Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/BvPaBdejB5oA7gQ24VpB5U1DckQ.roa
File:                     BvPaBdejB5oA7gQ24VpB5U1DckQ.roa (raw, json)
Hash identifier:          M8ekMhhuPH0X+8ZceiUTdBJ0rl3dRKgi/hDiEZJu4gY=
Subject key identifier:   06:F3:DA:05:D7:A3:07:9A:00:EE:04:36:E1:5A:41:E5:4D:43:72:44
Certificate issuer:       /CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
Certificate serial:       09C65658
Authority key identifier: 2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/BvPaBdejB5oA7gQ24VpB5U1DckQ.roa
Signing time:             Mon 09 May 2022 10:52:50 +0000
ROA not before:           Mon 09 May 2022 10:52:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41720
IP address blocks:        185.242.183.0/24 maxlen: 24
                          185.242.182.0/24 maxlen: 24
                          2a0d:b280::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 163993176 (0x9c65658)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb30fd7d6e449493ec7cb0d9f78600458be21b
        Validity
            Not Before: May  9 10:52:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06f3da05d7a3079a00ee0436e15a41e54d437244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5f:c6:9f:3d:f7:70:37:45:86:ca:2c:de:92:
                    50:0f:07:cc:87:05:cd:bb:d0:3c:d1:c9:85:ab:e9:
                    27:81:e4:08:c3:34:52:ae:a7:ee:2f:38:1a:1a:9a:
                    1c:ba:6c:54:a2:35:47:95:c3:97:13:06:fb:32:c3:
                    84:ef:3e:28:d9:6c:aa:ae:5b:21:88:86:f8:91:32:
                    4a:52:1b:0f:20:f4:cd:e8:f6:f0:d2:75:4b:7f:9c:
                    8c:05:91:b5:a2:3a:fa:5d:8d:a9:13:34:7f:4d:7f:
                    05:0c:d3:41:4a:27:8f:f6:bf:44:11:38:c4:75:3e:
                    2e:a7:4d:74:6e:59:2e:50:54:ff:91:79:a3:bb:7c:
                    0b:b8:61:e5:a8:6f:0d:94:2d:9f:a2:97:36:ca:e2:
                    7f:67:5e:74:e9:1a:39:80:0d:1a:68:e1:b2:aa:9e:
                    c5:4d:3e:90:41:34:8a:78:ef:e8:de:c7:1e:bd:36:
                    4e:9d:21:48:cb:61:4f:b5:a9:c7:2b:75:a0:2d:4e:
                    98:77:67:4c:e9:14:6c:5a:0d:24:ea:ca:59:86:60:
                    f7:08:d0:93:79:91:9d:12:b4:ec:75:ea:56:7f:2a:
                    bb:49:a6:9d:b9:05:4e:52:62:f1:11:93:96:34:99:
                    a3:b4:c2:d7:ee:65:b9:16:e9:3c:4d:30:5b:96:e2:
                    59:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F3:DA:05:D7:A3:07:9A:00:EE:04:36:E1:5A:41:E5:4D:43:72:44
            X509v3 Authority Key Identifier:
                keyid:2F:CB:30:FD:7D:6E:44:94:93:EC:7C:B0:D9:F7:86:00:45:8B:E2:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8sw_X1uRJST7Hyw2feGAEWL4hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/BvPaBdejB5oA7gQ24VpB5U1DckQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b910bf-e49b-4cdc-be79-4dd4dc3391ac/1/L8sw_X1uRJST7Hyw2feGAEWL4hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.242.182.0/23
                IPv6:
                  2a0d:b280::/29

    Signature Algorithm: sha256WithRSAEncryption
         af:33:32:21:d8:5e:2a:d2:b5:2c:0f:88:95:7e:1e:a4:9c:1f:
         ad:50:3f:49:71:06:be:a8:e0:40:84:0e:32:16:a6:d3:fb:78:
         4d:d4:b6:3f:05:b6:cb:7e:18:6b:4d:cf:f5:61:e2:79:fb:69:
         04:91:0a:fe:40:74:f6:b3:9c:09:0d:b7:d7:9a:2d:79:7d:fe:
         7e:6a:94:f0:74:8c:fc:e3:c8:a9:b6:29:20:56:9f:7e:a0:8a:
         c9:1f:2b:19:d9:b2:61:4d:ac:22:66:6e:a3:1d:e4:33:9d:95:
         be:b8:20:ad:5e:7f:cf:22:ff:eb:77:6c:0c:27:d1:e2:4f:5c:
         5c:28:38:a2:d7:8e:ac:7b:e1:87:e2:57:5a:df:78:52:cf:4d:
         3a:98:60:7b:73:b0:ce:89:78:05:47:3c:14:ed:23:91:49:df:
         eb:73:56:d0:44:ce:f3:60:bd:c0:63:64:c1:6b:ba:f0:3f:53:
         40:c4:e7:ba:7f:41:d9:92:77:ce:8a:10:e1:f1:9f:6b:2f:36:
         f8:f6:ce:f8:c9:1c:20:4b:19:06:29:dd:2b:27:94:20:66:e4:
         db:0a:f2:80:93:1a:a7:bc:b3:c6:b9:4a:5f:58:56:5d:41:58:
         46:98:8f:45:96:ce:ae:dd:cc:e7:24:08:b0:ff:82:8b:0f:d3:
         e1:fb:94:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECcZWWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZmNiMzBmZDdkNmU0NDk0OTNlYzdjYjBkOWY3ODYwMDQ1OGJlMjFiMB4XDTIyMDUw
OTEwNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZmM2RhMDVkN2Ez
MDc5YTAwZWUwNDM2ZTE1YTQxZTU0ZDQzNzI0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1fxp8993A3RYbKLN6SUA8HzIcFzbvQPNHJhavpJ4HkCMM0
Uq6n7i84GhqaHLpsVKI1R5XDlxMG+zLDhO8+KNlsqq5bIYiG+JEySlIbDyD0zej2
8NJ1S3+cjAWRtaI6+l2NqRM0f01/BQzTQUonj/a/RBE4xHU+LqdNdG5ZLlBU/5F5
o7t8C7hh5ahvDZQtn6KXNsrif2dedOkaOYANGmjhsqqexU0+kEE0injv6N7HHr02
Tp0hSMthT7Wpxyt1oC1OmHdnTOkUbFoNJOrKWYZg9wjQk3mRnRK07HXqVn8qu0mm
nbkFTlJi8RGTljSZo7TC1+5luRbpPE0wW5biWfkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQG89oF16MHmgDuBDbhWkHlTUNyRDAfBgNVHSMEGDAWgBQvyzD9fW5ElJPs
fLDZ94YARYviGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w4c3dfWDF1UkpTVDdIeXcyZmVHQUVXTDRocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjkxMGJmLWU0OWItNGNkYy1iZTc5LTRkZDRkYzMzOTFhYy8x
L0J2UGFCZGVqQjVvQTdnUTI0VnBCNVUxRGNrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YjkxMGJmLWU0OWItNGNkYy1iZTc5LTRkZDRkYzMzOTFhYy8xL0w4c3dfWDF1UkpT
VDdIeXcyZmVHQUVXTDRocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbnytjANBAIAAjAHAwUDKg2ygDAN
BgkqhkiG9w0BAQsFAAOCAQEArzMyIdheKtK1LA+IlX4epJwfrVA/SXEGvqjgQIQO
Mham0/t4TdS2PwW2y34Ya03P9WHieftpBJEK/kB09rOcCQ2315oteX3+fmqU8HSM
/OPIqbYpIFaffqCKyR8rGdmyYU2sImZuox3kM52VvrggrV5/zyL/63dsDCfR4k9c
XCg4oteOrHvhh+JXWt94Us9NOphge3Owzol4BUc8FO0jkUnf63NW0ETO82C9wGNk
wWu68D9TQMTnun9B2ZJ3zooQ4fGfay82+PbO+MkcIEsZBindKyeUIGbk2wrygJMa
p7yzxrlKX1hWXUFYRpiPRZbOrt3M5yQIsP+Ciw/T4fuUCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:07 2024 by rpki-client on console-ams.rpki-client.org