Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/bVcY-flbkD0jCYrja6h03LUs4IU.roa
File:                     bVcY-flbkD0jCYrja6h03LUs4IU.roa (raw, json)
Hash identifier:          /HcIyc6NHO3kCwqir0nG9uQJerxmtiP6/jOKut4ukjk=
Subject key identifier:   6D:57:18:F9:F9:5B:90:3D:23:09:8A:E3:6B:A8:74:DC:B5:2C:E0:85
Certificate issuer:       /CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
Certificate serial:       1C5F8692
Authority key identifier: 13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/bVcY-flbkD0jCYrja6h03LUs4IU.roa
Signing time:             Sat 01 Jan 2022 06:56:15 +0000
ROA not before:           Sat 01 Jan 2022 06:56:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30058
IP address blocks:        185.5.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 476022418 (0x1c5f8692)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
        Validity
            Not Before: Jan  1 06:56:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d5718f9f95b903d23098ae36ba874dcb52ce085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:56:70:95:7c:15:ee:6d:99:39:5a:d7:3b:c5:
                    94:bc:f4:f1:eb:23:97:89:25:59:72:9c:29:e2:1d:
                    98:58:5e:da:7d:5b:b6:d7:f3:51:ad:01:6c:3b:bb:
                    f8:99:11:6d:3e:b1:e3:01:57:c9:72:1f:0f:22:6e:
                    3b:6a:e9:a7:ea:37:9e:84:38:8d:6a:ab:3c:ef:a3:
                    a1:1d:d9:5d:92:65:79:45:bf:07:64:2b:21:21:de:
                    d8:67:f2:56:e7:5e:38:be:66:d5:3f:f2:64:64:fe:
                    91:ae:a4:49:c6:78:ff:ff:81:19:44:f5:fa:d0:88:
                    94:27:63:64:e0:41:41:a2:82:10:06:54:90:c5:79:
                    5a:38:86:21:21:8a:9d:36:67:6b:36:89:eb:a8:62:
                    69:0b:11:26:7c:13:fb:24:15:d9:84:48:db:09:7b:
                    8d:d4:61:8a:b5:19:db:91:e6:d9:da:a5:be:6f:07:
                    65:af:14:5f:83:35:aa:db:cc:da:97:2c:41:64:35:
                    f1:d8:f8:25:b6:d9:20:24:7c:a8:6b:1b:5f:f0:c6:
                    26:95:a7:95:ba:9c:95:7b:1c:9c:75:c6:2d:ab:74:
                    05:55:50:a7:7f:4e:76:f1:b9:6d:77:e7:ce:b6:1b:
                    a5:59:0e:ad:56:4d:5d:64:fe:a6:89:1a:dd:08:60:
                    02:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:57:18:F9:F9:5B:90:3D:23:09:8A:E3:6B:A8:74:DC:B5:2C:E0:85
            X509v3 Authority Key Identifier:
                keyid:13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/bVcY-flbkD0jCYrja6h03LUs4IU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/EzzXwanHnILu5chqQjwXwdY8NBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.5.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:0c:4b:48:d0:68:da:6f:36:14:2b:86:fd:1e:be:bb:35:79:
         80:bd:e0:9e:fb:7f:07:66:17:5d:7e:b9:c6:be:79:eb:87:f1:
         31:98:ae:0d:9f:05:80:f8:f4:a7:63:d5:66:24:df:94:01:ea:
         b2:ec:44:5f:0d:12:5e:e6:d3:e0:ba:39:5c:e3:a6:29:97:ce:
         51:03:0a:fc:dd:84:61:2c:5a:f8:40:8a:a9:c6:d7:09:7d:c3:
         fd:1f:ca:62:5f:94:e3:3a:d6:8b:cc:4b:ac:dc:11:58:e1:bf:
         6d:66:8c:94:ee:57:bb:cc:e7:22:ef:41:f1:9a:af:7b:fd:33:
         39:2c:9b:27:3d:94:83:5f:aa:20:4b:ff:b3:68:2d:f5:0a:0b:
         bd:57:45:0d:a6:e1:8c:3a:07:40:f0:b6:15:d5:7b:4f:aa:42:
         eb:ed:f5:ce:98:da:89:ec:eb:0d:b8:f9:02:d1:b3:3b:49:44:
         66:4f:20:fb:00:04:ee:71:be:3f:29:e9:01:44:3d:47:0f:5b:
         cb:1e:70:f8:71:5d:86:68:de:bb:cb:f5:f8:d2:07:40:a4:c1:
         2d:04:8b:a2:b7:6b:cf:91:4d:e5:e1:5b:20:0d:a2:14:2d:b9:
         bb:62:d8:11:b0:30:ab:a5:ad:23:b9:57:74:0b:26:f8:89:c0:
         5c:3b:66:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHF+GkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzNjZDdjMWE5Yzc5YzgyZWVlNWM4NmE0MjNjMTdjMWQ2M2MzNDEzMB4XDTIyMDEw
MTA2NTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ1NzE4ZjlmOTVi
OTAzZDIzMDk4YWUzNmJhODc0ZGNiNTJjZTA4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhWcJV8Fe5tmTla1zvFlLz08esjl4klWXKcKeIdmFhe2n1b
ttfzUa0BbDu7+JkRbT6x4wFXyXIfDyJuO2rpp+o3noQ4jWqrPO+joR3ZXZJleUW/
B2QrISHe2GfyVudeOL5m1T/yZGT+ka6kScZ4//+BGUT1+tCIlCdjZOBBQaKCEAZU
kMV5WjiGISGKnTZnazaJ66hiaQsRJnwT+yQV2YRI2wl7jdRhirUZ25Hm2dqlvm8H
Za8UX4M1qtvM2pcsQWQ18dj4JbbZICR8qGsbX/DGJpWnlbqclXscnHXGLat0BVVQ
p39OdvG5bXfnzrYbpVkOrVZNXWT+poka3QhgAk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtVxj5+VuQPSMJiuNrqHTctSzghTAfBgNVHSMEGDAWgBQTPNfBqcecgu7l
yGpCPBfB1jw0EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0V6elh3YW5IbklMdTVjaHFRandYd2RZOE5CTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvODJjMGEyLTgwNGItNDQ2ZC1hYjI0LTRmMzhjNjU2YjI1Ni8x
L2JWY1ktZmxia0QwakNZcmphNmgwM0xVczRJVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ODJjMGEyLTgwNGItNDQ2ZC1hYjI0LTRmMzhjNjU2YjI1Ni8xL0V6elh3YW5IbklM
dTVjaHFRandYd2RZOE5CTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkFLzANBgkqhkiG9w0BAQsFAAOC
AQEAdQxLSNBo2m82FCuG/R6+uzV5gL3gnvt/B2YXXX65xr5564fxMZiuDZ8FgPj0
p2PVZiTflAHqsuxEXw0SXubT4Lo5XOOmKZfOUQMK/N2EYSxa+ECKqcbXCX3D/R/K
Yl+U4zrWi8xLrNwRWOG/bWaMlO5Xu8znIu9B8Zqve/0zOSybJz2Ug1+qIEv/s2gt
9QoLvVdFDabhjDoHQPC2FdV7T6pC6+31zpjaiezrDbj5AtGzO0lEZk8g+wAE7nG+
PynpAUQ9Rw9byx5w+HFdhmjeu8v1+NIHQKTBLQSLordrz5FN5eFbIA2iFC25u2LY
EbAwq6WtI7lXdAsm+InAXDtmyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:09 2024 by rpki-client on console-fra.rpki-client.org