Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/82i_lbEKlEv9OhWcix-Go012tB4.roa
File:                     82i_lbEKlEv9OhWcix-Go012tB4.roa (raw, json)
Hash identifier:          E5QotAScWep7HH1Vw/U0Ok/21soH9il+PpZwicXi2vM=
Subject key identifier:   F3:68:BF:95:B1:0A:94:4B:FD:3A:15:9C:8B:1F:86:A3:4D:76:B4:1E
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       0184E9EEA08D3E37C76797B94D1D528AC107
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/82i_lbEKlEv9OhWcix-Go012tB4.roa
Signing time:             Wed 07 Dec 2022 00:14:00 +0000
ROA not before:           Wed 07 Dec 2022 00:14:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16262
IP address blocks:        46.8.52.0/23 maxlen: 32
                          109.248.169.0/24 maxlen: 24
                          109.248.168.0/24 maxlen: 24
                          46.8.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e9:ee:a0:8d:3e:37:c7:67:97:b9:4d:1d:52:8a:c1:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Dec  7 00:14:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f368bf95b10a944bfd3a159c8b1f86a34d76b41e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:58:86:06:a5:f9:27:3c:5f:12:50:3d:1a:b0:
                    ed:82:82:25:1b:84:0c:88:97:1b:a6:a5:0d:79:36:
                    57:d2:50:b0:9a:a6:4c:b8:5c:d2:d5:7a:18:10:87:
                    1b:49:57:21:e9:63:8b:a4:b7:d9:37:42:39:b6:51:
                    02:4b:ab:0c:73:0a:e3:68:13:99:eb:8b:34:28:25:
                    57:49:c7:76:00:3a:7d:1a:26:12:16:bf:db:15:4a:
                    e4:db:05:d1:ed:e6:3a:93:7b:03:16:f9:68:34:93:
                    49:7e:a6:26:3b:b9:98:59:ba:3a:c4:ae:ee:30:1a:
                    b4:ef:e6:f5:89:0e:91:d4:74:55:68:7d:59:ef:d6:
                    11:f2:f5:6e:92:dc:eb:81:f9:63:1f:8e:e3:4c:b0:
                    4b:6f:4d:88:2e:57:b4:94:8d:10:02:e2:a4:dd:8b:
                    20:3e:91:0b:c2:70:70:48:14:4b:3b:88:9a:2b:8e:
                    7d:36:77:bb:32:c6:94:58:69:ce:d8:28:b8:b2:4b:
                    f2:0d:7b:94:4f:94:f5:59:3b:39:38:32:ba:13:4c:
                    05:e1:43:ad:da:87:95:bf:06:38:5d:41:2c:35:8b:
                    66:b9:a5:13:d7:58:7d:19:b1:f4:04:24:b4:83:75:
                    13:cc:ae:a8:60:a4:58:9c:0a:2a:b9:9e:c5:39:ba:
                    c6:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:68:BF:95:B1:0A:94:4B:FD:3A:15:9C:8B:1F:86:A3:4D:76:B4:1E
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/82i_lbEKlEv9OhWcix-Go012tB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.8.52.0/23
                  46.8.153.0/24
                  109.248.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         43:7d:83:ef:7a:08:ad:4b:77:6c:c7:4b:8d:88:1b:b5:8f:97:
         fb:25:38:79:2e:20:62:06:cb:d7:44:7f:fe:2a:7a:5e:bf:ad:
         df:23:87:b2:21:8e:45:9f:ad:19:dc:38:a6:f9:7c:8c:28:dd:
         68:81:6e:7a:4c:87:ea:bf:32:e0:e0:b2:9b:de:06:ad:0a:46:
         51:4d:58:fc:56:41:c8:98:e6:0e:c1:a2:58:c1:8d:82:09:d6:
         7e:78:18:b7:9f:c9:83:42:9f:87:55:8f:bd:d8:f1:65:b7:59:
         a6:aa:18:92:77:e7:48:3a:87:e6:24:14:ab:c3:fa:8e:ce:fe:
         a5:97:a4:7d:a4:3e:b1:4c:93:2b:69:3d:b0:b7:44:d1:df:71:
         97:3d:d3:56:2c:ac:66:65:29:7a:ed:ef:89:16:59:4a:b8:61:
         7b:a4:59:7f:c7:40:cf:02:d3:92:e3:34:82:4f:6c:41:c0:86:
         91:db:b5:0d:03:2d:a3:1e:b2:32:38:54:57:e1:81:51:17:e4:
         67:37:95:99:2c:00:d6:84:dc:65:c5:b5:53:65:79:83:dc:91:
         66:ec:f7:b5:56:27:a3:36:4c:83:d7:57:8c:46:1e:57:e8:69:
         2d:de:7f:9b:d1:a0:dc:c7:b2:53:9d:33:b6:23:64:98:e5:a4:
         29:c5:3e:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTp7qCNPjfHZ5e5TR1SisEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjA3MDAxNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzY4YmY5NWIxMGE5NDRiZmQzYTE1OWM4YjFmODZhMzRkNzZiNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqliGBqX5JzxfElA9GrDtgoIlG4QM
iJcbpqUNeTZX0lCwmqZMuFzS1XoYEIcbSVch6WOLpLfZN0I5tlECS6sMcwrjaBOZ
64s0KCVXScd2ADp9GiYSFr/bFUrk2wXR7eY6k3sDFvloNJNJfqYmO7mYWbo6xK7u
MBq07+b1iQ6R1HRVaH1Z79YR8vVuktzrgfljH47jTLBLb02ILle0lI0QAuKk3Ysg
PpELwnBwSBRLO4iaK459Nne7MsaUWGnO2Ci4skvyDXuUT5T1WTs5ODK6E0wF4UOt
2oeVvwY4XUEsNYtmuaUT11h9GbH0BCS0g3UTzK6oYKRYnAoquZ7FObrGzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNov5WxCpRL/ToVnIsfhqNNdrQeMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvODJpX2xiRUtsRXY5T2hXY2l4LUdvMDEydEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLgg0AwQA
LgiZAwQBbfioMA0GCSqGSIb3DQEBCwUAA4IBAQBDfYPvegitS3dsx0uNiBu1j5f7
JTh5LiBiBsvXRH/+Knpev63fI4eyIY5Fn60Z3Dim+XyMKN1ogW56TIfqvzLg4LKb
3gatCkZRTVj8VkHImOYOwaJYwY2CCdZ+eBi3n8mDQp+HVY+92PFlt1mmqhiSd+dI
OofmJBSrw/qOzv6ll6R9pD6xTJMraT2wt0TR33GXPdNWLKxmZSl67e+JFllKuGF7
pFl/x0DPAtOS4zSCT2xBwIaR27UNAy2jHrIyOFRX4YFRF+RnN5WZLADWhNxlxbVT
ZXmD3JFm7Pe1ViejNkyD11eMRh5X6Gkt3n+b0aDcx7JTnTO2I2SY5aQpxT5O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org