Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/ro6e1mrpsymLiiYpB0uDu6P7LNA.roa
File:                     ro6e1mrpsymLiiYpB0uDu6P7LNA.roa (raw, json)
Hash identifier:          yFbrfH1YMmKcrE8HyEZ9M8ES78WrQD5zZ4LYQti4P6g=
Subject key identifier:   AE:8E:9E:D6:6A:E9:B3:29:8B:8A:26:29:07:4B:83:BB:A3:FB:2C:D0
Certificate issuer:       /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial:       01856F0B57CABC9E315E7E4763D0D36B0A03
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/ro6e1mrpsymLiiYpB0uDu6P7LNA.roa
Signing time:             Sun 01 Jan 2023 20:34:52 +0000
ROA not before:           Sun 01 Jan 2023 20:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61046
IP address blocks:        91.193.16.0/23 maxlen: 23
                          77.83.197.0/24 maxlen: 24
                          188.119.148.0/23 maxlen: 23
                          193.42.37.0/24 maxlen: 24
                          5.149.250.0/23 maxlen: 23
                          185.81.112.0/23 maxlen: 23
                          79.141.170.0/23 maxlen: 23
                          79.141.172.0/24 maxlen: 24
                          2a01:8640:7::/48 maxlen: 48
                          2a01:8640:1::/48 maxlen: 48
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:57:ca:bc:9e:31:5e:7e:47:63:d0:d3:6b:0a:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
        Validity
            Not Before: Jan  1 20:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae8e9ed66ae9b3298b8a2629074b83bba3fb2cd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:58:16:7b:b4:7d:88:70:6d:ab:2c:ca:74:11:
                    3f:65:db:c1:1a:a1:ce:80:41:8e:0d:11:7e:ae:c2:
                    6e:5d:c5:ca:a4:de:ac:20:f1:f3:e7:9b:16:60:01:
                    5a:4b:55:a5:6b:55:bf:56:b2:99:4a:ed:e7:39:6f:
                    cc:74:64:c1:93:1b:4d:2c:1b:6c:26:3c:a9:e3:7a:
                    fb:a9:fc:06:dd:df:cf:db:ec:cd:d5:25:9e:9f:5f:
                    91:ad:a0:0e:e5:42:85:d4:d0:e2:a9:e3:30:53:c9:
                    fc:24:fc:33:ee:db:e7:45:ce:9f:48:0b:7c:43:cf:
                    3f:00:e0:76:e5:08:17:ec:62:62:95:67:7d:9c:5d:
                    ed:e1:cc:85:64:34:90:c3:46:3b:39:d4:cb:d1:76:
                    24:b1:b5:5f:e6:ba:ee:6e:be:73:9d:44:e8:51:99:
                    f0:eb:d1:5a:0f:62:cc:d8:f8:95:b4:15:52:d5:7e:
                    45:47:86:7b:00:fe:57:f6:ca:d2:45:b9:e7:41:73:
                    e3:bb:cc:0a:8e:21:15:30:be:39:5c:62:0c:85:9e:
                    ad:e7:1b:0e:5a:df:db:3b:49:8d:6c:87:35:15:e3:
                    2b:66:08:a3:72:6f:8a:af:7a:f0:d5:e9:57:fa:88:
                    cf:ed:47:bb:6c:d1:42:ef:b7:ba:53:e0:97:6a:0b:
                    48:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:8E:9E:D6:6A:E9:B3:29:8B:8A:26:29:07:4B:83:BB:A3:FB:2C:D0
            X509v3 Authority Key Identifier:
                keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/ro6e1mrpsymLiiYpB0uDu6P7LNA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.149.250.0/23
                  77.83.197.0/24
                  79.141.170.0-79.141.172.255
                  91.193.16.0/23
                  185.81.112.0/23
                  188.119.148.0/23
                  193.42.37.0/24
                IPv6:
                  2a01:8640:1::/48
                  2a01:8640:7::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:8f:6b:93:52:a6:ef:24:18:fa:fe:81:df:2e:e1:f0:a6:53:
         c4:8e:53:0a:32:b2:0c:60:bb:00:da:38:94:76:5e:30:f3:1f:
         08:22:6d:9e:14:2f:86:43:7e:9b:95:e1:f2:09:80:b6:e8:07:
         ba:07:9b:83:11:c7:59:72:f8:c0:9a:84:46:53:35:31:1d:6a:
         3a:42:fe:b6:9f:5d:91:e3:f8:45:6a:60:25:1d:c9:d6:1e:76:
         16:ff:a4:07:c8:ad:63:48:f2:5e:5c:0d:70:19:e0:be:d3:ed:
         67:7d:ad:00:43:2f:c4:c5:15:24:3a:ba:69:98:db:f6:15:07:
         39:72:87:95:d7:3e:96:f7:6a:a4:6c:04:1b:d7:3d:c1:97:a5:
         b4:8f:d4:53:db:94:21:fb:2a:f2:54:96:ee:a1:0c:76:5c:23:
         2e:e3:b7:7c:4d:5d:d8:6c:09:6b:0b:3b:4d:7c:80:29:b6:9f:
         c5:0e:74:ae:70:7b:12:19:d1:2c:23:f6:3c:22:2e:a1:65:61:
         d4:b4:2a:32:e6:cc:03:82:12:e7:ac:03:a5:35:bc:0f:62:f0:
         d3:c5:70:6b:fc:43:e3:08:d4:1d:79:da:af:1e:19:f4:db:7e:
         42:75:12:b0:c1:c3:4f:59:d8:61:14:0e:4b:20:54:7d:a9:1d:
         a6:38:b1:a2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVvC1fKvJ4xXn5HY9DTawoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjMwMTAxMjAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThlOWVkNjZhZTliMzI5OGI4YTI2MjkwNzRiODNiYmEzZmIyY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1gWe7R9iHBtqyzKdBE/ZdvBGqHO
gEGODRF+rsJuXcXKpN6sIPHz55sWYAFaS1Wla1W/VrKZSu3nOW/MdGTBkxtNLBts
Jjyp43r7qfwG3d/P2+zN1SWen1+RraAO5UKF1NDiqeMwU8n8JPwz7tvnRc6fSAt8
Q88/AOB25QgX7GJilWd9nF3t4cyFZDSQw0Y7OdTL0XYksbVf5rrubr5znUToUZnw
69FaD2LM2PiVtBVS1X5FR4Z7AP5X9srSRbnnQXPju8wKjiEVML45XGIMhZ6t5xsO
Wt/bO0mNbIc1FeMrZgijcm+Kr3rw1elX+ojP7Ue7bNFC77e6U+CXagtICQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFK6OntZq6bMpi4omKQdLg7uj+yzQMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvcm82ZTFtcnBzeW1MaWlZcEIwdUR1NlA3TE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA4BAIAATAyAwQBBZX6AwQA
TVPFMAwDBAFPjaoDBABPjawDBAFbwRADBAG5UXADBAG8d5QDBADBKiUwGAQCAAIw
EgMHACoBhkAAAQMHACoBhkAABzANBgkqhkiG9w0BAQsFAAOCAQEAlY9rk1Km7yQY
+v6B3y7h8KZTxI5TCjKyDGC7ANo4lHZeMPMfCCJtnhQvhkN+m5Xh8gmAtugHugeb
gxHHWXL4wJqERlM1MR1qOkL+tp9dkeP4RWpgJR3J1h52Fv+kB8itY0jyXlwNcBng
vtPtZ32tAEMvxMUVJDq6aZjb9hUHOXKHldc+lvdqpGwEG9c9wZeltI/UU9uUIfsq
8lSW7qEMdlwjLuO3fE1d2GwJaws7TXyAKbafxQ50rnB7EhnRLCP2PCIuoWVh1LQq
MubMA4IS56wDpTW8D2Lw08Vwa/xD4wjUHXnarx4Z9Nt+QnUSsMHDT1nYYRQOSyBU
fakdpjixog==
-----END CERTIFICATE-----