Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/RVN43zUkhgDwC-LVlSD_-w4LzHQ.roa
File:                     RVN43zUkhgDwC-LVlSD_-w4LzHQ.roa (raw, json)
Hash identifier:          8B1ulISNCo/Nk/en8ArOdXVP/4hJy7uPWoU6pnZ5YK4=
Subject key identifier:   45:53:78:DF:35:24:86:00:F0:0B:E2:D5:95:20:FF:FB:0E:0B:CC:74
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       01843953E3B90D8CC2C28B83147E279C1D64
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/RVN43zUkhgDwC-LVlSD_-w4LzHQ.roa
Signing time:             Wed 02 Nov 2022 17:11:49 +0000
ROA not before:           Wed 02 Nov 2022 17:11:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        146.247.115.0/24 maxlen: 24
                          146.247.121.0/24 maxlen: 24
                          146.247.124.0/24 maxlen: 24
                          146.247.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:39:53:e3:b9:0d:8c:c2:c2:8b:83:14:7e:27:9c:1d:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Nov  2 17:11:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=455378df35248600f00be2d59520fffb0e0bcc74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a2:9b:ad:c3:63:cb:c7:04:79:cc:f5:9d:62:
                    63:75:32:ad:bd:7d:36:31:46:87:3c:46:80:d5:b4:
                    61:a8:e4:92:ff:d8:8f:77:60:94:9f:72:dd:10:bb:
                    14:db:32:4b:d7:66:ff:f7:ce:29:65:4e:ae:ae:8b:
                    91:1f:3c:7e:48:4f:26:3d:a2:15:ee:21:65:24:ed:
                    98:7a:df:6b:03:a2:e4:43:50:d9:18:2f:d4:74:05:
                    59:12:c2:2c:59:23:7e:13:c2:d1:7f:97:12:d4:b7:
                    d9:d9:58:da:0a:4d:24:fe:ef:3b:4d:d9:ea:95:a6:
                    25:ea:3c:ed:d4:f4:a0:6d:c7:22:8f:98:ac:14:57:
                    de:6d:e3:bb:5e:76:a1:fb:1c:a0:e7:47:71:7e:18:
                    83:f5:6b:84:da:e6:ec:24:62:ba:b4:b5:1e:90:96:
                    a3:82:7a:58:24:42:8b:67:be:38:3a:4a:14:56:6b:
                    5b:9d:39:ce:b4:3c:98:c1:d5:93:46:17:4d:0c:26:
                    ba:fe:7b:f9:20:1e:15:ec:57:5b:c1:f0:a5:39:35:
                    2d:94:45:4e:4f:9c:36:f6:8b:e9:3f:86:57:3d:35:
                    70:c2:b8:24:47:ca:df:4a:29:86:7c:71:59:55:2c:
                    5d:00:8b:86:c4:f9:6a:ee:1d:9a:69:5b:24:66:64:
                    f1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:53:78:DF:35:24:86:00:F0:0B:E2:D5:95:20:FF:FB:0E:0B:CC:74
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/RVN43zUkhgDwC-LVlSD_-w4LzHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.115.0/24
                  146.247.121.0/24
                  146.247.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:9a:bc:87:cc:05:9f:ed:30:bf:a7:d2:34:b4:fe:ac:6e:a4:
         f9:47:00:6d:1d:6b:70:1a:a6:d7:bb:54:79:ce:fb:bd:b2:0f:
         bd:07:c3:ab:62:13:66:74:c3:da:07:8a:00:b5:77:61:6b:74:
         74:51:5d:09:61:be:db:f0:b6:b7:92:81:2a:39:6a:2e:53:7a:
         3e:34:f7:02:c6:da:ca:b6:5a:23:7f:2e:2a:b1:de:23:ac:25:
         e6:61:e1:50:bf:bd:66:8d:f5:d7:35:c1:19:ac:45:0c:c7:c5:
         33:68:12:79:43:d0:18:68:1d:44:47:f3:28:ab:37:bc:0c:30:
         c8:d0:05:15:11:b7:08:ed:40:ba:35:19:55:9b:93:ca:80:8e:
         39:2a:76:9c:8a:c6:01:9d:48:c6:fd:78:f1:84:ff:56:c3:47:
         cd:b8:1d:1e:f9:ba:a7:42:fe:8a:2e:2a:4e:c6:0a:55:2d:99:
         d8:ed:73:1a:c0:ba:0e:11:fe:70:fc:7f:4c:6c:c1:02:8c:0e:
         01:d5:99:6d:85:e9:b1:e0:53:2e:ee:92:46:5b:12:cc:6e:54:
         04:b5:44:e3:26:a5:37:7d:d3:96:aa:59:3c:1b:3c:20:8a:42:
         c7:38:2d:ac:51:78:92:90:ca:82:cd:d9:ab:d3:cd:28:77:c3:
         2c:19:43:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQ5U+O5DYzCwouDFH4nnB1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjIxMTAyMTcxMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTUzNzhkZjM1MjQ4NjAwZjAwYmUyZDU5NTIwZmZmYjBlMGJjYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6KbrcNjy8cEecz1nWJjdTKtvX02
MUaHPEaA1bRhqOSS/9iPd2CUn3LdELsU2zJL12b/984pZU6urouRHzx+SE8mPaIV
7iFlJO2Yet9rA6LkQ1DZGC/UdAVZEsIsWSN+E8LRf5cS1LfZ2VjaCk0k/u87Tdnq
laYl6jzt1PSgbccij5isFFfebeO7Xnah+xyg50dxfhiD9WuE2ubsJGK6tLUekJaj
gnpYJEKLZ744OkoUVmtbnTnOtDyYwdWTRhdNDCa6/nv5IB4V7FdbwfClOTUtlEVO
T5w29ovpP4ZXPTVwwrgkR8rfSimGfHFZVSxdAIuGxPlq7h2aaVskZmTxrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEVTeN81JIYA8Avi1ZUg//sOC8x0MB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvUlZONDN6VWtoZ0R3Qy1MVmxTRF8tdzRMekhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkvdzAwQA
kvd5AwQBkvd8MA0GCSqGSIb3DQEBCwUAA4IBAQA/mryHzAWf7TC/p9I0tP6sbqT5
RwBtHWtwGqbXu1R5zvu9sg+9B8OrYhNmdMPaB4oAtXdha3R0UV0JYb7b8La3koEq
OWouU3o+NPcCxtrKtlojfy4qsd4jrCXmYeFQv71mjfXXNcEZrEUMx8UzaBJ5Q9AY
aB1ER/Moqze8DDDI0AUVEbcI7UC6NRlVm5PKgI45KnacisYBnUjG/XjxhP9Ww0fN
uB0e+bqnQv6KLipOxgpVLZnY7XMawLoOEf5w/H9MbMECjA4B1Zlthemx4FMu7pJG
WxLMblQEtUTjJqU3fdOWqlk8GzwgikLHOC2sUXiSkMqCzdmr080od8MsGUNK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:19 2024 by rpki-client on console-fra.rpki-client.org