Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fAVVhLLGN8FhdyXUK3CK-KxKMOI.roa
File:                     fAVVhLLGN8FhdyXUK3CK-KxKMOI.roa (raw, json)
Hash identifier:          9CsrmL9GfFP39FRzMrfqBWhjgD/I6MNMI9ic22DraAs=
Subject key identifier:   7C:05:55:84:B2:C6:37:C1:61:77:25:D4:2B:70:8A:F8:AC:4A:30:E2
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01831EBD90438153CA8008E570E9B22AAE0B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fAVVhLLGN8FhdyXUK3CK-KxKMOI.roa
Signing time:             Thu 08 Sep 2022 20:14:43 +0000
ROA not before:           Thu 08 Sep 2022 20:14:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        185.83.200.0/22 maxlen: 24
                          45.154.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:1e:bd:90:43:81:53:ca:80:08:e5:70:e9:b2:2a:ae:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Sep  8 20:14:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c055584b2c637c1617725d42b708af8ac4a30e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d3:fa:35:54:0e:80:62:f7:02:a3:f5:62:5b:
                    71:ff:97:8d:9a:5e:37:40:0e:10:5e:a6:b1:ce:80:
                    e9:b9:69:af:66:52:b6:44:a0:70:a6:61:ff:43:a3:
                    91:58:1f:d9:83:fe:d9:79:ef:c6:e3:ab:e0:93:09:
                    78:6e:31:56:89:7d:8d:d9:15:8c:4f:50:07:38:54:
                    54:87:e2:ea:e9:68:16:4f:cb:e2:18:2d:db:3e:05:
                    ed:40:7a:19:51:c1:df:bb:e6:b5:31:2c:e9:55:4f:
                    b2:61:e9:cf:99:c7:d6:5a:c2:56:43:e7:5e:6a:3a:
                    a8:d0:e9:15:15:8a:dd:b3:07:62:38:e9:12:ff:ff:
                    99:15:c9:a6:77:39:8c:c0:66:36:da:a6:8c:f7:00:
                    0c:71:ce:a1:a9:4d:5d:e4:b1:cd:dc:08:45:e7:45:
                    3c:d3:20:0e:84:bf:9b:bf:a0:69:f8:bb:53:e5:51:
                    14:b7:c4:ee:a6:e3:c0:f2:85:9c:7e:a3:91:76:61:
                    01:c6:a3:b7:ca:90:dd:48:7b:2e:9b:1d:a5:1b:aa:
                    6e:6c:3b:59:95:dc:b9:a0:e7:e6:2e:45:7e:8f:ed:
                    b4:b0:52:4f:d2:1f:d7:f5:6b:2b:4f:e8:9d:b2:91:
                    94:54:44:08:dd:f6:86:b6:90:16:57:8f:0a:a0:47:
                    19:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:05:55:84:B2:C6:37:C1:61:77:25:D4:2B:70:8A:F8:AC:4A:30:E2
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fAVVhLLGN8FhdyXUK3CK-KxKMOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.158.0/24
                  185.83.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:ea:1d:db:af:59:c9:9e:2d:24:bb:32:1f:11:a8:dd:1f:51:
         1f:62:97:fc:26:dd:0e:32:33:e7:20:57:24:28:08:55:c3:ac:
         07:9f:46:27:11:f3:91:ed:57:50:48:13:6c:72:40:9b:6d:fe:
         cf:5f:3f:65:49:bc:aa:80:e0:83:9c:36:8b:51:83:b8:8d:f8:
         68:b7:28:94:ee:3b:cc:d5:a7:0f:fc:58:15:ad:87:07:3b:b4:
         63:e8:d2:41:35:cd:fc:6e:c1:a3:36:f8:15:72:63:c8:8b:bb:
         cc:36:11:77:9f:75:fc:d0:db:ef:82:c9:12:8f:61:c6:99:06:
         8b:ae:7c:6e:3e:f0:ac:69:40:37:39:df:53:61:77:dc:39:c3:
         a6:bf:2f:c0:e5:46:3f:4d:c0:a3:2a:a8:09:61:64:57:19:82:
         f3:30:24:0a:d0:0b:c8:82:6b:c6:90:db:53:bb:f3:de:2a:38:
         f5:10:58:6d:ef:8f:a7:10:43:9c:dc:0e:a0:ec:30:7a:b8:36:
         0f:b3:cb:19:d8:57:78:2e:58:bb:25:36:fe:d2:e1:7d:d9:55:
         f2:98:f3:1e:48:82:28:c3:7e:28:ce:2f:db:ab:e9:df:66:28:
         06:11:f7:a5:c8:0d:87:09:89:ab:c7:1a:7e:86:6a:b3:ab:e4:
         91:29:a0:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMevZBDgVPKgAjlcOmyKq4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIwOTA4MjAxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA1NTU4NGIyYzYzN2MxNjE3NzI1ZDQyYjcwOGFmOGFjNGEzMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9P6NVQOgGL3AqP1Yltx/5eNml43
QA4QXqaxzoDpuWmvZlK2RKBwpmH/Q6ORWB/Zg/7Zee/G46vgkwl4bjFWiX2N2RWM
T1AHOFRUh+Lq6WgWT8viGC3bPgXtQHoZUcHfu+a1MSzpVU+yYenPmcfWWsJWQ+de
ajqo0OkVFYrdswdiOOkS//+ZFcmmdzmMwGY22qaM9wAMcc6hqU1d5LHN3AhF50U8
0yAOhL+bv6Bp+LtT5VEUt8TupuPA8oWcfqORdmEBxqO3ypDdSHsumx2lG6pubDtZ
ldy5oOfmLkV+j+20sFJP0h/X9WsrT+idspGUVEQI3faGtpAWV48KoEcZUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHwFVYSyxjfBYXcl1CtwivisSjDiMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZkFWVmhMTEdOOEZoZHlYVUszQ0stS3hLTU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZqeAwQC
uVPIMA0GCSqGSIb3DQEBCwUAA4IBAQCS6h3br1nJni0kuzIfEajdH1EfYpf8Jt0O
MjPnIFckKAhVw6wHn0YnEfOR7VdQSBNsckCbbf7PXz9lSbyqgOCDnDaLUYO4jfho
tyiU7jvM1acP/FgVrYcHO7Rj6NJBNc38bsGjNvgVcmPIi7vMNhF3n3X80NvvgskS
j2HGmQaLrnxuPvCsaUA3Od9TYXfcOcOmvy/A5UY/TcCjKqgJYWRXGYLzMCQK0AvI
gmvGkNtTu/PeKjj1EFht74+nEEOc3A6g7DB6uDYPs8sZ2Fd4Lli7JTb+0uF92VXy
mPMeSIIow34ozi/bq+nfZigGEfelyA2HCYmrxxp+hmqzq+SRKaBy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org