Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/83_L-b2p2bAhpluPoKstxj4SXVY.roa
File:                     83_L-b2p2bAhpluPoKstxj4SXVY.roa (raw, json)
Hash identifier:          UERW+79OItDQSao3MpbkcGFkCCxkaVNRUcFIjIKmENU=
Subject key identifier:   F3:7F:CB:F9:BD:A9:D9:B0:21:A6:5B:8F:A0:AB:2D:C6:3E:12:5D:56
Certificate issuer:       /CN=af4ef4a8ed3711b6acd68c0f48f621831fd5aaae
Certificate serial:       01847A184EB5A7F1038AD6C5ADF1E758393E
Authority key identifier: AF:4E:F4:A8:ED:37:11:B6:AC:D6:8C:0F:48:F6:21:83:1F:D5:AA:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r070qO03Ebas1owPSPYhgx_Vqq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/83_L-b2p2bAhpluPoKstxj4SXVY.roa
Signing time:             Tue 15 Nov 2022 07:02:04 +0000
ROA not before:           Tue 15 Nov 2022 07:02:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207141
IP address blocks:        185.164.253.0/24 maxlen: 24
                          185.164.252.0/24 maxlen: 24
                          185.164.252.0/22 maxlen: 24
                          185.206.237.0/24 maxlen: 24
                          185.206.239.0/24 maxlen: 24
                          185.206.236.0/24 maxlen: 24
                          185.206.236.0/22 maxlen: 24
                          185.206.238.0/24 maxlen: 24
                          2a0b:1b40::/29 maxlen: 29
                          2a0b:b400::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7a:18:4e:b5:a7:f1:03:8a:d6:c5:ad:f1:e7:58:39:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af4ef4a8ed3711b6acd68c0f48f621831fd5aaae
        Validity
            Not Before: Nov 15 07:02:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f37fcbf9bda9d9b021a65b8fa0ab2dc63e125d56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:fb:d6:6f:6c:03:c5:d9:4c:ee:94:62:35:bd:
                    da:3b:c4:d9:19:11:ee:e2:d6:88:15:bd:d0:1d:ee:
                    0a:06:9c:ab:74:19:9d:61:79:e7:34:3a:bf:3e:ed:
                    13:b6:c9:d3:50:6a:2c:c6:7e:b5:98:5f:09:16:7c:
                    1a:97:42:fb:b5:65:71:ea:4d:e5:d0:98:32:46:2c:
                    d4:62:2a:59:cc:64:ca:68:e9:95:5e:d3:7d:0b:a3:
                    7d:11:b8:27:1c:fc:d1:49:c3:d0:5e:45:62:f7:61:
                    37:c8:cf:68:ad:01:89:85:d6:7a:3e:46:09:00:89:
                    f4:fe:e0:d9:6e:7f:e6:34:9d:8a:de:e3:0f:fa:e7:
                    03:06:10:8f:69:2d:18:e6:59:c4:af:73:96:7a:c5:
                    ba:a6:3a:50:7e:7c:51:a7:3c:b8:64:fc:c7:e5:18:
                    a4:ed:55:c8:a9:15:3c:88:0c:9d:9d:0d:08:80:11:
                    3f:79:00:30:f2:ee:61:2c:f4:ad:60:99:c9:2b:86:
                    eb:66:ff:a4:81:da:47:1e:a7:8c:05:d8:d1:a6:ca:
                    86:4c:07:90:88:9c:a3:d9:76:4a:b0:05:75:c2:92:
                    13:42:4b:b3:4b:11:d5:bb:fb:91:e5:49:04:ac:07:
                    55:ae:83:43:2b:d8:da:fd:19:be:b5:59:3e:bf:78:
                    2a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:7F:CB:F9:BD:A9:D9:B0:21:A6:5B:8F:A0:AB:2D:C6:3E:12:5D:56
            X509v3 Authority Key Identifier:
                keyid:AF:4E:F4:A8:ED:37:11:B6:AC:D6:8C:0F:48:F6:21:83:1F:D5:AA:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r070qO03Ebas1owPSPYhgx_Vqq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/83_L-b2p2bAhpluPoKstxj4SXVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/r070qO03Ebas1owPSPYhgx_Vqq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.164.252.0/22
                  185.206.236.0/22
                IPv6:
                  2a0b:1b40::/29
                  2a0b:b400::/29

    Signature Algorithm: sha256WithRSAEncryption
         98:e6:ab:a9:a5:2c:81:4c:30:f6:15:d3:01:4f:f9:79:34:ab:
         10:a7:3d:f4:be:8f:3d:10:9d:54:38:18:ff:db:c8:c9:c6:32:
         1a:f9:e2:cd:00:33:db:e0:99:64:36:83:3a:d7:a3:21:d9:92:
         d3:70:6f:3e:0b:8e:a8:82:3a:ff:f1:df:95:04:8d:cc:1e:2c:
         80:eb:4a:af:8b:5b:b7:c6:ab:62:0d:35:eb:02:9f:cb:9e:49:
         f3:de:d0:1d:5c:35:5e:c9:ca:76:2a:3d:c9:a0:fc:e6:2a:a9:
         7e:bf:e5:ce:96:bb:97:36:01:96:3d:a0:3a:f3:0a:8e:99:f3:
         59:4c:84:71:01:e4:c8:5a:84:5e:f9:62:41:db:74:b3:4b:c2:
         03:db:c2:78:3a:79:8b:36:b9:0d:6e:b5:b4:4b:2a:94:1f:94:
         2f:de:bd:2f:f9:95:ad:74:63:59:17:7b:ef:99:c7:ec:43:8d:
         f1:27:ae:9c:b0:aa:bd:72:0b:e2:c2:93:b5:2f:99:b8:24:9b:
         37:c3:49:3a:7b:57:7a:86:8c:b2:b0:c6:4c:79:08:64:ab:22:
         30:34:cf:4e:1b:8e:e6:fd:20:01:77:51:a2:fd:c0:f6:c7:92:
         29:b8:16:81:43:38:c5:3e:96:1e:08:e9:59:ae:67:85:a5:7f:
         71:45:93:94
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYR6GE61p/EDitbFrfHnWDk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGVmNGE4ZWQzNzExYjZhY2Q2OGMwZjQ4ZjYyMTgzMWZk
NWFhYWUwHhcNMjIxMTE1MDcwMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzdmY2JmOWJkYTlkOWIwMjFhNjViOGZhMGFiMmRjNjNlMTI1ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vvWb2wDxdlM7pRiNb3aO8TZGRHu
4taIFb3QHe4KBpyrdBmdYXnnNDq/Pu0TtsnTUGosxn61mF8JFnwal0L7tWVx6k3l
0JgyRizUYipZzGTKaOmVXtN9C6N9EbgnHPzRScPQXkVi92E3yM9orQGJhdZ6PkYJ
AIn0/uDZbn/mNJ2K3uMP+ucDBhCPaS0Y5lnEr3OWesW6pjpQfnxRpzy4ZPzH5Rik
7VXIqRU8iAydnQ0IgBE/eQAw8u5hLPStYJnJK4brZv+kgdpHHqeMBdjRpsqGTAeQ
iJyj2XZKsAV1wpITQkuzSxHVu/uR5UkErAdVroNDK9ja/Rm+tVk+v3gq/wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPN/y/m9qdmwIaZbj6CrLcY+El1WMB8GA1UdIwQY
MBaAFK9O9KjtNxG2rNaMD0j2IYMf1aquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjA3MHFPMDNFYmFzMW93UFNQWWhneF9WcXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9lOGY0YjMtMjEyMC00ZWNiLTk2MDkt
Y2I5YzU4ZjUxMGNiLzEvODNfTC1iMnAyYkFocGx1UG9Lc3R4ajRTWFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9lOGY0YjMtMjEyMC00ZWNiLTk2MDktY2I5YzU4ZjUxMGNi
LzEvcjA3MHFPMDNFYmFzMW93UFNQWWhneF9WcXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuaT8AwQC
uc7sMBQEAgACMA4DBQMqCxtAAwUDKgu0ADANBgkqhkiG9w0BAQsFAAOCAQEAmOar
qaUsgUww9hXTAU/5eTSrEKc99L6PPRCdVDgY/9vIycYyGvnizQAz2+CZZDaDOtej
IdmS03BvPguOqII6//HflQSNzB4sgOtKr4tbt8arYg016wKfy55J897QHVw1XsnK
dio9yaD85iqpfr/lzpa7lzYBlj2gOvMKjpnzWUyEcQHkyFqEXvliQdt0s0vCA9vC
eDp5iza5DW61tEsqlB+UL969L/mVrXRjWRd775nH7EON8SeunLCqvXIL4sKTtS+Z
uCSbN8NJOntXeoaMsrDGTHkIZKsiMDTPThuO5v0gAXdRov3A9seSKbgWgUM4xT6W
HgjpWa5nhaV/cUWTlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:15 2024 by rpki-client on console-ams.rpki-client.org