Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/5HP4wzygx00ykTNW77RkurFhbic.roa
File:                     5HP4wzygx00ykTNW77RkurFhbic.roa (raw, json)
Hash identifier:          aIHWPRY+cd/5S3U6tiqudvuWn/6FPzpZMQ/QD8L9IYk=
Subject key identifier:   E4:73:F8:C3:3C:A0:C7:4D:32:91:33:56:EF:B4:64:BA:B1:61:6E:27
Certificate issuer:       /CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
Certificate serial:       04905048
Authority key identifier: 8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/5HP4wzygx00ykTNW77RkurFhbic.roa
Signing time:             Sat 01 Jan 2022 03:58:01 +0000
ROA not before:           Sat 01 Jan 2022 03:58:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13237
IP address blocks:        192.109.198.0/24 maxlen: 24
                          193.29.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76566600 (0x4905048)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c05b364fcf319ccf53c5f2e8c634290ac0eb129
        Validity
            Not Before: Jan  1 03:58:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e473f8c33ca0c74d32913356efb464bab1616e27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:cc:62:15:3c:0a:fb:83:09:8f:1e:69:0a:a0:
                    ec:d4:98:33:06:35:e7:da:06:d1:6a:8d:60:ca:bf:
                    fc:e4:af:48:77:80:b3:97:87:24:62:90:3a:68:72:
                    2a:8d:21:67:6d:74:78:b9:ad:18:dd:c6:79:26:bf:
                    0e:46:d8:6c:83:da:46:ce:b9:c5:6d:9a:61:e5:d4:
                    a1:8f:b3:2e:9c:96:95:cc:c0:8f:f7:66:29:45:b5:
                    72:b7:f3:ad:4e:e9:75:6e:8b:41:86:ce:fb:2f:a2:
                    ed:55:07:00:26:0c:67:fe:ba:71:88:37:48:f7:24:
                    de:27:d9:8f:3c:ab:15:17:b2:03:08:d4:aa:1f:f7:
                    51:5a:1e:c1:d1:67:4e:b8:c4:fb:a3:10:59:c0:d2:
                    8c:ad:b7:38:63:5f:2d:68:d9:91:9b:38:e1:f6:44:
                    33:77:7b:3f:5f:4f:4c:78:dc:a4:1b:61:86:9e:62:
                    b6:4c:9e:8a:80:9e:9e:ba:07:8c:01:86:66:37:85:
                    44:d5:db:39:ab:ba:07:ad:3e:1e:d6:68:8a:e3:d4:
                    ec:ad:44:39:89:43:da:52:61:25:41:e2:0e:e1:b9:
                    d8:eb:58:b3:cc:b0:16:34:31:32:57:21:4d:3b:9c:
                    9c:cc:0f:18:70:96:0a:9d:9e:85:97:d2:b9:bb:bd:
                    7c:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:73:F8:C3:3C:A0:C7:4D:32:91:33:56:EF:B4:64:BA:B1:61:6E:27
            X509v3 Authority Key Identifier:
                keyid:8C:05:B3:64:FC:F3:19:CC:F5:3C:5F:2E:8C:63:42:90:AC:0E:B1:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAWzZPzzGcz1PF8ujGNCkKwOsSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/5HP4wzygx00ykTNW77RkurFhbic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2d346b-8825-4681-94e3-98441607b228/1/jAWzZPzzGcz1PF8ujGNCkKwOsSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.198.0/24
                  193.29.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:b2:d6:a7:ad:1b:82:53:00:1a:b2:70:3d:79:4a:fc:e0:ad:
         d4:6e:71:67:33:49:c0:c8:64:1b:ec:f1:6c:b6:ed:e6:6c:c9:
         6c:3e:70:cd:c9:45:39:61:19:b9:4c:da:ef:63:a7:b6:3f:00:
         bc:2f:31:c0:32:92:fd:44:92:48:ae:a1:5c:14:aa:55:21:1b:
         b6:4e:66:b0:48:16:22:c1:5b:2c:71:66:0a:87:6a:b8:fe:05:
         45:78:38:bd:00:58:5d:5b:af:7a:ae:0c:08:ec:24:59:6c:6e:
         cf:3f:94:8a:b7:df:42:07:8a:d5:29:be:e9:b0:d9:df:d1:19:
         eb:75:14:bf:1c:a5:45:d1:2a:5c:ff:28:96:dd:52:b2:dc:e4:
         96:4f:de:08:d4:70:53:10:ec:ef:fc:fe:72:43:44:7f:ca:ef:
         12:1e:1b:43:01:4b:e6:c7:d5:60:c6:41:04:41:7e:37:a7:a5:
         3b:bd:47:e6:88:23:b9:8d:b3:fa:12:26:31:08:c3:59:2f:b5:
         20:8c:78:55:f7:bb:20:36:86:53:1e:2a:ff:af:f7:70:8b:f4:
         ca:ef:0b:26:4e:00:8a:37:7a:fe:91:37:8b:b4:0f:5e:12:cf:
         87:1c:a1:d3:9a:db:dd:25:c6:12:12:ca:6d:0e:99:a5:e6:71:
         54:27:96:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBJBQSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzA1YjM2NGZjZjMxOWNjZjUzYzVmMmU4YzYzNDI5MGFjMGViMTI5MB4XDTIyMDEw
MTAzNTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ3M2Y4YzMzY2Ew
Yzc0ZDMyOTEzMzU2ZWZiNDY0YmFiMTYxNmUyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7MYhU8CvuDCY8eaQqg7NSYMwY159oG0WqNYMq//OSvSHeA
s5eHJGKQOmhyKo0hZ210eLmtGN3GeSa/DkbYbIPaRs65xW2aYeXUoY+zLpyWlczA
j/dmKUW1crfzrU7pdW6LQYbO+y+i7VUHACYMZ/66cYg3SPck3ifZjzyrFReyAwjU
qh/3UVoewdFnTrjE+6MQWcDSjK23OGNfLWjZkZs44fZEM3d7P19PTHjcpBthhp5i
tkyeioCenroHjAGGZjeFRNXbOau6B60+HtZoiuPU7K1EOYlD2lJhJUHiDuG52OtY
s8ywFjQxMlchTTucnMwPGHCWCp2ehZfSubu9fPcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTkc/jDPKDHTTKRM1bvtGS6sWFuJzAfBgNVHSMEGDAWgBSMBbNk/PMZzPU8
Xy6MY0KQrA6xKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pBV3paUHp6R2N6MVBGOHVqR05Da0t3T3NTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMmQzNDZiLTg4MjUtNDY4MS05NGUzLTk4NDQxNjA3YjIyOC8x
LzVIUDR3enlneDAweWtUTlc3N1JrdXJGaGJpYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MmQzNDZiLTg4MjUtNDY4MS05NGUzLTk4NDQxNjA3YjIyOC8xL2pBV3paUHp6R2N6
MVBGOHVqR05Da0t3T3NTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBtxgMEAMEdAzANBgkqhkiG9w0B
AQsFAAOCAQEArrLWp60bglMAGrJwPXlK/OCt1G5xZzNJwMhkG+zxbLbt5mzJbD5w
zclFOWEZuUza72Ontj8AvC8xwDKS/USSSK6hXBSqVSEbtk5msEgWIsFbLHFmCodq
uP4FRXg4vQBYXVuveq4MCOwkWWxuzz+UirffQgeK1Sm+6bDZ39EZ63UUvxylRdEq
XP8olt1Sstzklk/eCNRwUxDs7/z+ckNEf8rvEh4bQwFL5sfVYMZBBEF+N6elO71H
5ogjuY2z+hImMQjDWS+1IIx4Vfe7IDaGUx4q/6/3cIv0yu8LJk4Aijd6/pE3i7QP
XhLPhxyh05rb3SXGEhLKbQ6ZpeZxVCeWmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:47 2024 by rpki-client on console-ams.rpki-client.org