Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/BRuTlDMqfRnQCP5pAkZcktDGmM8.roa
File:                     BRuTlDMqfRnQCP5pAkZcktDGmM8.roa (raw, json)
Hash identifier:          4SAShSNJgP5evCMQs/5aPfTbQ9xUuBHU7gP01fb9ab4=
Subject key identifier:   05:1B:93:94:33:2A:7D:19:D0:08:FE:69:02:46:5C:92:D0:C6:98:CF
Certificate issuer:       /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial:       0183EF9E3C855CC199A0D73A4B54E28E5FF3
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/BRuTlDMqfRnQCP5pAkZcktDGmM8.roa
Signing time:             Wed 19 Oct 2022 09:41:08 +0000
ROA not before:           Wed 19 Oct 2022 09:41:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64476
IP address blocks:        185.253.169.0/24 maxlen: 26
                          185.253.170.0/24 maxlen: 24
                          185.253.168.0/22 maxlen: 22
                          185.253.168.0/24 maxlen: 24
                          185.253.171.0/24 maxlen: 24
                          85.190.64.0/20 maxlen: 20
                          85.190.67.0/24 maxlen: 24
                          46.247.138.0/23 maxlen: 23
                          46.247.136.0/23 maxlen: 23
                          185.161.168.0/22 maxlen: 22
                          46.247.141.0/24 maxlen: 27
                          46.247.140.0/24 maxlen: 27
                          185.231.8.0/22 maxlen: 24
                          85.190.79.0/24 maxlen: 24
                          85.190.80.0/22 maxlen: 22
                          85.190.81.0/24 maxlen: 24
                          85.190.84.0/24 maxlen: 24
                          85.190.85.0/24 maxlen: 24
                          85.190.84.0/22 maxlen: 22
                          85.190.88.0/21 maxlen: 22
                          87.121.208.0/21 maxlen: 21
                          2a0a:e800::/32 maxlen: 32
                          2a0a:e806::/32 maxlen: 32
                          2a0a:e805:710::/44 maxlen: 44
                          2a0a:e805:210::/44 maxlen: 44
                          2a0a:e805:610::/44 maxlen: 44
                          2a0a:e804::/32 maxlen: 32
                          2a0a:e805:500::/40 maxlen: 40
                          2a0a:e805:100::/40 maxlen: 40
                          2a0a:e805:400::/40 maxlen: 40
                          2a0a:e805:300::/40 maxlen: 40
                          2a0a:e805::/32 maxlen: 32
                          2a0a:e803::/32 maxlen: 32
                          2a0a:e807::/32 maxlen: 32
                          2a0a:e801::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ef:9e:3c:85:5c:c1:99:a0:d7:3a:4b:54:e2:8e:5f:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
        Validity
            Not Before: Oct 19 09:41:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=051b9394332a7d19d008fe6902465c92d0c698cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e3:8c:09:a8:89:61:d8:8e:9e:81:d8:5d:c9:
                    91:b2:59:b5:3e:f1:04:e0:91:9c:7d:3f:78:1b:4c:
                    e9:93:f1:48:5c:fc:ac:96:47:2f:b7:49:b7:28:b6:
                    31:7b:13:45:c0:a1:f0:b0:3c:24:37:dc:45:38:a1:
                    09:0b:2f:96:10:e5:34:3d:01:2d:ae:f8:e7:15:8a:
                    fb:64:c3:e3:5a:5c:4d:0d:82:19:ef:9d:29:a1:ab:
                    08:c6:a9:31:b9:0f:dc:c9:22:00:c8:50:f8:b6:9b:
                    b3:18:fa:1d:6b:40:22:4e:3e:89:fb:ce:76:df:b4:
                    80:64:83:cf:5a:d3:57:b9:e2:e6:05:fc:83:b0:19:
                    38:3d:3c:46:6b:a0:8e:35:cb:a8:d0:c4:bb:6c:a5:
                    65:0d:59:4b:0e:5f:39:34:dc:6c:e7:d0:7a:be:20:
                    d2:83:b4:58:11:c1:e2:d2:85:14:86:71:cd:51:0c:
                    ff:d0:cf:92:7c:31:90:3d:d5:ba:db:f3:b1:41:85:
                    30:78:e6:1c:be:b4:b8:63:fa:9e:ac:cf:91:a8:96:
                    82:e1:ec:24:9d:21:d7:46:5f:e3:4c:95:e6:9e:a7:
                    6a:5b:73:de:38:09:53:84:23:e4:53:52:7f:cd:50:
                    ce:b8:88:65:7e:57:dc:9e:77:9b:ff:dd:63:d8:78:
                    67:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:1B:93:94:33:2A:7D:19:D0:08:FE:69:02:46:5C:92:D0:C6:98:CF
            X509v3 Authority Key Identifier:
                keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/BRuTlDMqfRnQCP5pAkZcktDGmM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.247.136.0-46.247.141.255
                  85.190.64.0/19
                  87.121.208.0/21
                  185.161.168.0/22
                  185.231.8.0/22
                  185.253.168.0/22
                IPv6:
                  2a0a:e800::/31
                  2a0a:e803::-2a0a:e807:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         94:27:a9:b0:19:7e:3b:aa:ca:5b:25:2d:19:07:56:54:13:3c:
         fd:5d:b2:89:c7:a3:0b:10:e2:f8:13:10:6f:83:d9:fe:ad:e8:
         af:09:b7:74:14:f8:3f:3f:fd:aa:d4:be:9c:f4:56:22:d6:b2:
         53:11:a3:30:b3:46:eb:23:47:ab:9d:77:a8:88:61:14:42:3a:
         83:6a:f2:09:5a:c2:e1:a0:9d:08:d6:77:24:96:72:cb:af:5c:
         e6:68:e6:28:a1:79:71:70:10:31:80:67:a7:6f:de:f5:db:5a:
         11:97:a2:ae:c8:f9:3b:c6:61:14:1e:f1:f9:c6:b2:d4:b0:92:
         74:bb:43:1f:c6:a6:85:d3:57:96:e7:c7:30:73:a9:59:f2:bc:
         72:49:9e:41:3f:71:f9:c1:cb:88:b9:41:e5:49:15:db:a6:18:
         a4:3b:a8:05:68:de:b9:fb:ba:71:3f:82:de:35:f6:4e:57:40:
         3a:c9:28:5b:cd:f4:1a:08:15:62:ca:05:68:f8:f2:ce:20:d7:
         ee:b3:0d:76:2a:a0:2f:2c:82:fd:d1:bc:2d:e8:ba:46:df:6c:
         28:ad:a6:d8:46:a8:d6:1c:c9:b4:0e:5f:ba:78:90:22:d3:23:
         36:49:68:c4:3c:a1:fc:e4:c3:9a:cd:0a:8a:c4:a3:76:1f:06:
         ce:58:6a:a0
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYPvnjyFXMGZoNc6S1Tijl/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMDE5MDk0MTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFiOTM5NDMzMmE3ZDE5ZDAwOGZlNjkwMjQ2NWM5MmQwYzY5OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieOMCaiJYdiOnoHYXcmRslm1PvEE
4JGcfT94G0zpk/FIXPyslkcvt0m3KLYxexNFwKHwsDwkN9xFOKEJCy+WEOU0PQEt
rvjnFYr7ZMPjWlxNDYIZ750poasIxqkxuQ/cySIAyFD4tpuzGPoda0AiTj6J+852
37SAZIPPWtNXueLmBfyDsBk4PTxGa6CONcuo0MS7bKVlDVlLDl85NNxs59B6viDS
g7RYEcHi0oUUhnHNUQz/0M+SfDGQPdW62/OxQYUweOYcvrS4Y/qerM+RqJaC4ewk
nSHXRl/jTJXmnqdqW3PeOAlThCPkU1J/zVDOuIhlflfcnneb/91j2HhnrwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAUbk5QzKn0Z0Aj+aQJGXJLQxpjPMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvQlJ1VGxETXFmUm5RQ1A1cEFrWmNrdERHbU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsMAwDBAMu94gD
BAEu94wDBAVVvkADBANXedADBAK5oagDBAK55wgDBAK5/agwHQQCAAIwFwMFASoK
6AAwDgMFACoK6AMDBQMqCugAMA0GCSqGSIb3DQEBCwUAA4IBAQCUJ6mwGX47qspb
JS0ZB1ZUEzz9XbKJx6MLEOL4ExBvg9n+reivCbd0FPg/P/2q1L6c9FYi1rJTEaMw
s0brI0ernXeoiGEUQjqDavIJWsLhoJ0I1ncklnLLr1zmaOYooXlxcBAxgGenb971
21oRl6KuyPk7xmEUHvH5xrLUsJJ0u0MfxqaF01eW58cwc6lZ8rxySZ5BP3H5wcuI
uUHlSRXbphikO6gFaN65+7pxP4LeNfZOV0A6yShbzfQaCBViygVo+PLOINfusw12
KqAvLIL90bwt6LpG32worabYRqjWHMm0Dl+6eJAi0yM2SWjEPKH85MOazQqKxKN2
HwbOWGqg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org