Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa
File:                     BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa (raw, json)
Hash identifier:          QDsHoFZuSdjat+ZGUCj3pta47paGS5/lyfZ+RnTwD74=
Subject key identifier:   06:23:B7:18:B9:69:2B:61:31:D8:BC:D2:11:FE:40:85:F3:0F:6D:A9
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0182B0C858EA142B19F491D6DC8AA2761C85
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa
Signing time:             Thu 18 Aug 2022 11:48:15 +0000
ROA not before:           Thu 18 Aug 2022 11:48:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        81.161.238.0/23 maxlen: 24
                          185.207.12.0/24 maxlen: 24
                          193.168.196.0/22 maxlen: 24
                          193.37.46.0/24 maxlen: 24
                          109.206.237.0/24 maxlen: 24
                          88.218.76.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b0:c8:58:ea:14:2b:19:f4:91:d6:dc:8a:a2:76:1c:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 18 11:48:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0623b718b9692b6131d8bcd211fe4085f30f6da9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f3:16:28:46:fc:83:11:00:6b:0b:b6:1f:be:
                    2c:71:f8:71:1b:34:78:e1:c6:53:c8:34:7b:98:45:
                    c7:7c:28:ef:38:cf:32:a5:84:a8:d9:fb:77:d5:61:
                    a1:c0:26:75:8e:f5:e4:6a:6c:22:ba:69:8b:03:da:
                    4c:6f:0c:2f:d5:4e:ef:58:69:11:bd:33:4e:1d:4c:
                    26:a5:ad:2a:05:9f:9a:48:e4:39:12:b8:a6:f1:75:
                    6c:09:ec:b6:c6:ed:e3:2b:bf:62:fe:f1:7f:0c:13:
                    44:e9:e5:b9:83:ca:b8:67:6b:64:52:83:98:2c:c0:
                    79:d3:22:e4:77:b7:34:11:5d:97:8f:b4:15:8e:88:
                    e6:43:9b:fe:0a:b0:be:50:10:b1:ec:08:ac:e9:78:
                    99:b8:4c:29:e1:79:07:5e:95:37:a4:99:db:00:f7:
                    0e:68:7c:50:c1:fc:46:d4:fb:61:4b:6a:c9:aa:f0:
                    59:c1:80:34:8f:ef:fc:b4:ab:74:40:ef:56:15:4e:
                    a3:35:50:bf:64:00:49:b0:fc:c4:15:39:42:10:ce:
                    7e:b2:b2:7e:44:d4:e1:66:5b:81:2c:f9:fd:6f:98:
                    0d:50:05:8e:f7:a4:70:98:48:61:dc:5d:24:69:c8:
                    02:33:07:24:d8:78:e9:53:dd:d8:94:ca:9f:bc:86:
                    8d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:23:B7:18:B9:69:2B:61:31:D8:BC:D2:11:FE:40:85:F3:0F:6D:A9
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BiO3GLlpK2Ex2LzSEf5AhfMPbak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.238.0/23
                  88.218.76.0/22
                  109.206.237.0/24
                  185.207.12.0/24
                  193.37.46.0/24
                  193.168.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:18:33:17:db:56:34:e2:67:af:e9:5c:14:fb:a8:a5:83:14:
         98:49:3f:95:fa:0c:a2:fd:69:4b:91:28:78:97:c4:94:94:cd:
         9c:cb:a4:24:2c:3b:ba:20:70:c2:0e:68:40:ff:b6:38:1d:9c:
         2c:69:1e:1f:d1:7c:b6:66:11:9b:1e:e8:18:55:e3:de:f2:89:
         ec:46:ae:a8:e2:63:20:b2:39:eb:0e:2f:30:3e:70:ee:a5:67:
         c0:af:5b:df:7a:4c:5e:b8:79:5f:9e:7b:03:a3:50:bf:8e:d9:
         e4:fa:2f:27:a3:b3:2e:67:88:6b:5a:21:64:f4:55:21:b8:0d:
         3d:db:f5:0a:d6:7e:a4:19:ca:f3:cc:cd:ca:e6:16:4e:fe:58:
         e8:7d:2b:73:e9:dd:ce:8c:3d:1a:56:30:51:23:a7:56:93:81:
         c4:e7:e3:e4:b0:95:38:85:32:29:a6:e5:cd:d4:36:ea:d2:fa:
         6d:fc:21:5d:e4:db:24:78:12:6e:19:63:5a:82:3d:fc:38:39:
         2c:a4:b3:67:f3:70:e6:33:4e:94:f9:8e:d8:a6:ce:fd:3f:42:
         34:e7:27:6b:bf:40:d8:35:47:90:53:8e:c5:c3:02:ff:3e:1e:
         56:d1:b5:a4:d6:f4:91:27:17:3f:d2:cf:17:0c:80:bb:f5:f0:
         c2:fa:1c:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYKwyFjqFCsZ9JHW3IqidhyFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE4MTE0ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIzYjcxOGI5NjkyYjYxMzFkOGJjZDIxMWZlNDA4NWYzMGY2ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovMWKEb8gxEAawu2H74scfhxGzR4
4cZTyDR7mEXHfCjvOM8ypYSo2ft31WGhwCZ1jvXkamwiummLA9pMbwwv1U7vWGkR
vTNOHUwmpa0qBZ+aSOQ5Erim8XVsCey2xu3jK79i/vF/DBNE6eW5g8q4Z2tkUoOY
LMB50yLkd7c0EV2Xj7QVjojmQ5v+CrC+UBCx7Ais6XiZuEwp4XkHXpU3pJnbAPcO
aHxQwfxG1PthS2rJqvBZwYA0j+/8tKt0QO9WFU6jNVC/ZABJsPzEFTlCEM5+srJ+
RNThZluBLPn9b5gNUAWO96RwmEhh3F0kacgCMwck2HjpU93YlMqfvIaN9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAYjtxi5aSthMdi80hH+QIXzD22pMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmlPM0dMbHBLMkV4Mkx6U0VmNUFoZk1QYmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUaHuAwQC
WNpMAwQAbc7tAwQAuc8MAwQAwSUuAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQCc
GDMX21Y04mev6VwU+6ilgxSYST+V+gyi/WlLkSh4l8SUlM2cy6QkLDu6IHDCDmhA
/7Y4HZwsaR4f0Xy2ZhGbHugYVePe8onsRq6o4mMgsjnrDi8wPnDupWfAr1vfekxe
uHlfnnsDo1C/jtnk+i8no7MuZ4hrWiFk9FUhuA092/UK1n6kGcrzzM3K5hZO/ljo
fStz6d3OjD0aVjBRI6dWk4HE5+PksJU4hTIppuXN1Dbq0vpt/CFd5NskeBJuGWNa
gj38ODkspLNn83DmM06U+Y7Yps79P0I05ydrv0DYNUeQU47FwwL/Ph5W0bWk1vSR
Jxc/0s8XDIC79fDC+hyO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:39 2023 by rpki-client on console-fra.rpki-client.org