Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/jRSacwc-Yr-rU_WvXJlFyOd_7w0.roa
File:                     jRSacwc-Yr-rU_WvXJlFyOd_7w0.roa (raw, json)
Hash identifier:          k8sv2jldc12bkRFS5qRzy6ZCDNSPpNl9qlcf+qpPHMA=
Subject key identifier:   8D:14:9A:73:07:3E:62:BF:AB:53:F5:AF:5C:99:45:C8:E7:7F:EF:0D
Certificate issuer:       /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial:       03296739
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/jRSacwc-Yr-rU_WvXJlFyOd_7w0.roa
Signing time:             Sat 01 Jan 2022 10:05:20 +0000
ROA not before:           Sat 01 Jan 2022 10:05:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2856
IP address blocks:        46.248.112.0/23 maxlen: 23
                          46.248.108.0/23 maxlen: 23
                          46.248.110.0/23 maxlen: 23
                          46.248.106.0/23 maxlen: 23
                          46.248.118.0/23 maxlen: 23
                          46.248.114.0/23 maxlen: 23
                          46.248.116.0/23 maxlen: 23
                          46.248.124.0/23 maxlen: 23
                          46.248.122.0/23 maxlen: 23
                          46.248.120.0/23 maxlen: 23
                          46.248.126.0/23 maxlen: 23
                          85.116.2.0/23 maxlen: 23
                          85.116.4.0/23 maxlen: 23
                          82.136.52.0/24 maxlen: 24
                          85.116.0.0/23 maxlen: 23
                          82.136.62.0/23 maxlen: 23
                          85.116.8.0/24 maxlen: 24
                          85.116.10.0/23 maxlen: 23
                          82.136.61.0/24 maxlen: 24
                          85.116.6.0/23 maxlen: 23
                          85.116.12.0/23 maxlen: 23
                          85.116.14.0/23 maxlen: 23
                          85.116.16.0/21 maxlen: 21
                          85.116.24.0/24 maxlen: 24
                          85.116.30.0/24 maxlen: 24
                          85.116.29.0/24 maxlen: 24
                          85.116.31.0/24 maxlen: 24
                          85.116.26.0/24 maxlen: 24
                          85.116.25.0/24 maxlen: 24
                          85.116.28.0/24 maxlen: 24
                          85.116.27.0/24 maxlen: 24
                          82.136.7.0/24 maxlen: 24
                          82.136.17.0/24 maxlen: 24
                          82.136.13.0/24 maxlen: 24
                          82.136.20.0/24 maxlen: 24
                          82.136.26.0/24 maxlen: 24
                          82.136.37.0/24 maxlen: 24
                          82.136.43.0/24 maxlen: 24
                          82.136.47.0/24 maxlen: 24
                          46.248.98.0/23 maxlen: 23
                          46.248.96.0/23 maxlen: 23
                          46.248.100.0/23 maxlen: 23
                          46.248.102.0/23 maxlen: 23
                          46.248.104.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53045049 (0x3296739)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
        Validity
            Not Before: Jan  1 10:05:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8d149a73073e62bfab53f5af5c9945c8e77fef0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:21:00:65:5d:77:03:63:fe:b3:a2:3a:c7:58:
                    76:9a:0f:75:83:ab:07:66:e7:b0:00:6e:14:27:cf:
                    7d:bd:7f:56:81:2f:e1:ab:65:cb:f2:c8:7a:74:ea:
                    5c:f4:ee:f6:5e:e0:00:8e:19:bb:0f:2d:d2:24:4b:
                    2b:30:43:26:65:ad:74:2d:ec:d2:3b:5e:b8:5b:53:
                    76:83:ab:8a:3c:5d:f2:ca:df:0b:aa:27:15:09:fa:
                    f3:dc:06:ea:a2:c1:c9:00:92:32:4a:56:c2:f2:6a:
                    70:22:cf:69:2f:a4:ec:50:90:a4:d0:44:30:ab:ef:
                    84:4e:b0:04:e8:6e:b4:f2:23:e8:b3:5a:65:4d:81:
                    58:f2:63:6c:96:e7:e1:b0:4b:48:12:26:89:c1:80:
                    f6:b8:2d:0b:68:08:fc:d4:9d:53:98:6c:a4:19:98:
                    38:14:f9:6c:cc:56:29:6e:47:fc:76:e4:49:dc:81:
                    ce:0a:f1:69:17:66:ac:92:66:90:0e:b8:2d:63:0e:
                    2c:0f:d9:e6:a9:a8:3f:a3:26:0e:46:7f:81:db:17:
                    a6:f1:06:0e:75:82:31:2f:5c:13:da:53:cd:6f:85:
                    4f:a1:a0:69:6b:0f:99:76:cc:f0:52:3b:ae:d1:6a:
                    dd:0a:2d:c9:c5:7b:08:76:23:27:c5:79:32:35:94:
                    27:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:14:9A:73:07:3E:62:BF:AB:53:F5:AF:5C:99:45:C8:E7:7F:EF:0D
            X509v3 Authority Key Identifier:
                keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/jRSacwc-Yr-rU_WvXJlFyOd_7w0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.248.96.0/19
                  82.136.7.0/24
                  82.136.13.0/24
                  82.136.17.0/24
                  82.136.20.0/24
                  82.136.26.0/24
                  82.136.37.0/24
                  82.136.43.0/24
                  82.136.47.0/24
                  82.136.52.0/24
                  82.136.61.0-82.136.63.255
                  85.116.0.0-85.116.8.255
                  85.116.10.0-85.116.31.255

    Signature Algorithm: sha256WithRSAEncryption
         6e:39:5c:4a:d7:b8:7e:15:ae:fd:12:f8:c9:af:2e:81:a8:a5:
         80:fd:29:48:44:10:70:71:d6:a2:fd:14:cf:0f:54:2e:9a:73:
         ce:7d:57:44:3c:ed:1a:ca:28:ce:3a:ab:1a:dd:dd:df:79:47:
         80:c8:d3:6d:8e:17:a7:3e:f9:13:59:1f:30:a3:45:c9:03:40:
         fb:01:77:ef:9c:36:72:9a:6f:d3:69:a3:50:9e:4d:36:20:61:
         c5:87:cb:53:d6:a7:05:cd:72:29:4c:19:ac:e0:28:42:37:14:
         7c:35:cd:86:c1:ee:d7:f1:1f:d1:62:53:1a:24:a1:49:9c:3d:
         c4:4e:0c:c4:6c:0c:ac:74:b1:47:55:2e:41:4c:62:c0:f1:fd:
         67:15:05:a5:93:5a:ac:d3:b7:7d:5b:5d:01:3f:61:73:ca:46:
         aa:b7:aa:52:8a:02:d0:9b:c7:af:c2:9a:54:2c:72:67:f0:8d:
         5a:d7:5c:5e:8a:e3:23:b4:41:80:b6:23:4d:b8:b0:75:2a:fe:
         89:b9:43:f7:6d:78:91:27:dc:33:0e:30:a6:24:a8:3b:34:50:
         63:75:30:58:8b:3b:d6:83:ad:a0:65:f7:f6:e0:a6:14:dd:93:
         87:9e:36:a2:33:c7:ac:d7:0e:7a:99:d7:39:e0:27:ce:e8:19:
         ce:d9:1b:02
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEAylnOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzkzMjc4MmVlNzc1ODk5MDQwNGZhMWNjZmIwOWVjMjNhODYxMjNmMB4XDTIyMDEw
MTEwMDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQxNDlhNzMwNzNl
NjJiZmFiNTNmNWFmNWM5OTQ1YzhlNzdmZWYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4hAGVddwNj/rOiOsdYdpoPdYOrB2bnsABuFCfPfb1/VoEv
4atly/LIenTqXPTu9l7gAI4Zuw8t0iRLKzBDJmWtdC3s0jteuFtTdoOrijxd8srf
C6onFQn689wG6qLByQCSMkpWwvJqcCLPaS+k7FCQpNBEMKvvhE6wBOhutPIj6LNa
ZU2BWPJjbJbn4bBLSBImicGA9rgtC2gI/NSdU5hspBmYOBT5bMxWKW5H/HbkSdyB
zgrxaRdmrJJmkA64LWMOLA/Z5qmoP6MmDkZ/gdsXpvEGDnWCMS9cE9pTzW+FT6Gg
aWsPmXbM8FI7rtFq3QotycV7CHYjJ8V5MjWUJ4sCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBSNFJpzBz5iv6tT9a9cmUXI53/vDTAfBgNVHSMEGDAWgBQTkyeC7ndYmQQE
+hzPsJ7COoYSPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U1TW5ndTUzV0prRUJQb2N6N0Nld2pxR0VqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvODI4NjUyLWFkZGYtNGZlOC05ZmU2LTRiMWY2MTY1M2YzZC8x
L2pSU2Fjd2MtWXItclVfV3ZYSmxGeU9kXzd3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
ODI4NjUyLWFkZGYtNGZlOC05ZmU2LTRiMWY2MTY1M2YzZC8xL0U1TW5ndTUzV0pr
RUJQb2N6N0Nld2pxR0VqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wawQCAAEwZQMEBS74YAMEAFKIBwMEAFKIDQMEAFKI
EQMEAFKIFAMEAFKIGgMEAFKIJQMEAFKIKwMEAFKILwMEAFKINDAMAwQAUog9AwQG
UogAMAsDAwJVdAMEAFV0CDAMAwQBVXQKAwQFVXQAMA0GCSqGSIb3DQEBCwUAA4IB
AQBuOVxK17h+Fa79EvjJry6BqKWA/SlIRBBwcdai/RTPD1QumnPOfVdEPO0ayijO
Oqsa3d3feUeAyNNtjhenPvkTWR8wo0XJA0D7AXfvnDZymm/TaaNQnk02IGHFh8tT
1qcFzXIpTBms4ChCNxR8Nc2Gwe7X8R/RYlMaJKFJnD3ETgzEbAysdLFHVS5BTGLA
8f1nFQWlk1qs07d9W10BP2Fzykaqt6pSigLQm8evwppULHJn8I1a11xeiuMjtEGA
tiNNuLB1Kv6JuUP3bXiRJ9wzDjCmJKg7NFBjdTBYizvWg62gZff24KYU3ZOHnjai
M8es1w56mdc54CfO6BnO2RsC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:11 2023 by rpki-client on console-fra.rpki-client.org