Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/nuFsQ6i08VVPrGTdo3gLgX_3xJM.roa
File:                     nuFsQ6i08VVPrGTdo3gLgX_3xJM.roa (raw, json)
Hash identifier:          Y0/3Z2uhRYf/1deSzYxkTD+4SdpHQWf/VE2NE3J5x3s=
Subject key identifier:   9E:E1:6C:43:A8:B4:F1:55:4F:AC:64:DD:A3:78:0B:81:7F:F7:C4:93
Certificate issuer:       /CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
Certificate serial:       0182B6CC419A7B0F6FF681B1903BAA535739
Authority key identifier: 30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/nuFsQ6i08VVPrGTdo3gLgX_3xJM.roa
Signing time:             Fri 19 Aug 2022 15:50:15 +0000
ROA not before:           Fri 19 Aug 2022 15:50:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202032
IP address blocks:        185.54.80.0/22 maxlen: 24
                          2a02:4460::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b6:cc:41:9a:7b:0f:6f:f6:81:b1:90:3b:aa:53:57:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
        Validity
            Not Before: Aug 19 15:50:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ee16c43a8b4f1554fac64dda3780b817ff7c493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:27:5d:f6:4d:0c:a3:a7:d3:97:8a:51:85:7d:
                    23:ef:ad:da:3f:43:33:15:94:0c:86:00:e5:28:53:
                    71:b5:69:75:52:db:e5:51:cd:b8:85:7e:e6:be:15:
                    b3:ec:c9:e5:e6:3d:54:f9:df:55:d8:23:ae:77:d5:
                    93:08:d5:f9:61:0d:eb:dd:55:4e:e5:88:52:ac:08:
                    ce:45:01:35:65:56:c9:a2:c9:30:f6:68:35:28:c9:
                    cc:6d:f3:59:2e:e2:82:1e:e5:bd:2c:12:6d:ad:1b:
                    2b:74:ae:e5:f0:2e:50:6d:6f:56:6f:36:fa:53:51:
                    17:4f:15:02:df:8a:6c:96:83:08:00:f4:d2:c0:43:
                    41:34:b2:6b:de:3a:04:c8:5c:df:66:a0:36:2e:9f:
                    92:78:ce:25:07:a9:2b:92:f6:0f:09:77:a4:22:e6:
                    17:13:6f:13:61:b7:16:87:d7:8a:ce:e0:af:14:ad:
                    61:c6:ba:f8:40:0d:c4:5c:e3:33:80:f7:1b:ec:f3:
                    c4:a0:72:29:e9:4d:d0:53:37:81:d4:f4:0f:bd:2d:
                    4c:2c:b4:5e:9a:df:44:d8:4a:25:38:e3:7a:89:e1:
                    3c:e7:e0:7d:25:65:71:d3:68:8b:d6:96:ae:c0:11:
                    44:ea:80:7a:e6:2e:bc:be:22:92:d5:8e:38:8d:9a:
                    09:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:E1:6C:43:A8:B4:F1:55:4F:AC:64:DD:A3:78:0B:81:7F:F7:C4:93
            X509v3 Authority Key Identifier:
                keyid:30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/nuFsQ6i08VVPrGTdo3gLgX_3xJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/MNimSQPPohc3l0nxi3_c6h2rbbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.80.0/22
                IPv6:
                  2a02:4460::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:12:79:39:cf:90:69:27:b0:cd:99:33:10:d7:29:8b:83:e1:
         78:59:e2:8e:3a:53:bb:9d:6e:9e:3f:de:e4:b4:97:70:b9:23:
         78:be:53:1c:d0:b7:72:bb:17:48:c8:dd:b4:a4:51:a1:5e:16:
         2b:bb:ce:86:ae:99:fd:ce:cf:b0:22:ab:1e:da:26:8e:4b:6c:
         b5:c4:89:3a:d4:15:bb:04:02:0d:1a:ec:45:96:08:8c:26:9e:
         46:84:60:19:57:a1:b5:bb:48:87:bb:ec:eb:a6:f6:85:bb:3a:
         81:98:62:e8:32:69:07:53:67:07:95:3e:4f:64:2c:7b:ac:6f:
         63:71:db:23:b9:0b:3c:73:82:c8:62:e2:2c:52:9a:38:bf:ba:
         67:f2:04:8b:56:df:2d:d0:0e:a0:05:15:6a:f4:f5:ae:01:ef:
         05:96:68:a1:6b:c1:c9:e9:59:97:54:7d:c5:17:1f:52:ab:ce:
         1f:97:85:4f:ef:ec:3b:8d:2f:5d:f1:69:b2:0e:2c:5a:d2:ae:
         22:eb:f7:ec:2e:83:61:4d:dd:1e:48:55:06:c1:f0:0a:dd:dc:
         c8:cd:60:3d:7f:c3:f7:f3:97:92:26:72:16:8d:09:79:a6:80:
         5f:bb:b5:bd:0a:05:b7:45:71:dc:54:a0:be:99:d9:6b:17:eb:
         b0:ae:e1:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYK2zEGaew9v9oGxkDuqU1c5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDhhNjQ5MDNjZmEyMTczNzk3NDlmMThiN2ZkY2VhMWRh
YjZkYjQwHhcNMjIwODE5MTU1MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWUxNmM0M2E4YjRmMTU1NGZhYzY0ZGRhMzc4MGI4MTdmZjdjNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkidd9k0Mo6fTl4pRhX0j763aP0Mz
FZQMhgDlKFNxtWl1UtvlUc24hX7mvhWz7Mnl5j1U+d9V2COud9WTCNX5YQ3r3VVO
5YhSrAjORQE1ZVbJoskw9mg1KMnMbfNZLuKCHuW9LBJtrRsrdK7l8C5QbW9Wbzb6
U1EXTxUC34psloMIAPTSwENBNLJr3joEyFzfZqA2Lp+SeM4lB6krkvYPCXekIuYX
E28TYbcWh9eKzuCvFK1hxrr4QA3EXOMzgPcb7PPEoHIp6U3QUzeB1PQPvS1MLLRe
mt9E2EolOON6ieE85+B9JWVx02iL1pauwBFE6oB65i68viKS1Y44jZoJ4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7hbEOotPFVT6xk3aN4C4F/98STMB8GA1UdIwQY
MBaAFDDYpkkDz6IXN5dJ8Yt/3Oodq220MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5pbVNRUFBvaGMzbDBueGkzX2M2aDJyYmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iN2EyNDktMTU1Mi00ZjEwLWIwMDgt
MWY2NmZhYWI0YWI1LzEvbnVGc1E2aTA4VlZQckdUZG8zZ0xnWF8zeEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iN2EyNDktMTU1Mi00ZjEwLWIwMDgtMWY2NmZhYWI0YWI1
LzEvTU5pbVNRUFBvaGMzbDBueGkzX2M2aDJyYmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTZQMA0E
AgACMAcDBQAqAkRgMA0GCSqGSIb3DQEBCwUAA4IBAQBZEnk5z5BpJ7DNmTMQ1ymL
g+F4WeKOOlO7nW6eP97ktJdwuSN4vlMc0LdyuxdIyN20pFGhXhYru86Grpn9zs+w
Iqse2iaOS2y1xIk61BW7BAINGuxFlgiMJp5GhGAZV6G1u0iHu+zrpvaFuzqBmGLo
MmkHU2cHlT5PZCx7rG9jcdsjuQs8c4LIYuIsUpo4v7pn8gSLVt8t0A6gBRVq9PWu
Ae8Flmiha8HJ6VmXVH3FFx9Sq84fl4VP7+w7jS9d8WmyDixa0q4i6/fsLoNhTd0e
SFUGwfAK3dzIzWA9f8P385eSJnIWjQl5poBfu7W9CgW3RXHcVKC+mdlrF+uwruGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:08 2024 by rpki-client on console-ams.rpki-client.org