Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/pIyHWg1dzQilbGZejYkI_hbPxos.roa
File:                     pIyHWg1dzQilbGZejYkI_hbPxos.roa (raw, json)
Hash identifier:          pLLaeln+P63OEOo8l6SslCnhyciNr/xh2zhVkWx+SDY=
Subject key identifier:   A4:8C:87:5A:0D:5D:CD:08:A5:6C:66:5E:8D:89:08:FE:16:CF:C6:8B
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       0183A6CB0298647A2BFF5455DC023AC45A56
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/pIyHWg1dzQilbGZejYkI_hbPxos.roa
Signing time:             Wed 05 Oct 2022 06:17:45 +0000
ROA not before:           Wed 05 Oct 2022 06:17:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16305
IP address blocks:        80.75.40.0/21 maxlen: 21
                          80.75.48.0/22 maxlen: 22
                          80.75.36.0/22 maxlen: 22
                          80.75.32.0/24 maxlen: 24
                          80.75.33.0/24 maxlen: 24
                          80.75.35.0/24 maxlen: 24
                          194.48.128.0/24 maxlen: 24
                          194.48.129.0/24 maxlen: 24
                          194.48.130.0/24 maxlen: 24
                          194.48.131.0/24 maxlen: 24
                          194.48.132.0/22 maxlen: 22
                          194.48.137.0/24 maxlen: 24
                          194.48.138.0/24 maxlen: 24
                          194.48.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a6:cb:02:98:64:7a:2b:ff:54:55:dc:02:3a:c4:5a:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Oct  5 06:17:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a48c875a0d5dcd08a56c665e8d8908fe16cfc68b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:05:28:a1:ec:be:48:2b:73:28:43:98:6a:fc:
                    f7:d8:d7:6f:3e:6c:b9:fb:de:0d:e3:95:b2:25:4a:
                    5d:ec:99:64:29:4b:9d:c9:88:b1:42:c2:54:5a:97:
                    1a:22:27:46:6e:b9:97:17:08:c2:a1:20:48:ed:da:
                    4d:40:e0:f4:c2:db:b1:b5:18:86:57:7d:09:63:b3:
                    09:d2:19:46:75:7d:3a:04:46:ba:86:d2:60:da:4d:
                    3a:67:60:6e:89:6b:9e:55:92:31:ac:75:6e:56:df:
                    98:0b:00:b6:2b:a7:5a:e6:48:1a:e0:28:f3:a0:3d:
                    12:11:ca:b6:1f:de:64:2f:a0:42:94:40:af:2a:49:
                    98:9d:bb:73:e9:3d:3b:2c:5d:ae:1d:68:15:04:85:
                    fc:20:fc:b9:e6:37:1d:58:8f:fb:9b:9b:be:8e:3b:
                    75:d4:e5:56:c7:de:2c:af:71:39:91:7d:c6:65:08:
                    6f:57:ed:f7:b9:f0:fc:ad:b7:74:a4:c6:c2:74:91:
                    17:21:c0:03:a5:a9:54:7a:47:23:2f:ed:fa:51:d3:
                    0a:37:e3:83:1f:24:da:42:a2:01:0a:35:b4:1d:e2:
                    b6:5e:28:a9:a7:0e:fb:87:a5:81:30:9f:f3:f1:fb:
                    a6:f8:a2:c1:47:9a:67:68:20:8e:02:8f:df:f9:e2:
                    8b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:8C:87:5A:0D:5D:CD:08:A5:6C:66:5E:8D:89:08:FE:16:CF:C6:8B
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/pIyHWg1dzQilbGZejYkI_hbPxos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.75.32.0/23
                  80.75.35.0-80.75.51.255
                  194.48.128.0/21
                  194.48.137.0-194.48.139.255

    Signature Algorithm: sha256WithRSAEncryption
         8f:d5:e8:b4:b6:80:dd:9b:f0:c1:5b:b7:2d:ae:60:35:fa:99:
         69:c0:b5:7b:3c:b7:6a:54:ea:3a:6d:5e:01:94:b4:dc:7c:38:
         9d:52:a9:c6:82:2b:98:44:2a:2c:5b:bf:f2:76:8f:c4:9e:61:
         66:d5:01:13:3e:0d:95:a4:17:d6:63:66:75:52:c2:57:6b:d0:
         b0:84:68:ea:d7:d7:6d:f8:cf:12:55:e2:fa:b1:f5:0e:e5:e4:
         e9:0e:63:4c:32:dc:c2:07:5b:96:93:02:6d:0b:d7:3f:e7:d4:
         f9:f9:65:d7:39:d8:99:d9:db:26:65:2c:3c:3e:dd:0d:7e:a8:
         19:ad:9b:5c:d2:35:e1:e8:85:d8:95:ad:24:a3:b6:70:2f:ca:
         01:60:0c:a2:17:b3:9f:69:7f:72:46:a5:07:0c:56:4a:e0:f8:
         c1:5f:de:cf:59:e6:00:06:10:71:05:e0:34:9f:ec:cd:0c:96:
         47:ae:05:5d:7b:30:df:a5:99:71:c5:19:f3:fb:ce:d1:d4:cb:
         1e:73:2f:2e:1d:65:8c:37:52:1b:7e:e4:e9:75:19:8e:b2:a1:
         d8:53:db:ba:eb:98:e7:48:a6:64:b6:e6:2d:52:35:c7:e4:f3:
         28:51:3e:d1:dd:69:c2:9d:05:07:a5:f1:64:c5:d3:4a:e6:73:
         fe:51:74:a2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYOmywKYZHor/1RV3AI6xFpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIxMDA1MDYxNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhjODc1YTBkNWRjZDA4YTU2YzY2NWU4ZDg5MDhmZTE2Y2ZjNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAUooey+SCtzKEOYavz32NdvPmy5
+94N45WyJUpd7JlkKUudyYixQsJUWpcaIidGbrmXFwjCoSBI7dpNQOD0wtuxtRiG
V30JY7MJ0hlGdX06BEa6htJg2k06Z2BuiWueVZIxrHVuVt+YCwC2K6da5kga4Cjz
oD0SEcq2H95kL6BClECvKkmYnbtz6T07LF2uHWgVBIX8IPy55jcdWI/7m5u+jjt1
1OVWx94sr3E5kX3GZQhvV+33ufD8rbd0pMbCdJEXIcADpalUekcjL+36UdMKN+OD
HyTaQqIBCjW0HeK2Xiippw77h6WBMJ/z8fum+KLBR5pnaCCOAo/f+eKL8QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKSMh1oNXc0IpWxmXo2JCP4Wz8aLMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvcEl5SFdnMWR6UWlsYkdaZWpZa0lfaGJQeG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBUEsgMAwD
BABQSyMDBAJQSzADBAPCMIAwDAMEAMIwiQMEAsIwiDANBgkqhkiG9w0BAQsFAAOC
AQEAj9XotLaA3ZvwwVu3La5gNfqZacC1ezy3alTqOm1eAZS03Hw4nVKpxoIrmEQq
LFu/8naPxJ5hZtUBEz4NlaQX1mNmdVLCV2vQsIRo6tfXbfjPElXi+rH1DuXk6Q5j
TDLcwgdblpMCbQvXP+fU+fll1znYmdnbJmUsPD7dDX6oGa2bXNI14eiF2JWtJKO2
cC/KAWAMohezn2l/ckalBwxWSuD4wV/ez1nmAAYQcQXgNJ/szQyWR64FXXsw36WZ
ccUZ8/vO0dTLHnMvLh1ljDdSG37k6XUZjrKh2FPbuuuY50imZLbmLVI1x+TzKFE+
0d1pwp0FB6XxZMXTSuZz/lF0og==
-----END CERTIFICATE-----