Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CnfILCUvIAPAU6_RxFMAvIB0Jhk.roa
File:                     CnfILCUvIAPAU6_RxFMAvIB0Jhk.roa (raw, json)
Hash identifier:          zJ52pyQq+6M+NgxAG56odub7lQq7v9UKPpml5E8zT8Y=
Subject key identifier:   0A:77:C8:2C:25:2F:20:03:C0:53:AF:D1:C4:53:00:BC:80:74:26:19
Certificate issuer:       /CN=6f0b15193816fd15dcfd047db4eeca672912bb60
Certificate serial:       1268
Authority key identifier: 6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CnfILCUvIAPAU6_RxFMAvIB0Jhk.roa
Signing time:             Tue 11 Jan 2022 21:46:01 +0000
ROA not before:           Tue 11 Jan 2022 21:46:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.167.233.0/24 maxlen: 24
                          185.167.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4712 (0x1268)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0b15193816fd15dcfd047db4eeca672912bb60
        Validity
            Not Before: Jan 11 21:46:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0a77c82c252f2003c053afd1c45300bc80742619
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:45:3c:5a:be:d9:87:9b:a5:0d:b9:e6:c1:97:
                    63:a0:dd:91:a9:e1:fb:5f:2e:0a:f5:71:a8:5d:6b:
                    15:3e:8d:ff:21:ee:26:5e:13:db:50:9b:f6:1b:70:
                    e9:09:62:46:5b:d8:29:a5:6b:75:0c:fb:34:32:3c:
                    a7:0b:7f:4e:81:c1:6a:c5:1f:a6:65:b6:21:9f:c6:
                    24:d0:f0:8b:94:05:7c:94:46:c3:37:f1:3e:98:a9:
                    53:db:3b:23:2a:53:21:54:31:90:bd:a2:d3:da:0a:
                    cd:5d:be:c5:95:4e:d1:0c:f3:98:4c:ca:6c:ec:c1:
                    38:43:8a:13:b5:a9:12:89:49:a7:01:26:2f:3c:65:
                    ae:ec:52:24:7b:af:64:44:66:10:16:81:ee:bd:ce:
                    0b:08:27:d0:2b:23:a7:7e:51:40:34:73:65:1c:60:
                    71:cc:ff:f1:99:79:09:b1:a8:59:30:87:4c:83:6d:
                    92:c7:bf:6a:70:93:0d:f6:92:5c:3a:b3:a6:5f:15:
                    73:78:a5:07:7e:7d:e9:c3:3a:8a:df:98:e2:dc:8f:
                    be:06:87:63:87:a5:1e:f6:dd:ed:77:04:a5:11:a7:
                    49:7f:77:b3:fd:f9:5e:9d:fc:e8:1f:30:fc:46:47:
                    e7:39:4a:d8:73:12:4b:b5:59:8b:79:8b:3b:29:76:
                    8d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:77:C8:2C:25:2F:20:03:C0:53:AF:D1:C4:53:00:BC:80:74:26:19
            X509v3 Authority Key Identifier:
                keyid:6F:0B:15:19:38:16:FD:15:DC:FD:04:7D:B4:EE:CA:67:29:12:BB:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwsVGTgW_RXc_QR9tO7KZykSu2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/CnfILCUvIAPAU6_RxFMAvIB0Jhk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/958841-f6b0-4249-8046-9cf843f05670/1/bwsVGTgW_RXc_QR9tO7KZykSu2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:b8:cd:76:f3:3e:02:b7:50:58:0f:c9:a8:da:12:bc:2a:95:
         87:c9:f0:cc:2e:c1:b2:17:4b:38:8e:a1:79:bf:8c:47:03:07:
         79:d6:cd:73:87:fd:93:8d:78:56:1b:bb:9d:b8:18:f8:6f:0c:
         2a:fb:12:35:e3:61:4f:4f:1d:fd:dd:06:f5:f0:f9:15:6c:14:
         e9:19:ca:2d:eb:cf:8f:06:f7:68:7e:b4:95:99:d7:6a:97:75:
         2e:b3:6a:45:d9:40:af:86:1b:2c:ed:a2:f6:0d:03:6c:73:6b:
         5f:ea:f0:f6:37:31:e1:51:ad:76:31:92:15:ee:56:a2:7b:6c:
         61:e8:23:ec:8f:d9:2c:89:6e:d8:ba:c9:10:ec:53:f4:f8:f0:
         24:55:0b:a5:2f:9a:1a:c7:b1:b1:25:83:ba:62:2d:05:e3:0a:
         41:06:ef:66:35:54:23:9a:81:8d:b6:d9:00:ba:10:18:55:b8:
         33:31:3e:d6:63:c8:af:8f:eb:af:df:a4:84:9e:2b:5d:c6:c2:
         14:ec:5c:5b:55:ee:6f:c4:da:b8:6c:e0:72:4f:46:c6:23:2b:
         ea:12:a4:a9:0c:e7:b2:04:b9:4c:14:fd:5c:58:98:03:a9:fc:
         e8:df:3d:30:d6:65:e2:38:e0:3f:3a:ed:60:3e:4a:57:1d:f1:
         86:5c:56:6c
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICEmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNmYw
YjE1MTkzODE2ZmQxNWRjZmQwNDdkYjRlZWNhNjcyOTEyYmI2MDAeFw0yMjAxMTEy
MTQ2MDFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBhNzdjODJjMjUyZjIw
MDNjMDUzYWZkMWM0NTMwMGJjODA3NDI2MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChRTxavtmHm6UNuebBl2Og3ZGp4ftfLgr1cahdaxU+jf8h7iZe
E9tQm/YbcOkJYkZb2Cmla3UM+zQyPKcLf06BwWrFH6ZltiGfxiTQ8IuUBXyURsM3
8T6YqVPbOyMqUyFUMZC9otPaCs1dvsWVTtEM85hMymzswThDihO1qRKJSacBJi88
Za7sUiR7r2REZhAWge69zgsIJ9ArI6d+UUA0c2UcYHHM//GZeQmxqFkwh0yDbZLH
v2pwkw32klw6s6ZfFXN4pQd+fenDOorfmOLcj74Gh2OHpR723e13BKURp0l/d7P9
+V6d/OgfMPxGR+c5SthzEku1WYt5izspdo03AgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUCnfILCUvIAPAU6/RxFMAvIB0JhkwHwYDVR0jBBgwFoAUbwsVGTgW/RXc/QR9
tO7KZykSu2AwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9i
d3NWR1RnV19SWGNfUVI5dE83S1p5a1N1MkEuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2E1Lzk1ODg0MS1mNmIwLTQyNDktODA0Ni05Y2Y4NDNmMDU2NzAvMS9D
bmZJTENVdklBUEFVNl9SeEZNQXZJQjBKaGsucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E1Lzk1
ODg0MS1mNmIwLTQyNDktODA0Ni05Y2Y4NDNmMDU2NzAvMS9id3NWR1RnV19SWGNf
UVI5dE83S1p5a1N1MkEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5p+gwDQYJKoZIhvcNAQELBQADggEB
AB+4zXbzPgK3UFgPyajaErwqlYfJ8MwuwbIXSziOoXm/jEcDB3nWzXOH/ZONeFYb
u524GPhvDCr7EjXjYU9PHf3dBvXw+RVsFOkZyi3rz48G92h+tJWZ12qXdS6zakXZ
QK+GGyztovYNA2xza1/q8PY3MeFRrXYxkhXuVqJ7bGHoI+yP2SyJbti6yRDsU/T4
8CRVC6UvmhrHsbElg7piLQXjCkEG72Y1VCOagY222QC6EBhVuDMxPtZjyK+P66/f
pISeK13GwhTsXFtV7m/E2rhs4HJPRsYjK+oSpKkM57IEuUwU/VxYmAOp/OjfPTDW
ZeI44D867WA+Slcd8YZcVmw=
-----END CERTIFICATE-----