Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/5AdwpF6hrHNcjq5gMfv0omL5VZY.roa
File:                     5AdwpF6hrHNcjq5gMfv0omL5VZY.roa (raw, json)
Hash identifier:          1bYR0OjGaRMjDTzSa9AgWNnvJ4VhWFoZ0DPfRmRr69c=
Subject key identifier:   E4:07:70:A4:5E:A1:AC:73:5C:8E:AE:60:31:FB:F4:A2:62:F9:55:96
Certificate issuer:       /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial:       01850ACB830E35C15B99526E9EB5CC01DCBD
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/5AdwpF6hrHNcjq5gMfv0omL5VZY.roa
Signing time:             Tue 13 Dec 2022 09:23:07 +0000
ROA not before:           Tue 13 Dec 2022 09:23:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52056
IP address blocks:        45.82.16.0/22 maxlen: 22
                          46.23.160.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0a:cb:83:0e:35:c1:5b:99:52:6e:9e:b5:cc:01:dc:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
        Validity
            Not Before: Dec 13 09:23:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e40770a45ea1ac735c8eae6031fbf4a262f95596
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a0:20:20:9c:58:dd:db:6f:ec:42:07:3f:b1:
                    4e:93:c4:96:3a:af:cc:1e:b8:05:f4:f6:91:ae:a5:
                    eb:99:f8:be:4a:5b:7c:f5:61:d2:43:1e:ae:02:63:
                    cc:e1:24:02:be:85:1d:85:99:63:66:ae:67:44:06:
                    e1:fd:4e:d4:75:b1:79:de:da:b6:63:20:f7:92:4b:
                    44:1b:44:0e:0a:66:3c:ad:d3:a8:6c:f9:3f:2c:0c:
                    8a:78:72:d5:d1:cb:0e:8d:b3:9e:a2:49:5e:d1:f0:
                    13:82:ca:15:7d:d8:a7:7c:37:6b:2b:7d:27:32:ce:
                    8c:3e:8c:39:bd:f6:6d:ff:a1:79:e0:be:bf:37:84:
                    89:dd:df:7c:7c:2f:dd:46:41:dd:d4:ac:f8:f2:b0:
                    ea:11:d2:db:45:c2:85:3c:2d:79:9f:bd:47:81:80:
                    3f:6e:5f:15:76:a4:34:51:97:d8:23:48:a6:30:44:
                    16:0c:bc:58:9d:b7:f0:88:74:4b:ea:5c:27:91:51:
                    3a:5c:66:71:35:85:c1:18:c7:1e:ea:c4:fb:d2:44:
                    05:b1:4e:09:65:7c:e4:1f:fe:55:ee:7a:51:38:c7:
                    8b:93:50:1d:7f:f2:ee:65:de:75:b7:05:1a:83:7f:
                    22:e6:fe:a3:6e:b5:8f:3a:9f:51:94:77:73:eb:18:
                    99:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:07:70:A4:5E:A1:AC:73:5C:8E:AE:60:31:FB:F4:A2:62:F9:55:96
            X509v3 Authority Key Identifier:
                keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/5AdwpF6hrHNcjq5gMfv0omL5VZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.16.0/22
                  46.23.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         83:eb:43:31:7c:fb:66:eb:93:48:74:92:4d:da:7c:9d:d6:6d:
         5c:d7:40:dc:1a:c4:56:45:7e:8f:47:5c:dd:ee:59:c5:0d:02:
         d3:df:55:8c:47:9e:34:64:38:57:88:02:05:ad:1b:6d:07:ca:
         fd:a2:83:31:97:8e:3b:8f:02:b2:6d:59:5b:27:39:24:68:97:
         4f:6c:b8:7b:fa:45:14:b8:97:4d:c4:43:39:8e:b5:d8:c5:7d:
         fe:f1:ee:92:61:63:b2:fe:d6:98:a4:13:90:6c:98:25:5d:d2:
         76:04:9b:7a:fe:af:9e:89:79:ab:6d:7d:47:09:d3:e0:60:10:
         7f:c0:bf:16:0d:42:df:1b:60:d9:c0:51:8e:16:e7:12:c1:c8:
         61:a0:81:11:88:4e:e3:73:33:f1:97:fd:c9:52:79:a4:43:c8:
         fb:3d:60:a1:6d:0e:3c:e4:77:92:10:2a:88:5a:26:f2:3c:86:
         33:96:fa:b7:c9:65:cf:63:54:f6:0f:47:d5:a0:25:ba:39:5e:
         57:c5:7c:4d:8e:e3:eb:69:a2:33:78:15:9b:90:b6:fd:fc:ed:
         18:40:6a:a6:b5:b1:61:e3:f6:6c:c5:cd:2a:02:44:a8:24:77:
         22:27:97:e6:45:5f:64:8e:7d:19:f6:9c:37:11:23:c8:36:eb:
         26:7b:5b:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUKy4MONcFbmVJunrXMAdy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjIxMjEzMDkyMzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA3NzBhNDVlYTFhYzczNWM4ZWFlNjAzMWZiZjRhMjYyZjk1NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKAgIJxY3dtv7EIHP7FOk8SWOq/M
HrgF9PaRrqXrmfi+Slt89WHSQx6uAmPM4SQCvoUdhZljZq5nRAbh/U7UdbF53tq2
YyD3kktEG0QOCmY8rdOobPk/LAyKeHLV0csOjbOeokle0fATgsoVfdinfDdrK30n
Ms6MPow5vfZt/6F54L6/N4SJ3d98fC/dRkHd1Kz48rDqEdLbRcKFPC15n71HgYA/
bl8VdqQ0UZfYI0imMEQWDLxYnbfwiHRL6lwnkVE6XGZxNYXBGMce6sT70kQFsU4J
ZXzkH/5V7npROMeLk1Adf/LuZd51twUag38i5v6jbrWPOp9RlHdz6xiZrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQHcKReoaxzXI6uYDH79KJi+VWWMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvNUFkd3BGNmhySE5janE1Z01mdjBvbUw1VlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVIQAwQE
LhegMA0GCSqGSIb3DQEBCwUAA4IBAQCD60MxfPtm65NIdJJN2nyd1m1c10DcGsRW
RX6PR1zd7lnFDQLT31WMR540ZDhXiAIFrRttB8r9ooMxl447jwKybVlbJzkkaJdP
bLh7+kUUuJdNxEM5jrXYxX3+8e6SYWOy/taYpBOQbJglXdJ2BJt6/q+eiXmrbX1H
CdPgYBB/wL8WDULfG2DZwFGOFucSwchhoIERiE7jczPxl/3JUnmkQ8j7PWChbQ48
5HeSECqIWibyPIYzlvq3yWXPY1T2D0fVoCW6OV5XxXxNjuPraaIzeBWbkLb9/O0Y
QGqmtbFh4/Zsxc0qAkSoJHciJ5fmRV9kjn0Z9pw3ESPINusme1s3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:47 2024 by rpki-client on console-fra.rpki-client.org