:4a:d5:61:14:
                    a5:d7:1e:5f:37:52:ae:cd:d3:82:35:8c:8f:e1:21:
                    db:3f:a8:97:79:9f:a8:aa:e4:fa:2b:73:3c:86:d7:
                    11:ce:31:49:76:88:9b:99:5b:fc:1a:99:e5:06:f1:
                    91:eb:1d:6d:45:17:3b:fe:3e:38:d2:d6:fd:a2:1b:
                    b9:35:47:c0:43:2c:84:8e:aa:eb:d7:ac:b6:a1:f3:
                    a8:a7:8e:8c:f9:21:a9:fa:34:69:72:bd:28:a8:6d:
                    42:a4:a9:2b:27:c9:a4:fd:1a:9e:f0:52:38:f9:6f:
                    a4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:96:F1:C1:29:91:6C:15:0C:9B:F2:9E:76:95:8D:95:5C:4D:93:57
            X509v3 Authority Key Identifier:
                keyid:E7:50:7D:B0:88:A7:C8:1A:0D:BE:C8:F1:AD:DB:52:F9:5B:D1:01:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51B9sIinyBoNvsjxrdtS-VvRAUM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/tJbxwSmRbBUMm_KedpWNlVxNk1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f413c2-c2ec-41f1-9d85-5d8634ab7d91/1/51B9sIinyBoNvsjxrdtS-VvRAUM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.28.0/22
                  91.199.167.0/24
                IPv6:
                  2a0e:c9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         51:0f:3b:d8:de:c0:b9:90:a8:9c:8f:49:d3:d3:9f:53:f9:67:
         8b:79:c4:98:81:1a:d5:ee:51:9d:93:db:ce:01:fa:d8:3c:bd:
         7d:ee:21:c8:37:0c:f2:5a:b3:69:f1:fa:9e:9e:13:74:01:86:
         08:82:e6:ca:13:65:9a:51:e6:dc:17:3d:71:1f:8b:74:6e:ab:
         62:7d:d0:ab:65:f3:a1:54:c4:51:fe:16:3a:bf:dd:e4:7a:87:
         3e:df:a9:6a:c7:28:28:44:cf:48:cf:f9:05:f2:a0:17:d0:76:
         cc:86:62:cd:16:ef:a2:3d:34:22:c2:0f:4e:95:c2:15:99:51:
         31:55:e3:88:24:94:9f:16:3e:85:75:c4:d8:6a:30:06:ad:05:
         98:58:51:b9:e6:89:78:e3:00:07:44:69:b6:fa:a0:22:b5:54:
         f5:99:51:de:83:12:12:fe:b7:ec:32:bf:d4:a7:13:32:b6:7e:
         27:55:28:76:6a:42:36:db:99:34:d6:6d:d8:a2:f3:8f:e2:6b:
         fe:f8:e7:3f:af:a8:70:a9:aa:3d:1b:7b:54:59:8a:22:3f:59:
         fd:5e:51:dc:70:87:ed:3c:ad:49:fe:f0:fb:59:66:a7:b6:d1:
         e0:9b:87:30:ed:00:77:18:c9:7a:b2:0c:54:9c:0d:19:80:90:
         84:59:d9:18
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB5fS9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzUwN2RiMDg4YTdjODFhMGRiZWM4ZjFhZGRiNTJmOTViZDEwMTQzMB4XDTIyMDEw
MTE0MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ5NmYxYzEyOTkx
NmMxNTBjOWJmMjllNzY5NThkOTU1YzRkOTM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRGOHoFb27kIq5fJ1/aeyoSDc+aN/muAXIfw5YLk0+rQpE0
6qIONm7FwfitUeyq8DLsknrMLQfZcV/l5S9bD700qJr34V3x4gDLRP3UX2nDhAOA
tvllbYJlMgf7FiTH2KnPt8ra7NNXW1c8hA+hsQ9BtJ9gjCFj0gSMbEUx4U+Smdqp
1Sb5iRbP9ttE3paE9sxK1WEUpdceXzdSrs3TgjWMj+Eh2z+ol3mfqKrk+itzPIbX
Ec4xSXaIm5lb/BqZ5QbxkesdbUUXO/4+ONLW/aIbuTVHwEMshI6q69estqHzqKeO
jPkhqfo0aXK9KKhtQqSpKyfJpP0anvBSOPlvpP0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS0lvHBKZFsFQyb8p52lY2VXE2TVzAfBgNVHSMEGDAWgBTnUH2wiKfIGg2+
yPGt21L5W9EBQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxQjlzSWlueUJvTnZzanhyZHRTLVZ2UkFVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZjQxM2MyLWMyZWMtNDFmMS05ZDg1LTVkODYzNGFiN2Q5MS8x
L3RKYnh3U21SYkJVTW1fS2VkcFdObFZ4TmsxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZjQxM2MyLWMyZWMtNDFmMS05ZDg1LTVkODYzNGFiN2Q5MS8xLzUxQjlzSWlueUJv
TnZzanhyZHRTLVZ2UkFVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2NHAMEAFvHpzANBAIAAjAHAwUD
Kg7JwDANBgkqhkiG9w0BAQsFAAOCAQEAUQ872N7AuZConI9J09OfU/lni3nEmIEa
1e5RnZPbzgH62Dy9fe4hyDcM8lqzafH6np4TdAGGCILmyhNlmlHm3Bc9cR+LdG6r
Yn3Qq2XzoVTEUf4WOr/d5HqHPt+pascoKETPSM/5BfKgF9B2zIZizRbvoj00IsIP
TpXCFZlRMVXjiCSUnxY+hXXE2GowBq0FmFhRueaJeOMAB0RptvqgIrVU9ZlR3oMS
Ev637DK/1KcTMrZ+J1UodmpCNtuZNNZt2KLzj+Jr/vjnP6+ocKmqPRt7VFmKIj9Z
/V5R3HCH7TytSf7w+1lmp7bR4JuHMO0AdxjJerIMVJwNGYCQhFnZGA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:59 2023 by rpki-client on console-fra.rpki-client.org