Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pb1jMoPP75fMteZktQQ8c90X4Vo.roa
File:                     pb1jMoPP75fMteZktQQ8c90X4Vo.roa (raw, json)
Hash identifier:          2hEy0gT0X5A/SxYI2UoOJ5Qe8I+Soh5hflQPSlgEW9M=
Subject key identifier:   A5:BD:63:32:83:CF:EF:97:CC:B5:E6:64:B5:04:3C:73:DD:17:E1:5A
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       0184198CC4D4B10A2674DC8DE238D68DC1D6
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pb1jMoPP75fMteZktQQ8c90X4Vo.roa
Signing time:             Thu 27 Oct 2022 13:06:06 +0000
ROA not before:           Thu 27 Oct 2022 13:06:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        146.247.103.0/24 maxlen: 24
                          146.247.108.0/22 maxlen: 24
                          146.247.116.0/22 maxlen: 24
                          146.247.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:19:8c:c4:d4:b1:0a:26:74:dc:8d:e2:38:d6:8d:c1:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Oct 27 13:06:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5bd633283cfef97ccb5e664b5043c73dd17e15a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:16:ed:77:cd:a5:cb:4a:c9:63:1d:f1:2f:58:
                    80:9f:83:aa:7f:81:4d:f1:49:c9:2f:f1:96:62:33:
                    a0:da:93:13:73:be:7a:8b:5e:ae:1c:fe:68:d9:4e:
                    39:62:81:53:fb:97:4a:1d:d7:95:8f:4e:f2:1a:00:
                    b2:7e:13:60:a6:b0:e4:8f:e1:9f:02:bf:7f:a8:01:
                    44:e6:0f:fe:ea:52:b7:16:80:c9:61:5a:9d:29:f2:
                    f1:3d:64:98:57:2f:b4:98:2b:1a:ce:36:c2:6c:c5:
                    03:c0:72:2d:55:df:90:2f:52:9d:6c:1e:e3:d1:07:
                    66:1c:07:ed:2b:b5:9d:b2:fc:99:44:67:77:d9:e2:
                    52:43:83:ba:a0:f2:41:60:13:cd:7e:24:57:c2:47:
                    a8:d0:27:f3:ec:20:5f:05:c4:66:96:47:ba:c8:cd:
                    2e:e6:bc:f4:b3:d4:74:e9:56:6f:c8:de:e8:8b:12:
                    3c:44:7d:b3:48:e2:44:2a:97:0b:ab:a8:a9:49:2d:
                    96:c9:cb:7a:18:7d:8c:49:f0:a1:5b:dc:f0:31:06:
                    4c:78:6c:0f:42:ed:6d:fa:57:26:04:64:2e:d1:24:
                    33:94:c4:f3:cd:f7:56:4d:45:1a:0e:6f:da:7f:09:
                    ee:05:05:fe:22:ef:e8:bd:77:89:2d:ba:b5:35:b0:
                    a8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BD:63:32:83:CF:EF:97:CC:B5:E6:64:B5:04:3C:73:DD:17:E1:5A
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pb1jMoPP75fMteZktQQ8c90X4Vo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.103.0/24
                  146.247.108.0/22
                  146.247.114.0/24
                  146.247.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:c3:36:ee:6e:98:2c:91:8e:55:71:76:32:3c:0c:cc:39:37:
         72:d7:a1:61:0a:44:82:64:89:50:4d:2b:0c:f9:37:f8:60:8f:
         87:6c:0a:0f:5c:38:53:09:ac:d5:77:89:d6:31:b6:57:fb:68:
         6b:d6:5f:b3:d5:36:f6:aa:7c:19:b1:08:18:dd:02:58:49:0b:
         b7:d3:bd:10:3a:b8:19:14:d6:41:98:e6:4e:19:be:cf:4f:a8:
         ab:8f:78:59:9d:60:65:48:73:d6:28:e2:c2:f5:e4:c5:c4:d7:
         9c:6a:cd:8b:14:20:40:7e:07:f8:13:d2:5f:2c:a5:f7:0e:84:
         a1:f9:16:f7:df:e6:dc:65:0b:4d:6f:5c:a1:d4:2a:ef:af:8b:
         47:03:11:9b:97:be:c9:80:c5:b3:73:58:d6:0e:ce:b8:d9:4f:
         b8:cc:7a:89:27:12:2a:c4:d1:ac:e5:17:d6:f4:6a:9f:73:0c:
         4c:ca:f2:9e:d5:ec:6f:8c:dc:2c:e2:af:d7:24:7d:ef:5b:04:
         4d:05:64:87:39:ce:38:e1:a1:1b:64:b9:1c:fe:f4:f0:cc:c0:
         d2:3f:b3:6a:5b:c9:48:f3:af:3d:02:7c:fa:d7:39:ed:da:1a:
         d7:1a:82:51:f0:83:d6:fe:6b:1c:dd:6c:8c:7f:74:5c:4f:1c:
         2e:35:e0:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQZjMTUsQomdNyN4jjWjcHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjIxMDI3MTMwNjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkNjMzMjgzY2ZlZjk3Y2NiNWU2NjRiNTA0M2M3M2RkMTdlMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshbtd82ly0rJYx3xL1iAn4Oqf4FN
8UnJL/GWYjOg2pMTc756i16uHP5o2U45YoFT+5dKHdeVj07yGgCyfhNgprDkj+Gf
Ar9/qAFE5g/+6lK3FoDJYVqdKfLxPWSYVy+0mCsazjbCbMUDwHItVd+QL1KdbB7j
0QdmHAftK7WdsvyZRGd32eJSQ4O6oPJBYBPNfiRXwkeo0Cfz7CBfBcRmlke6yM0u
5rz0s9R06VZvyN7oixI8RH2zSOJEKpcLq6ipSS2Wyct6GH2MSfChW9zwMQZMeGwP
Qu1t+lcmBGQu0SQzlMTzzfdWTUUaDm/afwnuBQX+Iu/ovXeJLbq1NbCoJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKW9YzKDz++XzLXmZLUEPHPdF+FaMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvcGIxak1vUFA3NWZNdGVaa3RRUThjOTBYNFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkvdnAwQC
kvdsAwQAkvdyAwQCkvd0MA0GCSqGSIb3DQEBCwUAA4IBAQBQwzbubpgskY5VcXYy
PAzMOTdy16FhCkSCZIlQTSsM+Tf4YI+HbAoPXDhTCazVd4nWMbZX+2hr1l+z1Tb2
qnwZsQgY3QJYSQu3070QOrgZFNZBmOZOGb7PT6irj3hZnWBlSHPWKOLC9eTFxNec
as2LFCBAfgf4E9JfLKX3DoSh+Rb33+bcZQtNb1yh1Crvr4tHAxGbl77JgMWzc1jW
Ds642U+4zHqJJxIqxNGs5RfW9GqfcwxMyvKe1exvjNws4q/XJH3vWwRNBWSHOc44
4aEbZLkc/vTwzMDSP7NqW8lI8689Anz61znt2hrXGoJR8IPW/msc3WyMf3RcTxwu
NeC3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:35 2024 by rpki-client on console-ams.rpki-client.org