Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/oDBK6rDdsTLRto0ZqXzJir1o7oA.roa
File:                     oDBK6rDdsTLRto0ZqXzJir1o7oA.roa (raw, json)
Hash identifier:          ogOkcThZ7eqN/3cxLR8fxDjCXkkHZOVg8K7hs8W+5Jc=
Subject key identifier:   A0:30:4A:EA:B0:DD:B1:32:D1:B6:8D:19:A9:7C:C9:8A:BD:68:EE:80
Certificate issuer:       /CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Certificate serial:       01828806793FCC5A67EDE757C46C89B753AA
Authority key identifier: F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/oDBK6rDdsTLRto0ZqXzJir1o7oA.roa
Signing time:             Wed 10 Aug 2022 13:51:41 +0000
ROA not before:           Wed 10 Aug 2022 13:51:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21263
IP address blocks:        2a13:780::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:88:06:79:3f:cc:5a:67:ed:e7:57:c4:6c:89:b7:53:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
        Validity
            Not Before: Aug 10 13:51:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0304aeab0ddb132d1b68d19a97cc98abd68ee80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cb:37:54:98:9d:60:4d:5e:d3:4f:3a:00:e3:
                    ab:f8:e3:e7:73:aa:73:8b:5e:b6:52:3a:0c:d2:b0:
                    d8:01:71:fb:c8:24:77:6e:32:4c:d5:72:cd:09:e2:
                    42:86:a6:de:ea:e2:ff:b3:42:ed:39:c9:c3:28:5c:
                    cd:d9:aa:a5:78:3f:1c:d8:54:53:7b:33:70:8e:22:
                    c1:5f:aa:65:9d:ac:7c:71:5c:2f:ad:64:5d:20:15:
                    46:45:b5:8c:41:b0:b1:cd:e6:80:08:1b:2d:a1:b9:
                    6c:fe:6f:50:58:e5:71:5c:73:9d:2b:1c:49:26:6c:
                    56:fb:61:2c:de:6e:aa:68:c8:90:d0:94:0a:04:0b:
                    38:58:77:70:a5:1f:9f:61:cf:59:53:b5:32:e1:9f:
                    65:3e:0e:d3:c7:d5:45:35:d0:7b:4e:9c:61:72:17:
                    89:e8:f4:46:02:df:93:93:84:43:49:66:99:0f:49:
                    a5:26:34:b4:90:c1:bb:bd:4a:da:d2:a5:b8:2f:70:
                    d0:60:7e:7c:c9:10:2e:f0:e7:d1:27:df:dd:e3:ca:
                    68:d7:5b:3b:41:ca:fa:46:a9:d7:2b:9d:88:34:7e:
                    6e:07:0f:48:92:73:92:e7:20:44:ea:14:d8:27:77:
                    90:2d:11:dd:dd:dd:65:48:55:6d:d0:fc:bf:5a:c8:
                    3c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:30:4A:EA:B0:DD:B1:32:D1:B6:8D:19:A9:7C:C9:8A:BD:68:EE:80
            X509v3 Authority Key Identifier:
                keyid:F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/oDBK6rDdsTLRto0ZqXzJir1o7oA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:780::/29

    Signature Algorithm: sha256WithRSAEncryption
         44:66:02:c8:be:e2:12:02:e3:c5:66:88:4d:61:44:2d:38:eb:
         32:91:32:d1:90:c2:37:23:44:90:cd:55:57:96:43:b5:e9:ab:
         4a:74:14:33:d8:24:ec:cf:c5:e5:34:f4:d6:f4:1b:77:62:12:
         b9:f9:8e:41:bb:be:08:e2:4a:4c:95:b9:85:a5:c0:9a:02:41:
         8f:ea:60:2d:f7:8f:4f:2b:49:07:23:23:8a:22:f2:94:ba:6a:
         99:23:57:05:a1:b8:85:27:84:51:d6:92:43:cd:21:58:a0:4e:
         94:6d:73:72:56:70:84:89:8c:4e:d7:a3:7f:35:c5:f1:1a:cd:
         64:a0:52:cf:84:15:59:40:66:dc:e8:28:01:ad:b8:3e:29:5c:
         5d:63:79:7e:f3:05:b7:0e:8c:8f:ed:09:b6:c3:ab:a2:62:1d:
         e0:a9:94:b5:5e:fe:5b:80:ab:1f:82:fc:56:30:c3:45:7b:27:
         f3:1e:a4:d6:e9:cb:39:33:35:b6:19:d1:12:95:73:c3:51:aa:
         da:b4:d9:27:a3:6c:e0:77:d5:b9:57:e7:2e:61:c3:cd:39:df:
         3e:71:08:a0:fe:23:e2:ba:3e:47:ce:91:a5:56:8f:ca:66:57:
         3f:be:16:d1:e2:06:eb:1c:fe:d5:1b:5d:9e:3c:22:54:53:cf:
         43:0d:60:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKIBnk/zFpn7edXxGyJt1OqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDdjZWQ5YTBlZDdmOTQ0YjlmNGVmYzM4NTc3YjM4ZTZk
MWM2NzMwHhcNMjIwODEwMTM1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMwNGFlYWIwZGRiMTMyZDFiNjhkMTlhOTdjYzk4YWJkNjhlZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvss3VJidYE1e0086AOOr+OPnc6pz
i162UjoM0rDYAXH7yCR3bjJM1XLNCeJChqbe6uL/s0LtOcnDKFzN2aqleD8c2FRT
ezNwjiLBX6plnax8cVwvrWRdIBVGRbWMQbCxzeaACBstobls/m9QWOVxXHOdKxxJ
JmxW+2Es3m6qaMiQ0JQKBAs4WHdwpR+fYc9ZU7Uy4Z9lPg7Tx9VFNdB7TpxhcheJ
6PRGAt+Tk4RDSWaZD0mlJjS0kMG7vUra0qW4L3DQYH58yRAu8OfRJ9/d48po11s7
Qcr6RqnXK52INH5uBw9IknOS5yBE6hTYJ3eQLRHd3d1lSFVt0Py/Wsg8OwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKAwSuqw3bEy0baNGal8yYq9aO6AMB8GA1UdIwQY
MBaAFPNHztmg7X+US59O/DhXezjm0cZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjIt
MjMyYjRiNDY1N2U5LzEvb0RCSzZyRGRzVExSdG8wWnFYekppcjFvN29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjItMjMyYjRiNDY1N2U5
LzEvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMHgDAN
BgkqhkiG9w0BAQsFAAOCAQEARGYCyL7iEgLjxWaITWFELTjrMpEy0ZDCNyNEkM1V
V5ZDtemrSnQUM9gk7M/F5TT01vQbd2ISufmOQbu+COJKTJW5haXAmgJBj+pgLfeP
TytJByMjiiLylLpqmSNXBaG4hSeEUdaSQ80hWKBOlG1zclZwhImMTtejfzXF8RrN
ZKBSz4QVWUBm3OgoAa24PilcXWN5fvMFtw6Mj+0JtsOromId4KmUtV7+W4CrH4L8
VjDDRXsn8x6k1unLOTM1thnREpVzw1Gq2rTZJ6Ns4HfVuVfnLmHDzTnfPnEIoP4j
4ro+R86RpVaPymZXP74W0eIG6xz+1RtdnjwiVFPPQw1gDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:37 2024 by rpki-client on console-fra.rpki-client.org