Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/BEre46q1XNeyhUtkkYQuEejLOXo.roa
File:                     BEre46q1XNeyhUtkkYQuEejLOXo.roa (raw, json)
Hash identifier:          C59XjtGeOBJhnIUU9av+pIdnm/QvzCDNM8THtMlOef0=
Subject key identifier:   04:4A:DE:E3:AA:B5:5C:D7:B2:85:4B:64:91:84:2E:11:E8:CB:39:7A
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       044858F1
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/BEre46q1XNeyhUtkkYQuEejLOXo.roa
Signing time:             Sat 01 Jan 2022 13:55:21 +0000
ROA not before:           Sat 01 Jan 2022 13:55:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397373
IP address blocks:        45.85.130.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71850225 (0x44858f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  1 13:55:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=044adee3aab55cd7b2854b6491842e11e8cb397a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f2:50:0d:97:df:6b:b9:25:3b:28:bb:8b:9a:
                    20:f8:54:86:e6:84:3c:91:09:b8:a4:f5:89:2b:a2:
                    52:14:57:85:7f:cf:02:b7:fc:59:9a:f9:fa:c9:26:
                    e1:07:01:c2:03:fc:c8:fe:67:0e:6f:f9:33:9f:00:
                    17:e1:c4:e5:56:4f:28:6e:ee:23:d1:6b:36:47:db:
                    d7:44:83:3d:10:98:b0:a5:07:2e:58:d3:11:21:86:
                    0a:b0:bc:74:79:92:78:1a:6a:96:e9:26:3a:18:16:
                    e1:eb:1e:c0:fd:60:d2:ff:49:d5:aa:e9:37:aa:b9:
                    b9:8b:38:49:30:b4:77:6c:f7:6c:e9:c2:3c:18:05:
                    72:f4:9a:9f:96:d0:cb:d1:2a:90:0f:6c:dd:1f:8d:
                    cf:20:35:23:cd:9d:ae:c9:41:52:70:5f:52:ca:37:
                    d1:68:bb:49:9b:4e:04:a3:d9:93:5e:b3:75:9b:9e:
                    58:93:7d:85:02:6c:6d:fe:2b:4d:0c:45:6e:2e:01:
                    f8:07:01:a7:e8:57:6c:1a:fc:c9:ff:0d:f4:f3:2e:
                    8d:94:73:0e:73:88:f4:09:00:23:6b:18:bd:5c:16:
                    5f:8a:94:00:7b:7b:3b:de:b2:27:15:68:dc:38:be:
                    cb:18:a0:e6:f3:07:85:1c:16:c2:a0:8b:cd:cf:6b:
                    8a:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:4A:DE:E3:AA:B5:5C:D7:B2:85:4B:64:91:84:2E:11:E8:CB:39:7A
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/BEre46q1XNeyhUtkkYQuEejLOXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:7c:11:6f:73:5c:70:35:df:b8:29:57:62:94:85:45:b4:40:
         de:53:0d:92:62:d9:76:96:22:8a:47:be:63:81:05:0b:26:fc:
         13:16:73:02:a9:54:ec:af:40:88:75:20:c5:ba:e6:d6:df:1b:
         8c:2a:bb:6e:da:7e:39:6c:52:48:e4:d8:cb:31:3b:23:9a:60:
         69:fa:84:5c:cc:99:81:06:7a:c1:43:0d:48:ae:d7:08:fb:cb:
         bd:fe:b1:fc:19:71:f6:60:57:df:4d:6a:1c:59:0f:ae:32:f8:
         34:a1:40:db:57:d7:af:18:76:13:15:3b:cf:b0:14:d1:6a:38:
         a3:f3:2d:c7:f9:45:db:0d:f1:18:67:f0:64:a5:c2:be:45:49:
         19:dd:85:e6:ad:6f:f5:37:e9:d3:8c:14:be:eb:74:4f:d4:a3:
         cb:ca:f2:94:24:2c:00:bf:35:8a:05:65:4b:70:28:17:11:c4:
         58:93:8e:66:7c:df:ce:ab:8c:29:ee:bb:56:0a:c2:3b:a9:d9:
         2a:81:08:94:0a:d9:f3:60:9a:a1:2e:f7:d4:5a:c9:48:1a:1e:
         c7:3f:b2:0b:dc:4a:b2:23:a4:3f:47:58:87:40:d9:16:ea:da:
         1e:a8:66:46:4e:4c:ba:9e:40:68:ca:d6:df:ce:c8:aa:b9:6d:
         14:d4:91:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBEhY8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTMzZWY0NjExNmZkOWQyMWJmYjUzM2U0NGJkZTUxNzg5MGMyNGRjMB4XDTIyMDEw
MTEzNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ0YWRlZTNhYWI1
NWNkN2IyODU0YjY0OTE4NDJlMTFlOGNiMzk3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLyUA2X32u5JTsou4uaIPhUhuaEPJEJuKT1iSuiUhRXhX/P
Arf8WZr5+skm4QcBwgP8yP5nDm/5M58AF+HE5VZPKG7uI9FrNkfb10SDPRCYsKUH
LljTESGGCrC8dHmSeBpqlukmOhgW4esewP1g0v9J1arpN6q5uYs4STC0d2z3bOnC
PBgFcvSan5bQy9EqkA9s3R+NzyA1I82drslBUnBfUso30Wi7SZtOBKPZk16zdZue
WJN9hQJsbf4rTQxFbi4B+AcBp+hXbBr8yf8N9PMujZRzDnOI9AkAI2sYvVwWX4qU
AHt7O96yJxVo3Di+yxig5vMHhRwWwqCLzc9rinMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQESt7jqrVc17KFS2SRhC4R6Ms5ejAfBgNVHSMEGDAWgBSFM+9GEW/Z0hv7
Uz5EveUXiQwk3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hUUHZSaEZ2MmRJYi0xTS1STDNsRjRrTUpOdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8x
L0JFcmU0NnExWE5leWhVdGtrWVF1RWVqTE9Yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
ZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8xL2hUUHZSaEZ2MmRJ
Yi0xTS1STDNsRjRrTUpOdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1VgjANBgkqhkiG9w0BAQsFAAOC
AQEAnXwRb3NccDXfuClXYpSFRbRA3lMNkmLZdpYiike+Y4EFCyb8ExZzAqlU7K9A
iHUgxbrm1t8bjCq7btp+OWxSSOTYyzE7I5pgafqEXMyZgQZ6wUMNSK7XCPvLvf6x
/Blx9mBX301qHFkPrjL4NKFA21fXrxh2ExU7z7AU0Wo4o/Mtx/lF2w3xGGfwZKXC
vkVJGd2F5q1v9Tfp04wUvut0T9Sjy8rylCQsAL81igVlS3AoFxHEWJOOZnzfzquM
Ke67VgrCO6nZKoEIlArZ82CaoS731FrJSBoexz+yC9xKsiOkP0dYh0DZFuraHqhm
Rk5Mup5AaMrW387IqrltFNSRMA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-ams.rpki-client.org