Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/dBQ4vRlZQ3COI83wOokH8QLHkvw.roa
File:                     dBQ4vRlZQ3COI83wOokH8QLHkvw.roa (raw, json)
Hash identifier:          fayyDOmeSDiANGN0NyqcGb4HN8tVG9chx0ffqEGtREY=
Subject key identifier:   74:14:38:BD:19:59:43:70:8E:23:CD:F0:3A:89:07:F1:02:C7:92:FC
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       0183300CB9892B78997420908022B0883C71
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/dBQ4vRlZQ3COI83wOokH8QLHkvw.roa
Signing time:             Mon 12 Sep 2022 04:54:43 +0000
ROA not before:           Mon 12 Sep 2022 04:54:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201746
IP address blocks:        46.8.160.0/20 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:30:0c:b9:89:2b:78:99:74:20:90:80:22:b0:88:3c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Sep 12 04:54:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=741438bd195943708e23cdf03a8907f102c792fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bd:ff:7c:27:5e:39:9c:7a:3c:5f:a3:ad:d7:
                    06:05:82:ba:40:4b:47:f9:9c:f5:68:15:aa:4a:19:
                    7c:77:18:ac:f3:8d:db:85:5f:60:24:7a:25:c4:a8:
                    6b:b1:c8:a2:bc:52:76:81:b4:1b:be:db:28:71:35:
                    04:91:37:26:ad:2e:44:6f:8e:23:c7:6d:ba:ad:23:
                    ad:85:44:cd:5b:8e:2f:6d:e6:64:1f:29:fc:ac:32:
                    f4:11:27:8d:89:7d:a2:b3:ce:70:81:ee:33:54:0f:
                    60:28:be:57:25:df:c3:8b:ad:1e:82:2d:e7:c7:d1:
                    c6:c7:78:21:06:81:fa:44:9c:d1:1a:d5:aa:7c:44:
                    89:ab:d8:14:c8:42:11:be:dc:d8:c7:0c:9d:60:48:
                    03:5a:a9:43:d7:ca:f8:eb:f7:8c:50:74:b0:5f:77:
                    4f:97:be:18:9a:a2:53:0c:c5:d4:eb:35:85:4e:a5:
                    eb:e1:9d:16:fb:a2:b2:33:b2:73:b0:a9:d8:3a:bd:
                    50:f9:69:59:01:92:8a:b0:3b:22:25:4b:3e:ce:27:
                    59:78:2b:b0:04:80:a1:8a:b6:9a:8e:62:10:fb:5f:
                    8a:db:22:ca:ef:83:98:33:c9:bc:50:6d:70:4c:15:
                    30:80:da:f9:65:61:e2:f0:7a:4b:8b:58:cf:cc:86:
                    d0:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:14:38:BD:19:59:43:70:8E:23:CD:F0:3A:89:07:F1:02:C7:92:FC
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/dBQ4vRlZQ3COI83wOokH8QLHkvw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.8.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5f:ec:d6:12:d3:e9:73:5c:56:fd:71:34:7c:f7:c7:60:84:13:
         21:a2:15:9a:08:2c:f0:f0:83:fa:0a:3e:92:d7:52:2b:ca:b6:
         85:7e:be:48:bd:f3:a8:fa:2b:5f:6e:eb:4c:1e:09:30:64:f2:
         3b:35:ef:9b:8b:bb:a0:af:8a:7e:56:c0:9d:dc:76:b3:e3:83:
         49:b1:5f:18:84:ad:fe:00:47:3a:95:6a:11:a7:b5:f1:14:7e:
         69:7d:d3:2d:12:15:c9:44:60:d9:94:31:99:f1:be:46:e2:8b:
         14:ee:3b:74:89:bc:ad:c8:d8:35:70:58:46:18:ba:05:c6:22:
         96:4a:3e:ab:2e:56:f3:7d:8b:8e:cb:4f:54:79:76:b2:c9:cf:
         16:a9:ee:76:28:a1:13:b5:9c:e0:92:c5:e4:00:f0:f5:74:c6:
         80:e3:96:6c:e3:34:ec:74:95:6f:e8:4d:49:00:d5:18:ce:42:
         8e:ed:32:07:30:46:56:d6:58:d8:c3:d2:fb:50:49:cb:1c:0e:
         48:aa:9b:b8:e4:53:ed:86:c8:99:5c:52:7c:6f:a8:39:f4:96:
         b2:7e:fe:04:8e:37:40:54:07:09:c7:0a:f0:48:ff:ff:04:5c:
         3e:5d:74:4e:1b:63:30:ab:b3:4d:41:d1:c8:64:f4:be:11:1c:
         c8:82:9b:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMwDLmJK3iZdCCQgCKwiDxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIwOTEyMDQ1NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE0MzhiZDE5NTk0MzcwOGUyM2NkZjAzYTg5MDdmMTAyYzc5MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr3/fCdeOZx6PF+jrdcGBYK6QEtH
+Zz1aBWqShl8dxis843bhV9gJHolxKhrsciivFJ2gbQbvtsocTUEkTcmrS5Eb44j
x226rSOthUTNW44vbeZkHyn8rDL0ESeNiX2is85wge4zVA9gKL5XJd/Di60egi3n
x9HGx3ghBoH6RJzRGtWqfESJq9gUyEIRvtzYxwydYEgDWqlD18r46/eMUHSwX3dP
l74YmqJTDMXU6zWFTqXr4Z0W+6KyM7JzsKnYOr1Q+WlZAZKKsDsiJUs+zidZeCuw
BIChiraajmIQ+1+K2yLK74OYM8m8UG1wTBUwgNr5ZWHi8HpLi1jPzIbQLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQUOL0ZWUNwjiPN8DqJB/ECx5L8MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvZEJRNHZSbFpRM0NPSTgzd09va0g4UUxIa3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELgigMA0G
CSqGSIb3DQEBCwUAA4IBAQBf7NYS0+lzXFb9cTR898dghBMhohWaCCzw8IP6Cj6S
11IryraFfr5IvfOo+itfbutMHgkwZPI7Ne+bi7ugr4p+VsCd3Haz44NJsV8YhK3+
AEc6lWoRp7XxFH5pfdMtEhXJRGDZlDGZ8b5G4osU7jt0ibytyNg1cFhGGLoFxiKW
Sj6rLlbzfYuOy09UeXayyc8Wqe52KKETtZzgksXkAPD1dMaA45Zs4zTsdJVv6E1J
ANUYzkKO7TIHMEZW1ljYw9L7UEnLHA5Iqpu45FPthsiZXFJ8b6g59Jayfv4EjjdA
VAcJxwrwSP//BFw+XXROG2Mwq7NNQdHIZPS+ERzIgpsm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org