Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/tMVdx-qJCtntMshg57R9M7HAO1I.roa
File:                     tMVdx-qJCtntMshg57R9M7HAO1I.roa (raw, json)
Hash identifier:          X9D11eywL1Wdq22E+h2p9LBpS3P3j/7Lso/Wc8KV7eE=
Subject key identifier:   B4:C5:5D:C7:EA:89:0A:D9:ED:32:C8:60:E7:B4:7D:33:B1:C0:3B:52
Certificate issuer:       /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial:       01852651D4F88C7BA1C93ACFF01F99045992
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/tMVdx-qJCtntMshg57R9M7HAO1I.roa
Signing time:             Sun 18 Dec 2022 17:39:35 +0000
ROA not before:           Sun 18 Dec 2022 17:39:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51262
IP address blocks:        185.147.8.0/22 maxlen: 22
                          185.147.10.0/23 maxlen: 23
                          185.147.9.0/24 maxlen: 24
                          2a0a:dc01::/32 maxlen: 32
                          2a0a:dc05::/32 maxlen: 32
                          2a0a:dc02::/32 maxlen: 32
                          2a0a:dc00::/32 maxlen: 32
                          2a0a:dc06::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:26:51:d4:f8:8c:7b:a1:c9:3a:cf:f0:1f:99:04:59:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
        Validity
            Not Before: Dec 18 17:39:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4c55dc7ea890ad9ed32c860e7b47d33b1c03b52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:6a:fc:78:6b:81:44:ca:df:e0:c2:90:20:12:
                    a3:6e:7c:00:f0:06:5d:a9:db:bd:e4:32:68:36:2f:
                    ee:f3:7b:be:a0:52:70:af:60:b0:e3:5c:8c:9f:ee:
                    6e:bf:c7:08:63:58:4d:d1:15:ca:c0:4d:5f:e1:54:
                    8a:46:d5:35:27:6f:12:e4:a3:da:e6:fe:11:f3:0a:
                    52:08:08:8d:9d:a2:ca:e4:53:3e:26:81:c6:cf:f0:
                    91:18:ab:22:e5:07:a8:77:1a:7e:69:44:3e:63:42:
                    16:07:a7:24:ba:6a:95:67:66:b8:f8:f6:b8:83:dc:
                    c9:b0:4a:46:f7:0c:eb:45:f3:3c:01:ae:a9:08:44:
                    bb:7e:20:ec:9a:38:c9:ac:37:ff:0e:a7:7c:0f:8b:
                    b0:04:dc:15:63:cd:43:75:fc:5f:00:10:e9:c6:84:
                    05:37:30:7b:cb:b2:29:77:e5:b0:fa:76:bc:51:12:
                    79:74:78:d9:cf:b6:78:42:ea:3e:0d:a0:2e:a8:16:
                    71:11:c2:a8:99:0f:a5:58:5c:64:b8:d6:ea:1e:ea:
                    2c:d1:ff:15:c1:a1:d4:b5:0c:a5:95:e2:23:d2:ee:
                    9a:bc:08:71:a7:d7:e9:f9:89:2e:72:f6:ea:ca:0b:
                    c8:6e:ad:94:43:e8:4e:78:74:5d:95:1e:53:f3:62:
                    a3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:C5:5D:C7:EA:89:0A:D9:ED:32:C8:60:E7:B4:7D:33:B1:C0:3B:52
            X509v3 Authority Key Identifier:
                keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/tMVdx-qJCtntMshg57R9M7HAO1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.147.8.0/22
                IPv6:
                  2a0a:dc00::-2a0a:dc02:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0a:dc05::-2a0a:dc06:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         0e:cb:4d:82:c6:9f:e0:6c:53:bd:5c:b1:ae:de:83:9f:dc:5a:
         1b:ab:e0:41:f0:1c:c7:21:10:47:13:53:1a:62:05:d8:22:9b:
         71:6d:fe:17:ee:e7:91:2b:6d:a8:ab:0a:26:61:a4:a1:51:32:
         8f:95:c3:44:a5:5a:a2:43:21:41:c3:35:5e:d2:77:e6:8b:a5:
         49:b9:04:07:28:bb:43:bc:ea:57:fe:22:dc:b5:b2:1d:fc:17:
         e0:27:12:ba:95:e4:59:ca:b4:ec:64:f6:fc:f6:c2:b5:51:40:
         04:90:4a:65:a1:0c:eb:33:be:55:7e:0e:04:b6:f3:18:50:27:
         fd:84:99:8e:b5:4f:93:12:bb:00:43:d3:26:d4:60:22:fd:31:
         37:ce:56:ca:ac:6c:40:c8:b0:52:99:6c:c5:96:87:6d:2d:62:
         ed:60:80:ef:b8:77:12:df:8f:19:78:c4:5d:95:f9:b5:b1:c5:
         f8:b3:cf:97:b2:d9:5b:db:1f:aa:fe:0c:65:9e:3b:b6:b8:b9:
         cc:79:94:f0:bb:c7:8b:4a:48:57:55:82:dc:d4:85:4b:6b:0b:
         b6:c6:da:ff:0e:63:93:81:d8:26:58:f8:fd:3b:fe:8a:c2:e9:
         c5:04:7c:5b:3a:e7:45:28:be:74:d8:94:60:e0:88:c1:5f:3e:
         94:08:78:4e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUmUdT4jHuhyTrP8B+ZBFmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjIxMjE4MTczOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM1NWRjN2VhODkwYWQ5ZWQzMmM4NjBlN2I0N2QzM2IxYzAzYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWr8eGuBRMrf4MKQIBKjbnwA8AZd
qdu95DJoNi/u83u+oFJwr2Cw41yMn+5uv8cIY1hN0RXKwE1f4VSKRtU1J28S5KPa
5v4R8wpSCAiNnaLK5FM+JoHGz/CRGKsi5Qeodxp+aUQ+Y0IWB6ckumqVZ2a4+Pa4
g9zJsEpG9wzrRfM8Aa6pCES7fiDsmjjJrDf/Dqd8D4uwBNwVY81DdfxfABDpxoQF
NzB7y7Ipd+Ww+na8URJ5dHjZz7Z4Quo+DaAuqBZxEcKomQ+lWFxkuNbqHuos0f8V
waHUtQylleIj0u6avAhxp9fp+YkucvbqygvIbq2UQ+hOeHRdlR5T82Kj2wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLTFXcfqiQrZ7TLIYOe0fTOxwDtSMB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvdE1WZHgtcUpDdG50TXNoZzU3UjlNN0hBTzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAMBAIAATAGAwQCuZMIMCUE
AgACMB8wDQMEAioK3AMFACoK3AIwDgMFACoK3AUDBQAqCtwGMA0GCSqGSIb3DQEB
CwUAA4IBAQAOy02Cxp/gbFO9XLGu3oOf3Fobq+BB8BzHIRBHE1MaYgXYIptxbf4X
7ueRK22oqwomYaShUTKPlcNEpVqiQyFBwzVe0nfmi6VJuQQHKLtDvOpX/iLctbId
/BfgJxK6leRZyrTsZPb89sK1UUAEkEploQzrM75Vfg4EtvMYUCf9hJmOtU+TErsA
Q9Mm1GAi/TE3zlbKrGxAyLBSmWzFlodtLWLtYIDvuHcS348ZeMRdlfm1scX4s8+X
stlb2x+q/gxlnju2uLnMeZTwu8eLSkhXVYLc1IVLawu2xtr/DmOTgdgmWPj9O/6K
wunFBHxbOudFKL502JRg4IjBXz6UCHhO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:09 2024 by rpki-client on console-fra.rpki-client.org