Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/svYWRGZ2xg8gw-GTsLm8l_3mrd8.roa
File:                     svYWRGZ2xg8gw-GTsLm8l_3mrd8.roa (raw, json)
Hash identifier:          UtbbjeCt3RAytwLpK45Th2hZ98Ao0mrTP6HRm3dDW/A=
Subject key identifier:   B2:F6:16:44:66:76:C6:0F:20:C3:E1:93:B0:B9:BC:97:FD:E6:AD:DF
Certificate issuer:       /CN=5be979fb8e477304bb591d6b68eea73da94a815b
Certificate serial:       0184B8D92AC65318DE9D26028056096556C7
Authority key identifier: 5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/svYWRGZ2xg8gw-GTsLm8l_3mrd8.roa
Signing time:             Sun 27 Nov 2022 11:29:10 +0000
ROA not before:           Sun 27 Nov 2022 11:29:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201290
IP address blocks:        46.231.16.0/23 maxlen: 23
                          46.231.18.0/23 maxlen: 23
                          46.231.22.0/23 maxlen: 23
                          46.231.20.0/23 maxlen: 23
                          192.145.56.0/22 maxlen: 22
                          46.231.244.0/22 maxlen: 22
                          45.128.0.0/22 maxlen: 22
                          185.229.54.0/23 maxlen: 23
                          185.229.52.0/23 maxlen: 23
                          185.94.246.0/23 maxlen: 23
                          185.94.244.0/23 maxlen: 23
                          185.146.104.0/22 maxlen: 22
                          45.153.252.0/22 maxlen: 22
                          185.41.36.0/23 maxlen: 23
                          185.41.38.0/23 maxlen: 23
                          194.39.40.0/22 maxlen: 22
                          185.214.112.0/23 maxlen: 23
                          185.214.114.0/23 maxlen: 23
                          212.115.36.0/22 maxlen: 22
                          2a05:3600::/29 maxlen: 29
                          2a0d:6e00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:b8:d9:2a:c6:53:18:de:9d:26:02:80:56:09:65:56:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5be979fb8e477304bb591d6b68eea73da94a815b
        Validity
            Not Before: Nov 27 11:29:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2f616446676c60f20c3e193b0b9bc97fde6addf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cb:9a:bd:0c:af:c8:57:0e:dc:88:16:28:ac:
                    73:36:d7:9b:52:40:b8:c7:7a:ef:9a:79:c5:db:5f:
                    c2:ee:90:89:04:90:61:f2:e8:a3:b1:d6:e3:50:e2:
                    76:37:76:9c:cd:5c:aa:32:81:81:ef:a3:66:9c:52:
                    f0:1e:6d:26:8d:1f:8d:16:04:a9:fe:de:eb:40:a9:
                    e5:a0:6c:c4:cc:8c:a0:ec:f3:7a:32:a9:d1:28:f0:
                    b3:05:1b:bd:9e:fc:3e:f4:e4:fc:bc:07:68:f7:67:
                    75:80:91:ea:a5:81:7b:73:1c:64:37:65:49:41:91:
                    af:df:4f:af:00:0c:39:40:c3:54:a5:70:df:79:a3:
                    d2:16:55:b5:75:61:89:79:45:a3:97:e7:45:ad:06:
                    12:65:af:2f:da:7c:aa:a4:1d:18:ee:53:be:5f:27:
                    4f:64:40:c3:7e:7a:6d:36:ad:79:02:02:87:7e:58:
                    54:c0:a9:15:c1:fb:77:e6:d8:1f:2a:b7:81:71:1e:
                    c1:99:16:57:7b:9d:92:91:f5:8f:8f:f2:d9:06:13:
                    c8:0e:4c:cf:b3:d8:84:b1:e1:a0:fe:cd:ae:8e:3a:
                    87:f7:46:be:f7:41:7d:a7:bd:6a:80:f4:e7:af:f7:
                    ae:b0:23:e4:4a:aa:8c:f1:12:ce:dd:05:9a:5a:05:
                    b4:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F6:16:44:66:76:C6:0F:20:C3:E1:93:B0:B9:BC:97:FD:E6:AD:DF
            X509v3 Authority Key Identifier:
                keyid:5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/svYWRGZ2xg8gw-GTsLm8l_3mrd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/W-l5-45HcwS7WR1raO6nPalKgVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.0.0/22
                  45.153.252.0/22
                  46.231.16.0/21
                  46.231.244.0/22
                  185.41.36.0/22
                  185.94.244.0/22
                  185.146.104.0/22
                  185.214.112.0/22
                  185.229.52.0/22
                  192.145.56.0/22
                  194.39.40.0/22
                  212.115.36.0/22
                IPv6:
                  2a05:3600::/29
                  2a0d:6e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:fb:c8:1d:67:dd:37:fa:c7:69:c9:68:4c:fe:8c:3a:ee:d5:
         18:06:63:37:75:7e:1d:e7:1e:45:51:89:6f:d2:68:0c:78:9e:
         cb:86:e9:17:dc:7b:58:40:ec:20:88:1a:9f:93:a0:5b:90:bb:
         18:13:93:77:00:cc:0e:4f:83:4c:89:fb:63:ac:68:57:99:e5:
         c5:a3:64:11:5d:5a:a2:9d:07:e6:28:ac:9a:92:36:7b:dd:9f:
         00:72:0e:7e:a3:57:a4:49:4a:2a:d1:57:87:87:31:17:44:d2:
         3c:6f:15:75:37:1f:68:59:04:ed:86:4f:7d:d6:ec:d7:ff:b6:
         4b:0b:34:10:dd:2c:39:36:7d:96:f1:17:d8:2e:69:76:e9:9c:
         49:b6:00:cb:fe:c9:e6:7c:06:1a:36:9d:14:bb:60:ae:bf:0e:
         e6:82:85:f5:49:24:ca:29:67:96:f6:68:ca:9c:44:63:ee:ff:
         91:31:4f:51:84:bc:ff:2f:4c:5c:ce:22:93:c5:57:de:c0:5f:
         57:ea:2f:b1:a2:34:68:c5:47:6d:0b:d9:49:4f:65:65:55:0d:
         03:88:2f:09:8b:89:91:3a:c1:1a:fb:a5:c4:51:24:c3:c2:c9:
         62:60:2c:21:46:fe:06:af:57:d6:11:e8:b6:0d:6d:bb:14:47:
         a2:fc:e5:7e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYS42SrGUxjenSYCgFYJZVbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZTk3OWZiOGU0NzczMDRiYjU5MWQ2YjY4ZWVhNzNkYTk0
YTgxNWIwHhcNMjIxMTI3MTEyOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmY2MTY0NDY2NzZjNjBmMjBjM2UxOTNiMGI5YmM5N2ZkZTZhZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMuavQyvyFcO3IgWKKxzNtebUkC4
x3rvmnnF21/C7pCJBJBh8uijsdbjUOJ2N3aczVyqMoGB76NmnFLwHm0mjR+NFgSp
/t7rQKnloGzEzIyg7PN6MqnRKPCzBRu9nvw+9OT8vAdo92d1gJHqpYF7cxxkN2VJ
QZGv30+vAAw5QMNUpXDfeaPSFlW1dWGJeUWjl+dFrQYSZa8v2nyqpB0Y7lO+XydP
ZEDDfnptNq15AgKHflhUwKkVwft35tgfKreBcR7BmRZXe52SkfWPj/LZBhPIDkzP
s9iEseGg/s2ujjqH90a+90F9p71qgPTnr/eusCPkSqqM8RLO3QWaWgW0pQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLL2FkRmdsYPIMPhk7C5vJf95q3fMB8GA1UdIwQY
MBaAFFvpefuOR3MEu1kda2jupz2pSoFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMt
MTYwNWIxYmQyOThlLzEvc3ZZV1JHWjJ4Zzhndy1HVHNMbThsXzNtcmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMtMTYwNWIxYmQyOThl
LzEvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLYAAAwQC
LZn8AwQDLucQAwQCLuf0AwQCuSkkAwQCuV70AwQCuZJoAwQCudZwAwQCueU0AwQC
wJE4AwQCwicoAwQC1HMkMBQEAgACMA4DBQMqBTYAAwUDKg1uADANBgkqhkiG9w0B
AQsFAAOCAQEAg/vIHWfdN/rHacloTP6MOu7VGAZjN3V+HeceRVGJb9JoDHiey4bp
F9x7WEDsIIgan5OgW5C7GBOTdwDMDk+DTIn7Y6xoV5nlxaNkEV1aop0H5iismpI2
e92fAHIOfqNXpElKKtFXh4cxF0TSPG8VdTcfaFkE7YZPfdbs1/+2Sws0EN0sOTZ9
lvEX2C5pdumcSbYAy/7J5nwGGjadFLtgrr8O5oKF9UkkyilnlvZoypxEY+7/kTFP
UYS8/y9MXM4ik8VX3sBfV+ovsaI0aMVHbQvZSU9lZVUNA4gvCYuJkTrBGvulxFEk
w8LJYmAsIUb+Bq9X1hHotg1tuxRHovzlfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:23 2024 by rpki-client on console-ams.rpki-client.org