Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/8r5NL1vMS75tTOkECRyVLaIwSdQ.roa
File:                     8r5NL1vMS75tTOkECRyVLaIwSdQ.roa (raw, json)
Hash identifier:          zvtwtjAjgUVc7VhKSMUviRfaS1XNivXocc5mDTnGZvQ=
Subject key identifier:   F2:BE:4D:2F:5B:CC:4B:BE:6D:4C:E9:04:09:1C:95:2D:A2:30:49:D4
Certificate issuer:       /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Certificate serial:       01850A5D4E8A9D5835BC7C7EF53D422B5CA7
Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/8r5NL1vMS75tTOkECRyVLaIwSdQ.roa
Signing time:             Tue 13 Dec 2022 07:22:45 +0000
ROA not before:           Tue 13 Dec 2022 07:22:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        185.230.103.0/24 maxlen: 24
                          45.130.47.0/24 maxlen: 24
                          45.130.46.0/24 maxlen: 24
                          2a10:b583::/32 maxlen: 32
                          2a10:b581::/32 maxlen: 32
                          2a10:b582::/32 maxlen: 32
                          2a10:b580::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:0a:5d:4e:8a:9d:58:35:bc:7c:7e:f5:3d:42:2b:5c:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
        Validity
            Not Before: Dec 13 07:22:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f2be4d2f5bcc4bbe6d4ce904091c952da23049d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fb:1c:b7:95:6b:19:ef:ff:4d:c0:04:46:6f:
                    76:46:60:fb:cb:4d:c8:13:10:44:9b:e9:56:ce:67:
                    19:d3:c8:5e:3a:1e:dc:a7:ab:ba:db:5f:b7:47:96:
                    84:90:52:67:74:fd:b1:1d:5b:d7:94:a7:e4:f3:1b:
                    45:40:72:33:f1:fc:f3:a2:3a:5c:3b:e8:43:b4:86:
                    1c:ba:17:b7:d3:07:c7:6f:d1:9c:ce:97:35:8b:0d:
                    b7:55:7c:fd:78:7f:09:f9:cc:1d:40:c1:df:c5:89:
                    a1:4f:93:7b:5b:a8:a5:04:36:90:3f:45:45:ab:f9:
                    67:0d:a3:86:ce:02:5a:8b:59:5f:05:35:0b:b4:8b:
                    f4:73:cf:89:11:19:19:f3:0b:48:fa:f0:c0:6a:a6:
                    f8:cf:36:65:7e:d3:9c:79:ea:1c:59:97:f2:ee:2c:
                    06:5d:de:2b:02:27:85:92:15:ab:21:32:48:bc:e4:
                    32:a6:c1:b9:27:06:25:c7:b1:fb:c6:e1:fe:07:94:
                    d5:17:c4:9f:c9:ed:c5:00:53:e9:01:70:b8:99:10:
                    4e:23:a3:e9:d0:09:79:4f:c6:2f:32:c0:ec:c2:bf:
                    8e:0c:3d:16:7d:0d:3a:be:0b:3b:58:f3:f9:5a:ba:
                    33:9b:52:d1:86:46:97:b7:74:f4:91:43:08:51:e7:
                    85:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:BE:4D:2F:5B:CC:4B:BE:6D:4C:E9:04:09:1C:95:2D:A2:30:49:D4
            X509v3 Authority Key Identifier:
                keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/8r5NL1vMS75tTOkECRyVLaIwSdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.46.0/23
                  185.230.103.0/24
                IPv6:
                  2a10:b580::/30

    Signature Algorithm: sha256WithRSAEncryption
         55:c4:2f:17:8b:3e:11:da:b4:f9:15:d2:be:d9:de:db:94:65:
         6e:8b:e0:5a:8d:be:3a:bf:1b:f9:d9:cf:0f:db:45:1b:a1:c0:
         73:7e:be:77:1f:7c:4c:59:59:2c:4e:d4:eb:01:78:e9:c5:bb:
         22:bb:36:77:18:b3:51:36:a8:94:30:4a:4c:e1:fa:c8:43:4b:
         a2:65:98:ec:5c:d6:df:46:6f:b5:6c:55:1c:4c:7f:4a:8f:a3:
         95:9c:df:8b:6f:0d:30:ad:16:6b:0a:78:51:e9:d6:81:4a:b6:
         f6:62:84:00:f4:76:1a:44:bf:a5:fc:1f:b1:79:f6:85:86:6a:
         2e:d5:27:ac:07:25:2c:e2:ac:1c:cf:c3:ec:35:3b:a5:c0:55:
         51:6b:fa:68:61:f1:b9:5e:0f:6c:40:53:6b:2b:bf:f2:1c:f5:
         fe:2f:8c:a5:f4:4f:c6:7a:33:a2:36:2a:4a:f7:87:31:8c:3e:
         8d:87:15:77:73:89:51:c8:7e:7a:ae:96:78:62:ab:92:d0:e5:
         8c:c7:ae:1c:a7:2a:69:2e:67:19:5d:f8:b2:7c:50:22:f9:b5:
         dd:58:a5:c0:c3:4f:52:6a:3c:7e:00:56:58:ce:1d:ea:6b:83:
         1b:db:66:f3:5d:0f:b2:af:bd:a4:ae:41:7d:fb:37:63:03:e4:
         f2:27:7b:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUKXU6KnVg1vHx+9T1CK1ynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh
OGUxODUwHhcNMjIxMjEzMDcyMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJlNGQyZjViY2M0YmJlNmQ0Y2U5MDQwOTFjOTUyZGEyMzA0OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPsct5VrGe//TcAERm92RmD7y03I
ExBEm+lWzmcZ08heOh7cp6u621+3R5aEkFJndP2xHVvXlKfk8xtFQHIz8fzzojpc
O+hDtIYcuhe30wfHb9Gczpc1iw23VXz9eH8J+cwdQMHfxYmhT5N7W6ilBDaQP0VF
q/lnDaOGzgJai1lfBTULtIv0c8+JERkZ8wtI+vDAaqb4zzZlftOceeocWZfy7iwG
Xd4rAieFkhWrITJIvOQypsG5JwYlx7H7xuH+B5TVF8Sfye3FAFPpAXC4mRBOI6Pp
0Al5T8YvMsDswr+ODD0WfQ06vgs7WPP5Wrozm1LRhkaXt3T0kUMIUeeF8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPK+TS9bzEu+bUzpBAkclS2iMEnUMB8GA1UdIwQY
MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt
ZTY3NTgyZjIzMDk3LzEvOHI1Tkwxdk1TNzV0VE9rRUNSeVZMYUl3U2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3
LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLYIuAwQA
ueZnMA0EAgACMAcDBQIqELWAMA0GCSqGSIb3DQEBCwUAA4IBAQBVxC8Xiz4R2rT5
FdK+2d7blGVui+Bajb46vxv52c8P20UbocBzfr53H3xMWVksTtTrAXjpxbsiuzZ3
GLNRNqiUMEpM4frIQ0uiZZjsXNbfRm+1bFUcTH9Kj6OVnN+Lbw0wrRZrCnhR6daB
Srb2YoQA9HYaRL+l/B+xefaFhmou1SesByUs4qwcz8PsNTulwFVRa/poYfG5Xg9s
QFNrK7/yHPX+L4yl9E/GejOiNipK94cxjD6NhxV3c4lRyH56rpZ4YquS0OWMx64c
pyppLmcZXfiyfFAi+bXdWKXAw09Sajx+AFZYzh3qa4Mb22bzXQ+yr72krkF9+zdj
A+TyJ3s0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org