Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/UgFF3nDanYSmvtKDKy9ZS7JyT_4.roa
File:                     UgFF3nDanYSmvtKDKy9ZS7JyT_4.roa (raw, json)
Hash identifier:          Ee9gZsHg+XTFUP6IgTKtErw08rdD1SRk/bei4zosijg=
Subject key identifier:   52:01:45:DE:70:DA:9D:84:A6:BE:D2:83:2B:2F:59:4B:B2:72:4F:FE
Certificate issuer:       /CN=58ce32a57bd4169e5bddb498aa5507ef834e4772
Certificate serial:       01821F8590DC2B243037A5C4A91420C6D2EC
Authority key identifier: 58:CE:32:A5:7B:D4:16:9E:5B:DD:B4:98:AA:55:07:EF:83:4E:47:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WM4ypXvUFp5b3bSYqlUH74NOR3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/UgFF3nDanYSmvtKDKy9ZS7JyT_4.roa
Signing time:             Thu 21 Jul 2022 06:50:23 +0000
ROA not before:           Thu 21 Jul 2022 06:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        195.64.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1f:85:90:dc:2b:24:30:37:a5:c4:a9:14:20:c6:d2:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58ce32a57bd4169e5bddb498aa5507ef834e4772
        Validity
            Not Before: Jul 21 06:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=520145de70da9d84a6bed2832b2f594bb2724ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ce:f6:cd:1f:80:2a:13:6d:8b:f9:e2:ca:b7:
                    78:db:d5:f4:88:20:00:14:1e:4b:4b:0a:5d:1e:de:
                    c7:22:da:c6:ae:44:29:38:7f:83:c9:37:30:bd:90:
                    01:90:d0:32:9f:f8:9a:c4:03:6f:f4:6e:b9:95:7a:
                    4a:22:48:32:01:9a:0b:ca:25:65:28:e3:00:27:c8:
                    9c:79:c2:79:29:20:44:04:8c:96:0a:45:6d:78:7a:
                    d7:60:e7:5d:79:ad:f2:2b:98:5f:a0:c5:17:8e:bc:
                    ef:44:1a:41:13:81:68:31:28:38:2e:f4:4b:b3:9f:
                    4b:7b:0f:2a:01:b5:74:cd:31:3f:d9:2e:74:ed:45:
                    03:4c:91:df:bb:8b:08:4f:1f:d7:ea:48:ed:97:8b:
                    41:b6:6d:d2:92:90:73:1b:0a:09:4c:0e:77:28:aa:
                    b6:66:28:dd:4e:d9:13:e5:2a:dc:37:b9:7f:ed:ba:
                    98:c5:b9:da:21:1a:b6:73:94:49:5e:1f:37:5a:69:
                    40:95:75:3e:ac:f1:c5:04:8b:3c:27:b3:e8:a6:42:
                    53:8b:e0:69:1c:20:d9:18:e3:f4:5e:fb:74:5a:8f:
                    a7:26:71:82:f1:f4:ae:a8:30:ad:bb:18:a8:78:4e:
                    e0:51:92:95:e9:ba:89:d8:36:df:73:57:fa:fd:9e:
                    8d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:01:45:DE:70:DA:9D:84:A6:BE:D2:83:2B:2F:59:4B:B2:72:4F:FE
            X509v3 Authority Key Identifier:
                keyid:58:CE:32:A5:7B:D4:16:9E:5B:DD:B4:98:AA:55:07:EF:83:4E:47:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WM4ypXvUFp5b3bSYqlUH74NOR3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/UgFF3nDanYSmvtKDKy9ZS7JyT_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5e4f7a-0a1c-4f07-b2da-673de700f112/1/WM4ypXvUFp5b3bSYqlUH74NOR3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:4b:c4:6c:78:8b:69:30:b8:46:6d:5c:13:12:89:85:30:aa:
         20:b8:a1:e5:ad:64:49:10:90:78:9c:11:ff:92:82:51:a5:bc:
         65:bd:e6:8c:35:91:d9:e2:b4:2e:3f:bc:b4:a2:3a:83:8e:f2:
         96:37:bd:71:ca:e7:0d:a2:6f:23:a7:4d:77:74:0b:6e:e2:41:
         9d:81:17:5a:09:9e:22:4a:ac:6c:e9:95:af:08:45:e0:58:33:
         b4:bf:7e:38:c0:8b:cc:7f:23:4e:24:c7:15:f8:1b:92:1b:1f:
         e1:d8:b3:ee:fd:b0:67:ed:23:06:2f:93:e6:d4:ce:e2:4a:cd:
         e6:aa:1a:46:19:da:6c:dc:5b:ef:db:19:cd:80:21:0a:9d:90:
         9a:34:1b:2a:19:d8:e0:7f:90:fe:20:65:ae:29:66:90:0f:33:
         24:67:76:2b:7b:fa:3d:3c:57:9f:15:dd:54:1a:85:a6:34:7d:
         e3:0a:be:30:91:ec:3e:f8:0a:2f:fd:33:10:e9:d6:ae:a5:74:
         93:65:2c:00:a1:52:5b:e0:a8:4a:46:1f:d9:ad:7c:a5:c4:b9:
         76:f2:27:c7:0d:f5:8f:05:31:9c:81:b0:be:f5:de:47:3c:2b:
         af:f2:6f:46:28:70:c5:7d:cd:63:7e:e4:fa:63:8a:0d:f9:72:
         df:12:8e:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIfhZDcKyQwN6XEqRQgxtLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Y2UzMmE1N2JkNDE2OWU1YmRkYjQ5OGFhNTUwN2VmODM0
ZTQ3NzIwHhcNMjIwNzIxMDY1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAxNDVkZTcwZGE5ZDg0YTZiZWQyODMyYjJmNTk0YmIyNzI0ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc72zR+AKhNti/niyrd429X0iCAA
FB5LSwpdHt7HItrGrkQpOH+DyTcwvZABkNAyn/iaxANv9G65lXpKIkgyAZoLyiVl
KOMAJ8icecJ5KSBEBIyWCkVteHrXYOddea3yK5hfoMUXjrzvRBpBE4FoMSg4LvRL
s59Lew8qAbV0zTE/2S507UUDTJHfu4sITx/X6kjtl4tBtm3SkpBzGwoJTA53KKq2
ZijdTtkT5SrcN7l/7bqYxbnaIRq2c5RJXh83WmlAlXU+rPHFBIs8J7PopkJTi+Bp
HCDZGOP0Xvt0Wo+nJnGC8fSuqDCtuxioeE7gUZKV6bqJ2Dbfc1f6/Z6N4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIBRd5w2p2Epr7SgysvWUuyck/+MB8GA1UdIwQY
MBaAFFjOMqV71BaeW920mKpVB++DTkdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV000eXBYdlVGcDViM2JTWXFsVUg3NE5PUjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZTRmN2EtMGExYy00ZjA3LWIyZGEt
NjczZGU3MDBmMTEyLzEvVWdGRjNuRGFuWVNtdnRLREt5OVpTN0p5VF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZTRmN2EtMGExYy00ZjA3LWIyZGEtNjczZGU3MDBmMTEy
LzEvV000eXBYdlVGcDViM2JTWXFsVUg3NE5PUjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B3MA0G
CSqGSIb3DQEBCwUAA4IBAQBXS8RseItpMLhGbVwTEomFMKoguKHlrWRJEJB4nBH/
koJRpbxlveaMNZHZ4rQuP7y0ojqDjvKWN71xyucNom8jp013dAtu4kGdgRdaCZ4i
Sqxs6ZWvCEXgWDO0v344wIvMfyNOJMcV+BuSGx/h2LPu/bBn7SMGL5Pm1M7iSs3m
qhpGGdps3Fvv2xnNgCEKnZCaNBsqGdjgf5D+IGWuKWaQDzMkZ3Yre/o9PFefFd1U
GoWmNH3jCr4wkew++Aov/TMQ6daupXSTZSwAoVJb4KhKRh/ZrXylxLl28ifHDfWP
BTGcgbC+9d5HPCuv8m9GKHDFfc1jfuT6Y4oN+XLfEo43
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:18 2023 by rpki-client on console-ams.rpki-client.org