Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/F2XrUQBqul3OC5l8PP0XVfExqM8.roa
File:                     F2XrUQBqul3OC5l8PP0XVfExqM8.roa (raw, json)
Hash identifier:          MUhMakzPqafDvwQhO4EZmnsS835ZYj3erAXaRxkn5AY=
Subject key identifier:   17:65:EB:51:00:6A:BA:5D:CE:0B:99:7C:3C:FD:17:55:F1:31:A8:CF
Certificate issuer:       /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial:       018331F5B54ACAD18A42EDB0977E725821C5
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/F2XrUQBqul3OC5l8PP0XVfExqM8.roa
Signing time:             Mon 12 Sep 2022 13:48:49 +0000
ROA not before:           Mon 12 Sep 2022 13:48:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207990
IP address blocks:        45.67.4.0/22 maxlen: 32
                          92.119.168.0/22 maxlen: 32
                          213.173.60.0/22 maxlen: 32
                          2.58.76.0/22 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:31:f5:b5:4a:ca:d1:8a:42:ed:b0:97:7e:72:58:21:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
        Validity
            Not Before: Sep 12 13:48:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1765eb51006aba5dce0b997c3cfd1755f131a8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f7:49:ff:23:17:38:e8:fb:3e:ce:86:d9:92:
                    cd:08:75:e4:e6:d9:92:7f:45:2d:82:77:1f:8f:e0:
                    5e:95:63:e8:d9:9b:4d:89:ee:36:80:ad:f9:c0:cf:
                    1e:d2:ad:62:7f:95:74:a6:c2:dc:c9:42:d5:e6:fe:
                    3a:c7:fa:ac:46:8d:87:14:f8:72:78:18:85:dd:fc:
                    09:01:20:ac:9f:64:6c:13:07:e2:b5:80:3a:bc:a4:
                    2d:76:de:88:21:de:cc:9d:62:b1:33:97:a4:a1:10:
                    c3:ce:2a:0d:d0:a2:ac:a6:67:e5:d0:5d:c6:5e:0b:
                    e5:c3:35:f2:88:61:a2:2b:5c:b4:90:58:aa:1f:53:
                    9e:65:f9:04:84:62:7b:c8:64:eb:e9:68:1e:44:98:
                    bf:59:a8:ce:a4:0e:dd:8f:6d:b5:db:b3:72:d0:15:
                    9c:f0:6f:54:24:44:18:df:d9:bd:d6:cd:79:37:a5:
                    b6:d5:10:f5:f4:be:57:db:ac:44:65:ce:aa:1a:12:
                    24:f0:61:0e:6c:a6:81:f2:58:36:01:67:7c:eb:9b:
                    3f:4f:2c:5c:0c:0a:0f:9b:06:00:32:da:82:84:13:
                    1e:7f:1a:28:41:17:f7:d9:50:f2:91:dc:54:54:75:
                    39:8e:ed:68:2d:11:c7:ce:ac:66:e5:9a:f7:3d:ce:
                    85:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:65:EB:51:00:6A:BA:5D:CE:0B:99:7C:3C:FD:17:55:F1:31:A8:CF
            X509v3 Authority Key Identifier:
                keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/F2XrUQBqul3OC5l8PP0XVfExqM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.76.0/22
                  45.67.4.0/22
                  92.119.168.0/22
                  213.173.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:d1:8d:12:f5:e0:d7:f3:d3:85:7a:d8:44:1f:5d:60:73:93:
         bd:09:95:60:12:df:0d:41:1d:fd:96:dc:23:4d:04:10:ea:b6:
         c8:be:dd:a7:e4:33:a9:5d:1d:0d:31:a7:1c:09:9d:3e:17:96:
         05:75:32:81:46:a6:7e:34:0d:a8:97:62:30:b4:50:d4:27:35:
         8a:7f:25:b5:a5:0b:4a:8c:31:b1:02:75:86:e1:30:44:8b:6c:
         99:c8:a6:c5:02:4a:79:42:8d:98:d1:bd:4b:60:a7:03:3e:8a:
         02:dc:60:e2:78:c1:4a:67:4d:78:78:44:23:86:d4:a3:8d:74:
         6b:a0:e3:ec:e9:a2:cf:45:57:d5:41:a6:e6:b1:ed:9b:0a:13:
         a8:fb:79:4a:e3:c8:32:03:9a:51:52:78:0f:af:7a:ec:42:49:
         8a:61:96:6e:3a:16:8f:be:c8:fc:a2:e0:20:43:19:93:85:06:
         f7:62:87:c2:be:a7:62:af:15:1b:93:7b:88:b5:1c:5a:d1:f9:
         7c:6d:5c:ae:ce:a6:84:12:c3:97:b7:3b:36:ac:2d:f4:b2:7b:
         6c:c5:70:38:78:bb:31:73:64:40:2c:1f:54:a8:3b:eb:63:a5:
         f7:ad:21:1c:6a:c5:57:d4:8d:1b:6e:2c:9a:4f:60:54:37:43:
         20:70:cf:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYMx9bVKytGKQu2wl35yWCHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjIwOTEyMTM0ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzY1ZWI1MTAwNmFiYTVkY2UwYjk5N2MzY2ZkMTc1NWYxMzFhOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfdJ/yMXOOj7Ps6G2ZLNCHXk5tmS
f0Utgncfj+BelWPo2ZtNie42gK35wM8e0q1if5V0psLcyULV5v46x/qsRo2HFPhy
eBiF3fwJASCsn2RsEwfitYA6vKQtdt6IId7MnWKxM5ekoRDDzioN0KKspmfl0F3G
XgvlwzXyiGGiK1y0kFiqH1OeZfkEhGJ7yGTr6WgeRJi/WajOpA7dj22127Ny0BWc
8G9UJEQY39m91s15N6W21RD19L5X26xEZc6qGhIk8GEObKaB8lg2AWd865s/Tyxc
DAoPmwYAMtqChBMefxooQRf32VDykdxUVHU5ju1oLRHHzqxm5Zr3Pc6FAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBdl61EAarpdzguZfDz9F1XxMajPMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvRjJYclVRQnF1bDNPQzVsOFBQMFhWZkV4cU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjpMAwQC
LUMEAwQCXHeoAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQAT0Y0S9eDX89OFethE
H11gc5O9CZVgEt8NQR39ltwjTQQQ6rbIvt2n5DOpXR0NMaccCZ0+F5YFdTKBRqZ+
NA2ol2IwtFDUJzWKfyW1pQtKjDGxAnWG4TBEi2yZyKbFAkp5Qo2Y0b1LYKcDPooC
3GDieMFKZ014eEQjhtSjjXRroOPs6aLPRVfVQabmse2bChOo+3lK48gyA5pRUngP
r3rsQkmKYZZuOhaPvsj8ouAgQxmThQb3YofCvqdirxUbk3uItRxa0fl8bVyuzqaE
EsOXtzs2rC30sntsxXA4eLsxc2RALB9UqDvrY6X3rSEcasVX1I0bbiyaT2BUN0Mg
cM9x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org