Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KWghX2gtZHdUTl4iyJa0tWGPLBc.roa
File:                     KWghX2gtZHdUTl4iyJa0tWGPLBc.roa (raw, json)
Hash identifier:          tx7wt/kM16oYHsb3Oyy/x8p/T6PCQ3LJswnF+yEwkqI=
Subject key identifier:   29:68:21:5F:68:2D:64:77:54:4E:5E:22:C8:96:B4:B5:61:8F:2C:17
Certificate issuer:       /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial:       0183EF52E99C3B1846AD1C9CB2F6E2FE2371
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KWghX2gtZHdUTl4iyJa0tWGPLBc.roa
Signing time:             Wed 19 Oct 2022 08:18:51 +0000
ROA not before:           Wed 19 Oct 2022 08:18:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64476
IP address blocks:        185.253.169.0/24 maxlen: 26
                          185.253.170.0/24 maxlen: 24
                          185.253.168.0/22 maxlen: 22
                          185.253.168.0/24 maxlen: 24
                          185.253.171.0/24 maxlen: 24
                          85.190.64.0/20 maxlen: 20
                          85.190.67.0/24 maxlen: 24
                          46.247.138.0/23 maxlen: 23
                          46.247.136.0/23 maxlen: 23
                          46.247.141.0/24 maxlen: 24
                          185.161.168.0/22 maxlen: 22
                          46.247.140.0/24 maxlen: 24
                          185.231.8.0/22 maxlen: 24
                          85.190.81.0/24 maxlen: 24
                          85.190.80.0/22 maxlen: 22
                          85.190.79.0/24 maxlen: 24
                          85.190.84.0/24 maxlen: 24
                          85.190.85.0/24 maxlen: 24
                          85.190.84.0/22 maxlen: 22
                          85.190.88.0/21 maxlen: 22
                          87.121.208.0/21 maxlen: 21
                          2a0a:e800::/32 maxlen: 32
                          2a0a:e806::/32 maxlen: 32
                          2a0a:e805:610::/44 maxlen: 44
                          2a0a:e805:210::/44 maxlen: 44
                          2a0a:e805:710::/44 maxlen: 44
                          2a0a:e804::/32 maxlen: 32
                          2a0a:e805:300::/40 maxlen: 40
                          2a0a:e805:400::/40 maxlen: 40
                          2a0a:e805:100::/40 maxlen: 40
                          2a0a:e805:500::/40 maxlen: 40
                          2a0a:e805::/32 maxlen: 32
                          2a0a:e803::/32 maxlen: 32
                          2a0a:e807::/32 maxlen: 32
                          2a0a:e801::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ef:52:e9:9c:3b:18:46:ad:1c:9c:b2:f6:e2:fe:23:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
        Validity
            Not Before: Oct 19 08:18:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2968215f682d6477544e5e22c896b4b5618f2c17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:eb:05:b2:10:51:dd:20:2b:01:3e:d1:cf:48:
                    42:52:1f:16:3b:a4:12:5b:09:14:0c:5f:aa:5b:ad:
                    bd:42:ce:c3:c9:ca:17:3c:e5:14:82:41:fa:e1:31:
                    ec:c4:2c:f0:67:cf:11:32:d5:ce:ba:94:48:72:e7:
                    a1:e6:5d:bf:ec:16:18:fe:54:94:09:c9:c3:e1:ef:
                    50:d1:49:94:5b:a6:3a:22:0d:d7:55:7b:5a:9d:a3:
                    f4:ec:8d:19:0f:88:b4:b5:65:96:bd:e7:57:f7:b7:
                    cb:93:a5:d2:ab:07:9a:e6:60:eb:29:2e:3b:0a:b8:
                    7f:bd:1a:4c:54:89:7e:65:47:87:02:ee:72:3b:f4:
                    66:e7:af:49:3c:45:26:98:6a:8e:6c:c0:73:50:0c:
                    74:2c:08:fb:20:ad:07:93:77:5c:6f:d1:74:22:ef:
                    2f:87:5a:91:6f:4d:e2:5c:3a:5d:1d:35:83:a0:75:
                    f3:e4:90:c3:4c:de:04:60:5e:f5:6d:89:b5:ac:b4:
                    03:23:43:bb:5e:6c:12:63:b9:7f:30:4e:63:c5:88:
                    68:d5:54:74:0e:39:7e:e9:32:57:a0:e5:1d:84:43:
                    b7:48:b6:2e:73:0c:8b:e9:df:60:fb:ac:5b:ec:24:
                    c7:c0:63:c4:0a:e0:de:48:f4:93:b9:73:72:f6:7c:
                    02:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:68:21:5F:68:2D:64:77:54:4E:5E:22:C8:96:B4:B5:61:8F:2C:17
            X509v3 Authority Key Identifier:
                keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KWghX2gtZHdUTl4iyJa0tWGPLBc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.247.136.0-46.247.141.255
                  85.190.64.0/19
                  87.121.208.0/21
                  185.161.168.0/22
                  185.231.8.0/22
                  185.253.168.0/22
                IPv6:
                  2a0a:e800::/31
                  2a0a:e803::-2a0a:e807:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         00:ad:88:25:5e:17:0a:3c:fa:d9:80:23:c0:9b:9c:51:44:6a:
         9e:e6:25:76:4c:3c:41:ec:b6:b6:2b:66:ba:e0:7d:ce:99:67:
         ef:43:eb:2c:a9:5a:d6:34:3a:cc:9d:4e:3f:64:94:07:ed:7f:
         dc:bf:2e:7e:1d:e4:51:3a:0d:57:a1:b7:ca:af:12:cd:55:68:
         96:16:b8:1f:8f:c8:a5:f4:cc:f9:b2:5b:87:fd:d0:2c:b0:c3:
         68:ec:8f:45:90:df:12:57:b2:47:4e:a4:05:c7:38:1e:b5:4c:
         3b:f1:a8:7d:48:cf:8d:0f:64:c2:59:f1:8b:07:7c:a9:19:be:
         5f:7c:6a:0d:0c:18:de:2c:c8:fa:1b:48:45:a5:9c:9d:1a:b5:
         eb:e7:93:e8:0f:d5:a0:ed:27:02:81:7a:01:b7:d7:7b:b0:c7:
         e3:b6:c2:4e:58:e1:0c:75:ac:a4:bb:e1:07:80:28:59:8b:2f:
         d9:35:c9:8c:db:79:c2:7a:3d:5b:04:16:d0:1c:93:c4:e4:1c:
         4c:0c:f0:49:19:57:e6:1c:1a:16:60:a8:6b:dc:81:dd:c5:0a:
         87:05:7d:c1:06:e5:a6:3c:d2:81:5c:96:27:34:a3:bd:43:38:
         66:f2:85:bc:85:2b:e8:82:ae:21:0e:aa:04:aa:aa:5d:04:90:
         0e:a0:32:25
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYPvUumcOxhGrRycsvbi/iNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMDE5MDgxODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY4MjE1ZjY4MmQ2NDc3NTQ0ZTVlMjJjODk2YjRiNTYxOGYyYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjesFshBR3SArAT7Rz0hCUh8WO6QS
WwkUDF+qW629Qs7DycoXPOUUgkH64THsxCzwZ88RMtXOupRIcueh5l2/7BYY/lSU
CcnD4e9Q0UmUW6Y6Ig3XVXtanaP07I0ZD4i0tWWWvedX97fLk6XSqwea5mDrKS47
Crh/vRpMVIl+ZUeHAu5yO/Rm569JPEUmmGqObMBzUAx0LAj7IK0Hk3dcb9F0Iu8v
h1qRb03iXDpdHTWDoHXz5JDDTN4EYF71bYm1rLQDI0O7XmwSY7l/ME5jxYho1VR0
Djl+6TJXoOUdhEO3SLYucwyL6d9g+6xb7CTHwGPECuDeSPSTuXNy9nwClQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCloIV9oLWR3VE5eIsiWtLVhjywXMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvS1dnaFgyZ3RaSGRVVGw0aXlKYTB0V0dQTEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsMAwDBAMu94gD
BAEu94wDBAVVvkADBANXedADBAK5oagDBAK55wgDBAK5/agwHQQCAAIwFwMFASoK
6AAwDgMFACoK6AMDBQMqCugAMA0GCSqGSIb3DQEBCwUAA4IBAQAArYglXhcKPPrZ
gCPAm5xRRGqe5iV2TDxB7La2K2a64H3OmWfvQ+ssqVrWNDrMnU4/ZJQH7X/cvy5+
HeRROg1XobfKrxLNVWiWFrgfj8il9Mz5sluH/dAssMNo7I9FkN8SV7JHTqQFxzge
tUw78ah9SM+ND2TCWfGLB3ypGb5ffGoNDBjeLMj6G0hFpZydGrXr55PoD9Wg7ScC
gXoBt9d7sMfjtsJOWOEMdayku+EHgChZiy/ZNcmM23nCej1bBBbQHJPE5BxMDPBJ
GVfmHBoWYKhr3IHdxQqHBX3BBuWmPNKBXJYnNKO9Qzhm8oW8hSvogq4hDqoEqqpd
BJAOoDIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org