Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HGLhdubr1z5NeqYilDnYRVdNlio.roa
File:                     HGLhdubr1z5NeqYilDnYRVdNlio.roa (raw, json)
Hash identifier:          xoabpI68yRLMNIh0VGwhZVvYv5YgR1jeREFLH5W7CRM=
Subject key identifier:   1C:62:E1:76:E6:EB:D7:3E:4D:7A:A6:22:94:39:D8:45:57:4D:96:2A
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       05DE83F2
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HGLhdubr1z5NeqYilDnYRVdNlio.roa
Signing time:             Thu 23 Jun 2022 05:11:32 +0000
ROA not before:           Thu 23 Jun 2022 05:11:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        45.85.130.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98468850 (0x5de83f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jun 23 05:11:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c62e176e6ebd73e4d7aa6229439d845574d962a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:94:48:34:9c:88:5c:e2:eb:3b:c8:a0:c6:b0:
                    95:a4:50:3a:10:bb:0b:ec:49:e0:ea:ce:0e:96:80:
                    fb:e6:cf:2e:91:50:f3:96:67:1a:52:d9:a0:2e:01:
                    8a:f3:94:76:53:85:55:32:96:5b:28:59:1c:67:4f:
                    b1:77:7a:c9:19:6b:d2:23:d2:b3:28:8c:fa:af:d5:
                    6e:a3:e6:fe:31:48:ff:b6:73:1b:cc:a8:18:e1:44:
                    fc:13:e1:2b:bd:1e:88:42:0f:1b:bc:6d:2e:f5:12:
                    88:5d:58:f6:eb:99:55:39:b0:0a:ec:99:0e:cf:99:
                    e9:e7:26:a3:24:55:dc:d2:08:cc:d6:12:d8:c0:4e:
                    95:b6:2f:3e:27:98:f9:bd:41:5d:ad:7d:e1:4b:97:
                    50:9a:73:0d:fd:80:f5:0e:ce:4b:4e:8d:b4:81:8b:
                    54:47:bb:53:9f:0b:e7:a0:06:28:eb:d8:c0:79:94:
                    8b:e1:3c:d1:df:0d:32:f5:b6:71:a6:3a:af:98:e2:
                    e8:a3:70:f6:a2:4d:d8:c3:71:11:17:3f:08:40:0e:
                    3d:ce:91:ff:7c:83:b9:f4:6d:d6:71:5a:0d:80:79:
                    57:20:f2:8a:e5:04:f6:14:7b:bb:86:19:16:92:f3:
                    49:40:8a:5e:94:b5:51:c6:f0:59:18:f7:87:d4:dc:
                    9a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:62:E1:76:E6:EB:D7:3E:4D:7A:A6:22:94:39:D8:45:57:4D:96:2A
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HGLhdubr1z5NeqYilDnYRVdNlio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:df:44:97:d0:4c:70:4d:74:cc:05:7c:ab:86:e3:5d:6d:d0:
         ec:93:c8:5f:71:fd:87:fb:1f:d3:c9:c6:f2:fd:89:e3:99:1a:
         e2:60:a3:0c:a9:7b:9f:3e:bb:0d:16:62:ca:b5:c3:d7:6c:11:
         5e:f5:07:93:a2:34:59:9f:cf:dd:55:03:44:cc:bd:17:6a:c2:
         56:0e:b8:97:a9:84:bd:e9:80:8a:b1:74:88:1a:1d:3b:69:f2:
         df:3c:64:c0:f5:2e:e5:76:c5:da:d7:4c:db:54:d3:06:65:19:
         4a:bc:37:0f:94:0e:8d:18:bd:6f:d4:f0:09:c3:88:18:75:d8:
         a7:1a:02:2d:df:ae:5a:dd:8b:17:6e:12:a2:a7:65:68:14:c5:
         d5:2e:61:11:37:ee:40:7a:00:7e:29:d9:f2:97:87:ba:3d:7c:
         b0:b2:02:a4:d2:89:7f:f6:68:e8:ca:52:60:7f:41:74:b0:15:
         b8:01:51:73:b7:c7:a8:ec:42:29:ba:ba:17:b1:4b:75:ec:f3:
         7a:87:ec:19:d5:09:1e:f1:99:6d:5d:18:63:f3:e5:88:20:62:
         0d:ed:42:8c:71:e3:e8:b9:59:94:d4:61:2d:85:55:12:ab:64:
         2f:1e:75:61:26:c8:0e:9d:ca:30:61:99:82:b2:7d:c8:4f:bf:
         33:f6:5d:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBd6D8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTMzZWY0NjExNmZkOWQyMWJmYjUzM2U0NGJkZTUxNzg5MGMyNGRjMB4XDTIyMDYy
MzA1MTEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM2MmUxNzZlNmVi
ZDczZTRkN2FhNjIyOTQzOWQ4NDU1NzRkOTYyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeUSDSciFzi6zvIoMawlaRQOhC7C+xJ4OrODpaA++bPLpFQ
85ZnGlLZoC4BivOUdlOFVTKWWyhZHGdPsXd6yRlr0iPSsyiM+q/VbqPm/jFI/7Zz
G8yoGOFE/BPhK70eiEIPG7xtLvUSiF1Y9uuZVTmwCuyZDs+Z6ecmoyRV3NIIzNYS
2MBOlbYvPieY+b1BXa194UuXUJpzDf2A9Q7OS06NtIGLVEe7U58L56AGKOvYwHmU
i+E80d8NMvW2caY6r5ji6KNw9qJN2MNxERc/CEAOPc6R/3yDufRt1nFaDYB5VyDy
iuUE9hR7u4YZFpLzSUCKXpS1UcbwWRj3h9TcmgUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQcYuF25uvXPk16piKUOdhFV02WKjAfBgNVHSMEGDAWgBSFM+9GEW/Z0hv7
Uz5EveUXiQwk3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hUUHZSaEZ2MmRJYi0xTS1STDNsRjRrTUpOdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8x
L0hHTGhkdWJyMXo1TmVxWWlsRG5ZUlZkTmxpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
ZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8xL2hUUHZSaEZ2MmRJ
Yi0xTS1STDNsRjRrTUpOdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1VgjANBgkqhkiG9w0BAQsFAAOC
AQEANd9El9BMcE10zAV8q4bjXW3Q7JPIX3H9h/sf08nG8v2J45ka4mCjDKl7nz67
DRZiyrXD12wRXvUHk6I0WZ/P3VUDRMy9F2rCVg64l6mEvemAirF0iBodO2ny3zxk
wPUu5XbF2tdM21TTBmUZSrw3D5QOjRi9b9TwCcOIGHXYpxoCLd+uWt2LF24Soqdl
aBTF1S5hETfuQHoAfinZ8peHuj18sLICpNKJf/Zo6MpSYH9BdLAVuAFRc7fHqOxC
Kbq6F7FLdezzeofsGdUJHvGZbV0YY/PliCBiDe1CjHHj6LlZlNRhLYVVEqtkLx51
YSbIDp3KMGGZgrJ9yE+/M/Zd6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org