Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/vf_kpJ46jEVdWDbkD3u75PlXAkA.roa
File:                     vf_kpJ46jEVdWDbkD3u75PlXAkA.roa (raw, json)
Hash identifier:          BAx52kX4g/XDiAhKWKo/EuCj0piliQlz4Sxs5EbBVvU=
Subject key identifier:   BD:FF:E4:A4:9E:3A:8C:45:5D:58:36:E4:0F:7B:BB:E4:F9:57:02:40
Certificate issuer:       /CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
Certificate serial:       12516342
Authority key identifier: 8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/vf_kpJ46jEVdWDbkD3u75PlXAkA.roa
Signing time:             Tue 05 Apr 2022 23:41:53 +0000
ROA not before:           Tue 05 Apr 2022 23:41:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205697
IP address blocks:        195.216.234.0/24 maxlen: 24
                          195.216.238.0/24 maxlen: 24
                          185.161.98.0/24 maxlen: 24
                          185.161.96.0/22 maxlen: 24
                          185.161.96.0/24 maxlen: 24
                          195.216.245.0/24 maxlen: 24
                          185.161.97.0/24 maxlen: 24
                          195.216.247.0/24 maxlen: 24
                          185.161.99.0/24 maxlen: 24
                          2a0b:ef01::/32 maxlen: 32
                          2a0b:ef04::/32 maxlen: 32
                          2a0b:ef05::/32 maxlen: 32
                          2a0b:ef02::/32 maxlen: 32
                          2a0b:ef00::/29 maxlen: 32
                          2a0b:ef03::/32 maxlen: 32
                          2a0b:ef07::/32 maxlen: 32
                          2a0b:ef00::/32 maxlen: 32
                          2a0b:ef06::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 307323714 (0x12516342)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
        Validity
            Not Before: Apr  5 23:41:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bdffe4a49e3a8c455d5836e40f7bbbe4f9570240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bd:c6:ef:57:8c:b7:2f:83:5d:bb:27:ce:44:
                    f0:ff:12:c2:7f:9a:24:33:a2:c3:38:44:01:a6:43:
                    a4:54:a8:97:67:07:0b:4d:f2:12:74:ce:b8:3f:fd:
                    43:b7:1a:f0:83:9c:6e:f4:ad:19:05:3a:cf:13:37:
                    7b:09:e5:d5:39:58:55:39:b8:45:2b:a1:5e:dd:a6:
                    77:79:86:9c:a4:77:8e:58:9a:5c:0d:28:6c:e1:c9:
                    5e:95:09:31:ae:f6:98:f0:d2:a0:f3:e7:6b:bb:f8:
                    54:fd:bd:70:89:98:d2:b4:1d:87:b3:57:6a:db:42:
                    9c:8b:23:05:3a:8a:91:9c:b3:a4:34:f0:fc:9b:71:
                    2b:a8:9e:c9:8c:92:bf:b7:b2:03:53:80:80:6e:b9:
                    78:55:d6:a0:ff:57:09:a9:8e:30:25:63:06:3c:af:
                    66:30:1d:44:ce:71:5c:bf:ef:92:b0:8a:b8:3d:ec:
                    57:e9:08:87:e4:f5:a1:dd:64:79:fb:fe:ae:37:9d:
                    68:af:5f:e2:82:a4:27:a8:b1:84:2a:da:d6:86:cc:
                    e6:ed:e8:19:a3:78:5a:51:b3:bb:ea:54:1d:2f:d2:
                    3d:86:05:57:ac:57:3f:57:63:ae:34:60:06:74:74:
                    aa:63:1b:28:d9:1a:b9:4c:4e:25:02:9c:00:58:14:
                    1e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:FF:E4:A4:9E:3A:8C:45:5D:58:36:E4:0F:7B:BB:E4:F9:57:02:40
            X509v3 Authority Key Identifier:
                keyid:8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/vf_kpJ46jEVdWDbkD3u75PlXAkA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/jlKjlU4w5HU-LgCg74FpZtbWDbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.96.0/22
                  195.216.234.0/24
                  195.216.238.0/24
                  195.216.245.0/24
                  195.216.247.0/24
                IPv6:
                  2a0b:ef00::/29

    Signature Algorithm: sha256WithRSAEncryption
         82:17:30:f1:0a:2d:82:f4:0c:b2:43:fa:97:1c:42:82:70:7e:
         fc:a4:3b:1e:a1:1b:1e:5d:39:51:53:be:b0:0d:04:7a:32:4f:
         ce:0f:b3:92:39:1e:f4:0b:bf:ba:17:d9:a0:4f:12:e8:d8:97:
         89:54:0d:e1:2a:77:ea:a9:08:16:af:ae:f9:4a:52:73:f3:74:
         b5:4b:b3:c5:5f:df:f9:ae:01:98:2e:64:83:01:ba:b9:1e:92:
         16:b1:81:16:5a:92:69:41:b2:e7:43:ee:b5:57:5a:a6:2a:8d:
         28:ed:ae:c8:5c:d9:07:d6:85:01:47:fb:7a:60:d0:8e:b7:38:
         03:77:ce:9c:3c:04:e2:82:80:ea:5a:64:3b:ab:8f:61:a3:35:
         cb:29:ce:6a:30:36:78:4f:b7:4e:73:77:35:22:1c:3d:a9:20:
         73:c7:e3:c5:29:f2:25:53:d4:2a:7b:a5:0a:b7:6d:17:75:7f:
         7f:78:64:ad:ea:07:04:a2:32:b2:84:1e:16:f0:ec:51:d4:73:
         52:5f:99:3c:33:18:03:fc:61:98:4f:aa:7f:1d:8a:6a:7a:44:
         51:14:48:bd:90:aa:b0:44:91:87:2f:15:47:89:f8:52:35:59:
         b2:3a:f6:65:31:2b:d4:cf:e3:70:38:47:06:12:67:89:4a:27:
         01:11:82:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEElFjQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTUyYTM5NTRlMzBlNDc1M2UyZTAwYTBlZjgxNjk2NmQ2ZDYwZGI2MB4XDTIyMDQw
NTIzNDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRmZmU0YTQ5ZTNh
OGM0NTVkNTgzNmU0MGY3YmJiZTRmOTU3MDI0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+9xu9XjLcvg127J85E8P8Swn+aJDOiwzhEAaZDpFSol2cH
C03yEnTOuD/9Q7ca8IOcbvStGQU6zxM3ewnl1TlYVTm4RSuhXt2md3mGnKR3jlia
XA0obOHJXpUJMa72mPDSoPPna7v4VP29cImY0rQdh7NXattCnIsjBTqKkZyzpDTw
/JtxK6ieyYySv7eyA1OAgG65eFXWoP9XCamOMCVjBjyvZjAdRM5xXL/vkrCKuD3s
V+kIh+T1od1kefv+rjedaK9f4oKkJ6ixhCra1obM5u3oGaN4WlGzu+pUHS/SPYYF
V6xXP1djrjRgBnR0qmMbKNkauUxOJQKcAFgUHqECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS9/+SknjqMRV1YNuQPe7vk+VcCQDAfBgNVHSMEGDAWgBSOUqOVTjDkdT4u
AKDvgWlm1tYNtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2psS2psVTR3NUhVLUxnQ2c3NEZwWnRiV0RiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMTE3N2EyLTIxOWMtNGI2MC1iOTAxLWI4NTZkYjMzYzZjNi8x
L3ZmX2twSjQ2akVWZFdEYmtEM3U3NVBsWEFrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MTE3N2EyLTIxOWMtNGI2MC1iOTAxLWI4NTZkYjMzYzZjNi8xL2psS2psVTR3NUhV
LUxnQ2c3NEZwWnRiV0RiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEArmhYAMEAMPY6gMEAMPY7gMEAMPY
9QMEAMPY9zANBAIAAjAHAwUDKgvvADANBgkqhkiG9w0BAQsFAAOCAQEAghcw8Qot
gvQMskP6lxxCgnB+/KQ7HqEbHl05UVO+sA0EejJPzg+zkjke9Au/uhfZoE8S6NiX
iVQN4Sp36qkIFq+u+UpSc/N0tUuzxV/f+a4BmC5kgwG6uR6SFrGBFlqSaUGy50Pu
tVdapiqNKO2uyFzZB9aFAUf7emDQjrc4A3fOnDwE4oKA6lpkO6uPYaM1yynOajA2
eE+3TnN3NSIcPakgc8fjxSnyJVPUKnulCrdtF3V/f3hkreoHBKIysoQeFvDsUdRz
Ul+ZPDMYA/xhmE+qfx2KanpEURRIvZCqsESRhy8VR4n4UjVZsjr2ZTEr1M/jcDhH
BhJniUonARGCLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org