Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/uk9IWfp2JlD2NAZZ-P4nWsORH_Q.roa
File:                     uk9IWfp2JlD2NAZZ-P4nWsORH_Q.roa (raw, json)
Hash identifier:          AZ/xUH5Uy3jKEApTsCc3+E5F639kICfi7+KtnUeiBDA=
Subject key identifier:   BA:4F:48:59:FA:76:26:50:F6:34:06:59:F8:FE:27:5A:C3:91:1F:F4
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       0184110FAF6453F5CECEFB31B856007E78D4
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/uk9IWfp2JlD2NAZZ-P4nWsORH_Q.roa
Signing time:             Tue 25 Oct 2022 21:32:31 +0000
ROA not before:           Tue 25 Oct 2022 21:32:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212953
IP address blocks:        185.148.240.0/24 maxlen: 24
                          185.148.242.0/24 maxlen: 24
                          45.10.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:11:0f:af:64:53:f5:ce:ce:fb:31:b8:56:00:7e:78:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Oct 25 21:32:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba4f4859fa762650f6340659f8fe275ac3911ff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:1e:6a:b9:d5:7d:8b:8b:02:8e:e2:d3:15:04:
                    03:e0:b1:ea:f7:2c:28:fc:65:f8:53:d9:4b:54:ea:
                    46:49:50:8b:60:53:bd:38:02:0b:a4:e3:77:40:4b:
                    dc:d7:d6:a6:d0:93:73:f0:a4:5b:30:af:b5:00:aa:
                    ee:07:6a:40:62:47:99:2b:28:24:ba:0d:12:9e:87:
                    b9:b6:8c:bc:11:d9:79:7e:a1:7b:12:0f:95:86:ec:
                    41:a1:9d:23:3b:8f:95:12:d4:50:64:5e:4f:96:d0:
                    0a:cf:4c:c1:f5:04:8c:81:be:d8:36:cc:72:f7:87:
                    4b:04:0d:44:be:a9:1e:79:14:53:dc:1d:5f:11:76:
                    9b:9d:8e:3d:ad:ba:5e:25:57:c8:0c:41:39:51:3a:
                    ee:10:ed:9f:d0:44:ca:87:f3:74:86:08:d8:f2:74:
                    73:0c:ae:56:dd:7e:06:e9:f8:39:70:91:4a:93:08:
                    b0:61:ce:bd:8a:d6:80:92:ae:01:94:45:45:f9:db:
                    a2:54:91:38:f5:51:34:38:42:a8:12:1a:b9:e9:68:
                    9b:de:79:13:4b:96:60:a3:0e:e1:77:0d:a9:7b:5c:
                    64:ec:9a:ae:0f:9c:4f:f7:92:1e:7d:72:d6:16:6c:
                    a6:e6:e8:3a:4b:f5:27:9c:b1:0c:44:99:18:5a:83:
                    7c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:4F:48:59:FA:76:26:50:F6:34:06:59:F8:FE:27:5A:C3:91:1F:F4
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/uk9IWfp2JlD2NAZZ-P4nWsORH_Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.151.0/24
                  185.148.240.0/24
                  185.148.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:76:2b:3d:f5:db:35:62:86:e5:99:0d:58:dd:f5:01:4c:ba:
         84:36:24:65:d9:ca:17:ca:6b:a3:08:c7:81:15:da:44:16:77:
         cd:32:12:b0:28:03:9b:91:25:76:54:fb:66:39:97:17:f9:4d:
         f3:7f:c9:0f:02:c4:ab:e6:fc:9f:e6:f4:74:da:87:3b:0a:49:
         d4:1f:e6:63:64:63:e3:39:e8:4e:b7:43:95:79:04:f3:db:07:
         c0:12:b8:93:d8:7a:e0:4d:48:61:81:c3:b3:8d:20:1b:1f:c0:
         93:0f:bc:1b:a1:26:fa:20:24:63:a4:e9:fd:92:16:51:94:54:
         f1:29:7c:c3:a1:4d:42:d4:0c:db:b4:19:f2:89:89:a5:c6:86:
         92:f1:d3:8e:2c:b9:79:09:56:2f:c6:75:19:f1:05:b7:18:43:
         76:b9:6b:72:2b:a8:6e:d8:cb:8a:d0:e0:a8:7f:2c:ec:1b:28:
         9c:cb:3a:a3:5e:ee:3d:6e:a5:2e:bf:44:d8:60:3d:19:e1:3c:
         55:0c:79:f4:52:be:90:e3:1a:f7:7e:94:ce:dc:56:f5:22:21:
         23:a4:a8:4a:89:1b:ed:9d:83:f7:a1:87:ef:c6:3f:f8:76:4a:
         35:14:47:14:a3:83:ae:96:c2:b1:dd:25:9d:5b:cf:21:e9:49:
         cd:c8:53:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQRD69kU/XOzvsxuFYAfnjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjIxMDI1MjEzMjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTRmNDg1OWZhNzYyNjUwZjYzNDA2NTlmOGZlMjc1YWMzOTExZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkh5qudV9i4sCjuLTFQQD4LHq9ywo
/GX4U9lLVOpGSVCLYFO9OAILpON3QEvc19am0JNz8KRbMK+1AKruB2pAYkeZKygk
ug0Snoe5toy8Edl5fqF7Eg+VhuxBoZ0jO4+VEtRQZF5PltAKz0zB9QSMgb7YNsxy
94dLBA1EvqkeeRRT3B1fEXabnY49rbpeJVfIDEE5UTruEO2f0ETKh/N0hgjY8nRz
DK5W3X4G6fg5cJFKkwiwYc69itaAkq4BlEVF+duiVJE49VE0OEKoEhq56Wib3nkT
S5Zgow7hdw2pe1xk7JquD5xP95IefXLWFmym5ug6S/UnnLEMRJkYWoN8SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLpPSFn6diZQ9jQGWfj+J1rDkR/0MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvdWs5SVdmcDJKbEQyTkFaWi1QNG5Xc09SSF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQqXAwQA
uZTwAwQAuZTyMA0GCSqGSIb3DQEBCwUAA4IBAQAqdis99ds1YoblmQ1Y3fUBTLqE
NiRl2coXymujCMeBFdpEFnfNMhKwKAObkSV2VPtmOZcX+U3zf8kPAsSr5vyf5vR0
2oc7CknUH+ZjZGPjOehOt0OVeQTz2wfAEriT2HrgTUhhgcOzjSAbH8CTD7wboSb6
ICRjpOn9khZRlFTxKXzDoU1C1AzbtBnyiYmlxoaS8dOOLLl5CVYvxnUZ8QW3GEN2
uWtyK6hu2MuK0OCofyzsGyicyzqjXu49bqUuv0TYYD0Z4TxVDHn0Ur6Q4xr3fpTO
3Fb1IiEjpKhKiRvtnYP3oYfvxj/4dko1FEcUo4OulsKx3SWdW88h6UnNyFM/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org