Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VtWRevIkgoROhMQnWe2DNZCm6UQ.roa
File:                     VtWRevIkgoROhMQnWe2DNZCm6UQ.roa (raw, json)
Hash identifier:          JU3ajAkyczTCMV1ksYE6hInwiLp+2uDQgAg6P0ciIgs=
Subject key identifier:   56:D5:91:7A:F2:24:82:84:4E:84:C4:27:59:ED:83:35:90:A6:E9:44
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       178BC96C
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VtWRevIkgoROhMQnWe2DNZCm6UQ.roa
Signing time:             Sat 01 Jan 2022 13:03:16 +0000
ROA not before:           Sat 01 Jan 2022 13:03:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        178.251.229.0/24 maxlen: 32
                          178.251.228.0/24 maxlen: 32
                          178.251.228.0/23 maxlen: 32
                          5.1.74.0/24 maxlen: 32
                          5.1.81.0/24 maxlen: 32
                          2a01:367::/32 maxlen: 32
                          2a01:367:c204::/48 maxlen: 48
                          2a00:f826:3::/48 maxlen: 48
                          2a01:366::/32 maxlen: 32
                          2a01:363::/32 maxlen: 32
                          2a01:367:cff3::/48 maxlen: 48
                          2a01:367:dead::/48 maxlen: 48
                          2a01:365::/32 maxlen: 32
                          2a01:364::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395037036 (0x178bc96c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  1 13:03:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=56d5917af22482844e84c42759ed833590a6e944
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:26:c9:ef:16:4b:4f:44:5d:5c:10:c9:09:58:
                    f7:8a:21:57:cf:ea:0e:59:36:70:10:89:4d:19:2f:
                    47:82:85:6e:2f:b3:21:94:cb:a9:84:f7:37:dc:a2:
                    75:44:ee:56:e5:a3:15:b1:2e:24:01:22:7c:49:ca:
                    19:94:12:0a:08:0f:89:ba:3e:44:1f:ff:4b:99:93:
                    c2:b2:bc:3d:a3:28:e1:14:da:56:c0:35:06:15:6d:
                    98:16:9b:a2:de:e1:6b:30:5a:82:bf:31:56:55:09:
                    b0:7b:14:c0:2c:fa:ec:79:6a:78:fb:84:45:c4:42:
                    6e:41:df:34:fb:c5:be:6d:52:b9:e9:e6:ff:a7:62:
                    9d:9a:d7:00:9d:39:4a:88:ec:5d:69:2a:49:76:c8:
                    6c:0f:79:17:c0:a8:6b:02:0a:2a:f1:c3:18:7e:17:
                    88:f5:9a:87:55:5b:9b:9c:f4:f2:8d:9a:ab:80:f2:
                    11:c8:fc:15:59:98:92:26:3a:ed:b6:c5:ac:44:ca:
                    d1:a8:c9:e3:f2:2e:6d:44:12:bd:0b:a1:18:d6:1b:
                    ff:ab:0d:8c:d4:eb:06:a9:81:97:0e:15:f2:20:4f:
                    bc:1a:d7:82:12:8b:8b:0a:6b:47:28:62:a7:dd:83:
                    f4:84:bd:38:8a:58:b2:7c:75:36:14:d3:57:eb:fd:
                    22:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:D5:91:7A:F2:24:82:84:4E:84:C4:27:59:ED:83:35:90:A6:E9:44
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VtWRevIkgoROhMQnWe2DNZCm6UQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.1.74.0/24
                  5.1.81.0/24
                  178.251.228.0/23
                IPv6:
                  2a00:f826:3::/48
                  2a01:363::-2a01:367:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         84:1b:3f:2b:ef:80:2f:3b:f9:40:fb:9b:f2:eb:94:07:fb:c7:
         9f:dd:62:d9:c7:c7:94:11:f4:d3:17:89:0c:e4:33:79:d4:fd:
         7e:dc:99:4c:01:05:a4:04:69:91:7c:97:88:3e:32:20:39:49:
         82:94:86:42:38:be:0e:db:3d:ea:54:5c:78:4d:7f:0b:2b:30:
         e3:5e:d3:f8:03:13:b2:72:b3:be:88:f4:54:7f:e8:db:11:22:
         7d:b7:a4:89:35:da:2f:9a:84:61:f0:f6:6f:1e:f7:92:05:1e:
         59:01:08:6a:5a:be:61:05:af:e3:61:20:aa:4b:ec:12:2b:24:
         05:f7:54:18:61:7f:16:e9:b4:48:c7:ac:4d:f7:95:d0:53:e4:
         01:7a:e3:ed:b0:15:e1:d1:35:0b:63:e6:31:b1:6f:c3:87:18:
         0b:8b:40:57:2d:34:1f:60:99:e1:43:18:69:bb:90:c8:58:54:
         26:55:58:d0:6b:79:35:06:b7:3d:c0:a0:23:03:2a:2b:0f:33:
         b3:ae:9b:d2:64:f7:46:d9:2b:d3:ea:29:07:66:33:74:3f:d4:
         84:b5:8e:83:9d:60:f8:a3:ab:62:bb:5c:77:f6:93:99:cd:21:
         b0:25:87:31:7b:d7:67:a2:e9:78:64:80:6a:4d:d4:d6:44:8f:
         c8:03:e4:57
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEF4vJbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZkNTkxN2FmMjI0
ODI4NDRlODRjNDI3NTllZDgzMzU5MGE2ZTk0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0mye8WS09EXVwQyQlY94ohV8/qDlk2cBCJTRkvR4KFbi+z
IZTLqYT3N9yidUTuVuWjFbEuJAEifEnKGZQSCggPibo+RB//S5mTwrK8PaMo4RTa
VsA1BhVtmBabot7hazBagr8xVlUJsHsUwCz67HlqePuERcRCbkHfNPvFvm1Suenm
/6dinZrXAJ05SojsXWkqSXbIbA95F8CoawIKKvHDGH4XiPWah1Vbm5z08o2aq4Dy
Ecj8FVmYkiY67bbFrETK0ajJ4/IubUQSvQuhGNYb/6sNjNTrBqmBlw4V8iBPvBrX
ghKLiwprRyhip92D9IS9OIpYsnx1NhTTV+v9Iq8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRW1ZF68iSChE6ExCdZ7YM1kKbpRDAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L1Z0V1JldklrZ29ST2hNUW5XZTJETlpDbTZVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswGAQCAAEwEgMEAAUBSgMEAAUBUQMEAbL75DAfBAIA
AjAZAwcAKgD4JgADMA4DBQAqAQNjAwUDKgEDYDANBgkqhkiG9w0BAQsFAAOCAQEA
hBs/K++ALzv5QPub8uuUB/vHn91i2cfHlBH00xeJDOQzedT9ftyZTAEFpARpkXyX
iD4yIDlJgpSGQji+Dts96lRceE1/Cysw417T+AMTsnKzvoj0VH/o2xEifbekiTXa
L5qEYfD2bx73kgUeWQEIalq+YQWv42EgqkvsEiskBfdUGGF/Fum0SMesTfeV0FPk
AXrj7bAV4dE1C2PmMbFvw4cYC4tAVy00H2CZ4UMYabuQyFhUJlVY0Gt5NQa3PcCg
IwMqKw8zs66b0mT3Rtkr0+opB2YzdD/UhLWOg51g+KOrYrtcd/aTmc0hsCWHMXvX
Z6LpeGSAak3U1kSPyAPkVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org