Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa
File:                     beAo6DivU86fCyulQTNjgT32z54.roa (raw, json)
Hash identifier:          KgzDme8jjDPdoYbEMstteqFdjhZH7WM52ipeCGL6V9M=
Subject key identifier:   6D:E0:28:E8:38:AF:53:CE:9F:0B:2B:A5:41:33:63:81:3D:F6:CF:9E
Certificate issuer:       /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial:       0181DDC94297E21F6FCADE5E2E6E070B6457
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa
Signing time:             Fri 08 Jul 2022 12:29:23 +0000
ROA not before:           Fri 08 Jul 2022 12:29:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     395092
IP address blocks:        217.195.152.0/22 maxlen: 22
                          213.108.246.0/23 maxlen: 23
                          45.146.220.0/22 maxlen: 22
                          213.139.204.0/22 maxlen: 22
                          45.155.36.0/22 maxlen: 22
                          2a0d:9ec0::/48 maxlen: 48
                          2a0d:d8c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:dd:c9:42:97:e2:1f:6f:ca:de:5e:2e:6e:07:0b:64:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
        Validity
            Not Before: Jul  8 12:29:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6de028e838af53ce9f0b2ba5413363813df6cf9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:91:81:6d:5b:37:3c:a2:56:80:3e:4d:ea:fb:
                    2f:da:fb:f4:7e:58:7a:12:63:57:ab:86:9e:8c:73:
                    6f:b9:6f:d9:6c:16:f3:65:d3:f7:21:39:5e:eb:45:
                    90:ba:61:c0:6a:67:7c:2f:9d:cb:b0:9d:b7:6b:45:
                    c1:49:74:58:83:88:ea:57:d9:0c:17:62:39:ec:f9:
                    c4:20:09:6a:34:8c:cb:35:94:60:b5:a7:37:26:06:
                    44:06:9c:47:42:93:87:7d:f4:00:20:e0:ed:6c:41:
                    1b:e6:bf:46:93:49:66:76:26:0b:3e:2c:e0:e4:91:
                    65:88:91:ad:ac:7d:88:5a:0e:bf:eb:35:fd:af:8c:
                    29:a7:88:36:f9:41:7e:d1:f8:2a:4e:91:e6:b6:c4:
                    aa:68:32:a9:90:4c:39:c7:d2:2d:bd:55:f7:a3:2b:
                    66:6b:07:46:3b:69:cf:78:35:fa:85:16:54:cf:56:
                    a5:97:f4:81:75:1a:9b:23:46:14:42:43:c9:0d:29:
                    0f:ad:20:bb:85:e3:96:5c:7c:06:8c:23:5b:0c:3f:
                    9a:30:1a:82:f7:2c:87:8d:9b:40:c1:b5:07:48:84:
                    99:e7:05:bf:f9:85:9c:5f:8b:d4:9d:7a:fc:50:45:
                    cc:c7:29:30:2c:1a:9e:2b:0e:6f:e8:56:a9:8e:19:
                    3a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:E0:28:E8:38:AF:53:CE:9F:0B:2B:A5:41:33:63:81:3D:F6:CF:9E
            X509v3 Authority Key Identifier:
                keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.220.0/22
                  45.155.36.0/22
                  213.108.246.0/23
                  213.139.204.0/22
                  217.195.152.0/22
                IPv6:
                  2a0d:9ec0::/48
                  2a0d:d8c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:d6:93:82:c7:e4:8c:91:d5:e8:42:29:d3:93:00:3e:ac:b2:
         3e:4d:53:dd:49:b1:78:2b:26:be:3d:58:8c:73:35:9e:8a:23:
         f4:50:45:6f:f9:ab:77:ef:57:d3:36:df:62:35:b6:86:87:76:
         cd:93:fc:40:f2:32:ed:9d:1b:b6:a7:3c:97:dc:55:85:6a:cc:
         d9:e5:34:cf:ea:10:df:c6:7e:bc:5f:95:91:54:ac:f5:bd:1e:
         22:bd:e8:93:d6:3b:3b:fc:b3:55:bd:b4:bd:bb:ba:27:e7:6e:
         df:78:3e:8f:12:4c:6d:9b:6a:19:2e:25:f5:f7:d0:80:23:b0:
         5d:2d:f6:d2:46:23:e0:8c:f9:10:d1:d2:07:71:e9:db:6c:ee:
         33:4c:ae:09:0e:df:c0:99:83:59:24:03:f3:07:8a:be:cd:eb:
         99:09:cd:70:3b:d9:20:4b:0c:25:32:5b:39:d3:d2:18:3b:18:
         5b:35:84:fe:49:99:0e:0e:ee:7d:81:f6:70:ff:fc:8a:b9:5c:
         5c:0c:e0:ad:ef:bd:4b:42:ea:0b:1c:32:a3:0b:31:d7:8c:6e:
         75:5d:a1:f8:70:58:0d:16:a3:44:94:4b:39:9e:70:1c:41:56:
         0e:a7:46:98:d8:ac:19:36:19:17:55:17:e5:44:04:51:a4:f4:
         a1:db:06:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYHdyUKX4h9vyt5eLm4HC2RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjIwNzA4MTIyOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUwMjhlODM4YWY1M2NlOWYwYjJiYTU0MTMzNjM4MTNkZjZjZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJGBbVs3PKJWgD5N6vsv2vv0flh6
EmNXq4aejHNvuW/ZbBbzZdP3ITle60WQumHAamd8L53LsJ23a0XBSXRYg4jqV9kM
F2I57PnEIAlqNIzLNZRgtac3JgZEBpxHQpOHffQAIODtbEEb5r9Gk0lmdiYLPizg
5JFliJGtrH2IWg6/6zX9r4wpp4g2+UF+0fgqTpHmtsSqaDKpkEw5x9ItvVX3oytm
awdGO2nPeDX6hRZUz1all/SBdRqbI0YUQkPJDSkPrSC7heOWXHwGjCNbDD+aMBqC
9yyHjZtAwbUHSISZ5wW/+YWcX4vUnXr8UEXMxykwLBqeKw5v6Fapjhk65QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFG3gKOg4r1POnwsrpUEzY4E99s+eMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvYmVBbzZEaXZVODZmQ3l1bFFUTmpnVDMyejU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQCLZLcAwQC
LZskAwQB1Wz2AwQC1YvMAwQC2cOYMBgEAgACMBIDBwAqDZ7AAAADBwAqDdjAAAAw
DQYJKoZIhvcNAQELBQADggEBAFPWk4LH5IyR1ehCKdOTAD6ssj5NU91JsXgrJr49
WIxzNZ6KI/RQRW/5q3fvV9M232I1toaHds2T/EDyMu2dG7anPJfcVYVqzNnlNM/q
EN/GfrxflZFUrPW9HiK96JPWOzv8s1W9tL27uifnbt94Po8STG2bahkuJfX30IAj
sF0t9tJGI+CM+RDR0gdx6dts7jNMrgkO38CZg1kkA/MHir7N65kJzXA72SBLDCUy
WznT0hg7GFs1hP5JmQ4O7n2B9nD//Iq5XFwM4K3vvUtC6gscMqMLMdeMbnVdofhw
WA0Wo0SUSzmecBxBVg6nRpjYrBk2GRdVF+VEBFGk9KHbBtA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org