Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WILVf7oKOls2Q_dujl4jJGRO-uU.roa
File:                     WILVf7oKOls2Q_dujl4jJGRO-uU.roa (raw, json)
Hash identifier:          vk4skycyRsmoQZ8tMcSTi7U1sdTj5yybPpXZZ/hhOKA=
Subject key identifier:   58:82:D5:7F:BA:0A:3A:5B:36:43:F7:6E:8E:5E:23:24:64:4E:FA:E5
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       01841E12ACF7D62F6601845BF521F036C88E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WILVf7oKOls2Q_dujl4jJGRO-uU.roa
Signing time:             Fri 28 Oct 2022 10:10:51 +0000
ROA not before:           Fri 28 Oct 2022 10:10:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        45.13.190.0/24 maxlen: 24
                          194.242.97.0/24 maxlen: 24
                          5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          45.151.3.0/24 maxlen: 24
                          5.181.87.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          45.132.182.0/23 maxlen: 24
                          195.177.92.0/24 maxlen: 24
                          45.88.136.0/23 maxlen: 24
                          45.81.112.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1e:12:ac:f7:d6:2f:66:01:84:5b:f5:21:f0:36:c8:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct 28 10:10:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5882d57fba0a3a5b3643f76e8e5e2324644efae5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:04:a9:5e:28:1b:10:fb:57:67:37:89:84:4b:
                    a6:6b:cd:67:9f:29:a4:70:a4:f5:cc:70:f0:ba:c1:
                    bd:b9:e6:de:b6:b5:77:ca:fc:f3:2a:10:5f:7f:31:
                    87:86:9b:38:a1:05:52:e9:bc:94:5d:ea:aa:1d:31:
                    5e:6c:29:08:74:72:39:e1:a1:88:cd:b8:5d:84:46:
                    18:ed:3c:f2:d3:3f:26:1b:9d:d0:d3:2c:d0:b4:2a:
                    d4:d3:05:3f:78:30:91:c7:6f:64:58:93:26:1c:70:
                    9f:4b:9b:ab:18:e5:8b:6b:8d:8a:a6:a8:9d:d9:2d:
                    59:46:29:a0:dc:86:a4:8d:47:98:b5:8a:79:27:df:
                    d9:12:eb:93:3f:5d:eb:67:53:39:57:0a:1e:0f:11:
                    10:37:2c:41:ab:fe:20:b8:b2:7e:4c:90:a4:a0:92:
                    6d:f2:2d:a0:dc:65:20:0a:45:34:fb:f2:8c:e6:be:
                    dc:09:66:45:94:a7:9e:a6:75:81:26:ec:ef:eb:3f:
                    ff:be:4b:55:84:f8:a4:5c:2a:0b:eb:b7:ec:a9:a5:
                    36:3c:23:3f:7d:d8:3d:eb:9b:11:94:8d:f2:66:d5:
                    cb:70:74:13:57:3c:90:69:c9:02:53:ff:d7:a7:72:
                    4c:96:92:8c:ad:a3:68:27:d6:23:ab:89:c3:3a:c9:
                    d7:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:82:D5:7F:BA:0A:3A:5B:36:43:F7:6E:8E:5E:23:24:64:4E:FA:E5
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WILVf7oKOls2Q_dujl4jJGRO-uU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  5.181.87.0/24
                  45.13.190.0/24
                  45.81.112.0/22
                  45.88.136.0/23
                  45.132.181.0-45.132.183.255
                  45.144.212.0/24
                  45.151.3.0/24
                  194.242.97.0/24
                  195.177.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:36:93:93:36:b7:91:ec:55:15:a0:c1:2d:25:f2:17:83:52:
         5b:cc:25:78:3a:da:ef:0b:33:38:0b:53:c0:39:03:c2:2d:17:
         d6:80:b7:6f:61:ad:93:96:27:b8:f9:fb:5d:38:fb:5d:ba:1c:
         96:62:ec:c4:1c:06:f9:04:c3:88:55:e2:61:4f:48:87:1c:ad:
         ca:a3:92:1a:65:e8:d4:af:02:04:3c:a2:72:3b:46:2c:c5:05:
         04:11:5f:75:0e:99:a8:fa:1c:14:04:33:e9:fd:94:a7:fd:05:
         7b:a3:da:54:4a:3f:12:9e:bb:70:e6:e4:a4:12:92:2d:27:51:
         28:eb:0a:68:f7:45:dc:ce:32:33:5c:bf:a9:47:3c:2a:1f:34:
         9e:88:85:86:85:f5:14:6d:87:2c:a7:43:d0:8f:f2:2e:14:79:
         e8:7b:57:b8:81:40:2a:13:c5:35:6a:97:c0:bf:8a:07:5b:6e:
         1c:4c:08:73:83:8d:c7:b0:32:62:b7:eb:55:d8:1f:73:20:7d:
         71:64:dd:ad:fa:70:2a:0a:03:d2:2e:dc:19:76:28:6c:1c:22:
         7a:94:ea:19:58:c0:02:63:bf:60:e4:b7:8a:b1:a4:8c:8f:82:
         67:09:39:91:91:bd:22:59:fb:00:03:ef:61:31:d9:78:b9:e0:
         29:4c:2b:1b
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYQeEqz31i9mAYRb9SHwNsiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDI4MTAxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODgyZDU3ZmJhMGEzYTViMzY0M2Y3NmU4ZTVlMjMyNDY0NGVmYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQSpXigbEPtXZzeJhEuma81nnymk
cKT1zHDwusG9uebetrV3yvzzKhBffzGHhps4oQVS6byUXeqqHTFebCkIdHI54aGI
zbhdhEYY7Tzy0z8mG53Q0yzQtCrU0wU/eDCRx29kWJMmHHCfS5urGOWLa42Kpqid
2S1ZRimg3IakjUeYtYp5J9/ZEuuTP13rZ1M5VwoeDxEQNyxBq/4guLJ+TJCkoJJt
8i2g3GUgCkU0+/KM5r7cCWZFlKeepnWBJuzv6z//vktVhPikXCoL67fsqaU2PCM/
fdg965sRlI3yZtXLcHQTVzyQackCU//Xp3JMlpKMraNoJ9Yjq4nDOsnXpwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFiC1X+6CjpbNkP3bo5eIyRkTvrlMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvV0lMVmY3b0tPbHMyUV9kdWpsNGpKR1JPLXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBBbVUAwQA
BbVXAwQALQ2+AwQCLVFwAwQBLViIMAwDBAAthLUDBAMthLADBAAtkNQDBAAtlwMD
BADC8mEDBADDsVwwDQYJKoZIhvcNAQELBQADggEBAHo2k5M2t5HsVRWgwS0l8heD
UlvMJXg62u8LMzgLU8A5A8ItF9aAt29hrZOWJ7j5+104+126HJZi7MQcBvkEw4hV
4mFPSIccrcqjkhpl6NSvAgQ8onI7RizFBQQRX3UOmaj6HBQEM+n9lKf9BXuj2lRK
PxKeu3Dm5KQSki0nUSjrCmj3RdzOMjNcv6lHPCofNJ6IhYaF9RRthyynQ9CP8i4U
eeh7V7iBQCoTxTVql8C/igdbbhxMCHODjcewMmK361XYH3MgfXFk3a36cCoKA9Iu
3Bl2KGwcInqU6hlYwAJjv2Dkt4qxpIyPgmcJOZGRvSJZ+wAD72Ex2Xi54ClMKxs=
-----END CERTIFICATE-----