Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa
File:                     SoBMCHWzvOYIt5pPSRHei8iUH0c.roa (raw, json)
Hash identifier:          8f8OuBlT2217e6SXtbKiyYJbo1DxXBk9vYeamJfeAAo=
Subject key identifier:   4A:80:4C:08:75:B3:BC:E6:08:B7:9A:4F:49:11:DE:8B:C8:94:1F:47
Certificate issuer:       /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial:       018529D6E0DEDD1A7944A5D349833BE83DD7
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa
Signing time:             Mon 19 Dec 2022 10:03:46 +0000
ROA not before:           Mon 19 Dec 2022 10:03:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64476
IP address blocks:        185.231.8.0/22 maxlen: 22
                          85.190.84.0/24 maxlen: 24
                          85.190.85.0/24 maxlen: 24
                          85.190.88.0/22 maxlen: 22
                          185.253.171.0/24 maxlen: 24
                          185.253.169.0/24 maxlen: 24
                          185.253.170.0/24 maxlen: 24
                          185.253.168.0/24 maxlen: 24
                          46.247.138.0/23 maxlen: 23
                          46.247.136.0/23 maxlen: 23
                          85.190.67.0/24 maxlen: 24
                          46.247.141.0/24 maxlen: 24
                          185.161.168.0/22 maxlen: 22
                          46.247.140.0/24 maxlen: 24
                          87.121.208.0/21 maxlen: 21
                          2a0a:e805:500::/40 maxlen: 40
                          2a0a:e805:210::/44 maxlen: 44
                          2a0a:e805:610::/44 maxlen: 44
                          2a0a:e805:710::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:29:d6:e0:de:dd:1a:79:44:a5:d3:49:83:3b:e8:3d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
        Validity
            Not Before: Dec 19 10:03:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a804c0875b3bce608b79a4f4911de8bc8941f47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f5:79:be:66:11:2c:c3:88:98:b9:e6:76:7b:
                    d1:8b:07:c0:7a:b2:8d:93:f0:3c:04:54:55:d6:cb:
                    76:45:ee:9b:4a:56:b4:d3:74:42:d5:0a:fc:4e:85:
                    6e:53:52:d1:bf:77:81:b9:2b:da:67:4a:86:11:56:
                    40:5f:a6:44:8f:f5:0c:e0:bf:4c:42:1b:6e:a2:b9:
                    0a:b0:b4:c8:ac:1b:8d:a1:a2:77:53:3a:66:31:e3:
                    49:21:3e:2d:28:fc:27:61:9a:58:26:6d:23:d3:f5:
                    0d:d5:4b:70:ba:c0:58:32:97:e1:ef:13:aa:b5:97:
                    1e:b4:a2:73:08:b9:bf:d3:5e:05:c5:ba:4f:8d:c7:
                    47:72:23:b6:55:fc:21:81:7e:ee:42:ce:8f:4a:fe:
                    c7:d2:95:c5:5a:37:0d:ad:b1:ec:99:19:66:62:5f:
                    db:2f:1e:1c:ff:69:f4:70:5d:c1:27:e3:20:20:00:
                    a3:c2:04:cd:d6:d3:70:d5:0d:6a:08:2a:fc:ad:d7:
                    a1:ce:72:b7:b1:30:08:62:78:41:9d:1a:68:9b:6a:
                    9d:a2:44:dd:d7:5e:a8:ee:65:0e:43:e4:6c:ba:5a:
                    58:16:b7:50:a8:11:65:76:ac:17:f4:f2:8b:da:16:
                    4d:fb:8a:0b:75:fe:74:44:13:97:b3:55:94:f2:e9:
                    50:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:80:4C:08:75:B3:BC:E6:08:B7:9A:4F:49:11:DE:8B:C8:94:1F:47
            X509v3 Authority Key Identifier:
                keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.247.136.0-46.247.141.255
                  85.190.67.0/24
                  85.190.84.0/23
                  85.190.88.0/22
                  87.121.208.0/21
                  185.161.168.0/22
                  185.231.8.0/22
                  185.253.168.0/22
                IPv6:
                  2a0a:e805:210::/44
                  2a0a:e805:500::/40
                  2a0a:e805:610::/44
                  2a0a:e805:710::/44

    Signature Algorithm: sha256WithRSAEncryption
         0b:60:ca:5b:0a:39:71:64:91:af:a9:7c:4a:13:77:85:81:b8:
         92:40:e2:0a:2c:a3:bf:b1:57:9a:2a:8c:61:7f:1d:26:ce:4d:
         66:b5:2a:32:29:1b:d4:93:83:bd:6c:e0:23:ba:03:fd:75:b0:
         31:b8:9b:2c:27:f1:8b:90:88:8b:6d:8e:f3:ed:4d:96:66:b3:
         04:bf:e4:33:d3:b7:3a:06:4e:d8:ee:8d:3a:06:8c:cf:7b:64:
         cf:7b:a5:53:4d:62:6e:3f:be:c5:bf:b5:31:ff:a8:84:60:1f:
         fe:2b:60:6f:4c:ae:7d:6c:b8:8a:e0:f0:b3:e5:7e:54:ce:c8:
         8f:30:37:a9:55:14:5f:c2:d4:12:34:90:ba:6c:19:0e:cd:69:
         92:fb:59:66:5e:3b:79:d7:26:a4:ed:d2:57:9a:f0:bb:86:57:
         6e:aa:db:94:cc:1b:bf:c7:17:f6:6e:21:ef:fa:25:a0:72:cf:
         39:5b:e7:31:72:75:da:8d:85:8b:25:24:e6:1f:8e:63:fe:42:
         c3:ed:3f:9f:1f:9c:f6:3b:d6:21:48:d0:70:dc:a0:67:5b:bf:
         4c:ab:a8:a4:88:2e:17:26:16:9f:28:b9:30:50:e0:6b:98:42:
         89:fa:e3:64:66:6f:9b:dc:fe:28:d6:f5:46:93:74:3d:72:8d:
         7b:b3:93:f8
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYUp1uDe3Rp5RKXTSYM76D3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMjE5MTAwMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgwNGMwODc1YjNiY2U2MDhiNzlhNGY0OTExZGU4YmM4OTQxZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvV5vmYRLMOImLnmdnvRiwfAerKN
k/A8BFRV1st2Re6bSla003RC1Qr8ToVuU1LRv3eBuSvaZ0qGEVZAX6ZEj/UM4L9M
QhtuorkKsLTIrBuNoaJ3UzpmMeNJIT4tKPwnYZpYJm0j0/UN1UtwusBYMpfh7xOq
tZcetKJzCLm/014FxbpPjcdHciO2VfwhgX7uQs6PSv7H0pXFWjcNrbHsmRlmYl/b
Lx4c/2n0cF3BJ+MgIACjwgTN1tNw1Q1qCCr8rdehznK3sTAIYnhBnRpom2qdokTd
116o7mUOQ+RsulpYFrdQqBFldqwX9PKL2hZN+4oLdf50RBOXs1WU8ulQFwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFEqATAh1s7zmCLeaT0kR3ovIlB9HMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvU29CTUNIV3p2T1lJdDVwUFNSSGVpOGlVSDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazA+BAIAATA4MAwDBAMu94gD
BAEu94wDBABVvkMDBAFVvlQDBAJVvlgDBANXedADBAK5oagDBAK55wgDBAK5/agw
KQQCAAIwIwMHBCoK6AUCEAMGACoK6AUFAwcEKgroBQYQAwcEKgroBQcQMA0GCSqG
SIb3DQEBCwUAA4IBAQALYMpbCjlxZJGvqXxKE3eFgbiSQOIKLKO/sVeaKoxhfx0m
zk1mtSoyKRvUk4O9bOAjugP9dbAxuJssJ/GLkIiLbY7z7U2WZrMEv+Qz07c6Bk7Y
7o06BozPe2TPe6VTTWJuP77Fv7Ux/6iEYB/+K2BvTK59bLiK4PCz5X5UzsiPMDep
VRRfwtQSNJC6bBkOzWmS+1lmXjt51yak7dJXmvC7hlduqtuUzBu/xxf2biHv+iWg
cs85W+cxcnXajYWLJSTmH45j/kLD7T+fH5z2O9YhSNBw3KBnW79Mq6ikiC4XJhaf
KLkwUOBrmEKJ+uNkZm+b3P4o1vVGk3Q9co17s5P4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:30 2024 by rpki-client on console-ams.rpki-client.org