Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/1fef82-0ae8-48c6-9868-4a16ff9c795b/1/He6oNFCfnF8XgelCZS1z0mSLI9g.roa
File:                     He6oNFCfnF8XgelCZS1z0mSLI9g.roa (raw, json)
Hash identifier:          TIXvy+CBf22JAwuVXWoOrnz1DnQwACk3IWa+z3ICD3E=
Subject key identifier:   1D:EE:A8:34:50:9F:9C:5F:17:81:E9:42:65:2D:73:D2:64:8B:23:D8
Certificate issuer:       /CN=d18c49c6d7132224583eaf348ae41c50e61d9f45
Certificate serial:       AA51
Authority key identifier: D1:8C:49:C6:D7:13:22:24:58:3E:AF:34:8A:E4:1C:50:E6:1D:9F:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0YxJxtcTIiRYPq80iuQcUOYdn0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/1fef82-0ae8-48c6-9868-4a16ff9c795b/1/He6oNFCfnF8XgelCZS1z0mSLI9g.roa
Signing time:             Wed 18 May 2022 11:14:40 +0000
ROA not before:           Wed 18 May 2022 11:14:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210791
IP address blocks:        80.91.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43601 (0xaa51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d18c49c6d7132224583eaf348ae41c50e61d9f45
        Validity
            Not Before: May 18 11:14:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1deea834509f9c5f1781e942652d73d2648b23d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:17:f1:ea:ac:a7:ca:40:7b:b4:d7:86:e5:51:
                    2f:9f:e5:3e:0b:50:e7:76:fd:b7:bb:cc:5c:d6:40:
                    27:54:8d:50:45:7d:1b:9e:00:46:7a:84:87:22:86:
                    28:fe:79:5e:64:d4:d7:3d:94:86:55:7a:93:ae:8b:
                    08:de:17:1d:76:21:04:9b:dc:f8:15:ef:20:49:6f:
                    1a:6a:da:b7:c3:23:97:5f:98:27:8c:79:4f:cc:ac:
                    6a:8d:0c:70:14:ff:65:c6:42:7d:a3:45:08:a1:74:
                    1f:48:0d:7a:fb:6c:6a:62:4e:3c:09:a0:b8:4e:95:
                    96:81:d6:13:a8:c8:62:c6:f0:df:9d:ba:c2:ba:38:
                    5b:31:04:a4:61:45:20:06:4d:65:b1:26:47:82:a0:
                    ab:2f:9f:2d:20:03:7e:ca:ca:a7:3e:1f:5f:c0:a2:
                    8e:b3:c8:75:4f:4d:aa:2f:1e:f3:e5:5e:97:67:e4:
                    da:e1:15:83:97:f6:bc:af:a1:dd:b0:e0:8d:53:64:
                    b0:4e:3b:bf:5f:f2:64:18:c3:0a:cd:13:42:20:f7:
                    80:d7:a0:b1:f2:b6:7f:aa:5b:cb:42:87:ea:c3:ed:
                    47:bd:37:a3:7f:ff:db:5e:96:39:cb:2f:6f:6b:5f:
                    b2:5a:bc:ce:db:da:53:33:26:ab:ea:04:28:ba:3a:
                    8a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EE:A8:34:50:9F:9C:5F:17:81:E9:42:65:2D:73:D2:64:8B:23:D8
            X509v3 Authority Key Identifier:
                keyid:D1:8C:49:C6:D7:13:22:24:58:3E:AF:34:8A:E4:1C:50:E6:1D:9F:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YxJxtcTIiRYPq80iuQcUOYdn0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/1fef82-0ae8-48c6-9868-4a16ff9c795b/1/He6oNFCfnF8XgelCZS1z0mSLI9g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/1fef82-0ae8-48c6-9868-4a16ff9c795b/1/0YxJxtcTIiRYPq80iuQcUOYdn0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:4c:8e:d1:e8:e9:4d:58:2c:d6:9c:ee:c6:3a:0a:de:e8:3b:
         a0:12:0a:f8:44:e9:77:ef:d2:04:70:16:f7:47:51:ab:99:5d:
         0c:28:c0:2f:d5:e9:85:2c:5a:7d:de:c9:2b:6d:7d:b9:cd:be:
         29:12:52:5b:1d:1c:99:d7:a5:02:42:2c:c5:c8:43:47:06:e4:
         05:5d:32:02:8f:27:41:ab:ca:41:84:87:e0:bb:b3:db:bf:fa:
         86:5b:5b:cf:e1:8a:ec:d5:30:66:d2:e9:ef:f1:c8:2c:89:61:
         12:28:d0:0d:4c:6c:fc:cd:2d:23:1a:33:8c:62:f9:d1:e3:eb:
         83:40:39:0d:73:e8:0d:2b:7d:95:13:03:2f:8d:d2:07:f3:d2:
         5a:21:48:cf:fd:eb:d8:af:45:79:3b:23:ad:eb:3c:40:21:84:
         5a:1e:ce:95:ed:4c:40:77:3c:5f:74:db:2b:14:b7:6c:e5:99:
         ee:f4:ec:e8:80:6f:df:7f:43:e7:39:16:9b:00:a6:ba:9b:a2:
         87:67:4a:d8:fd:f1:92:b1:00:2f:85:18:87:02:6e:b2:7c:2d:
         7b:9f:5a:60:dd:49:27:8f:43:8c:d5:37:32:7a:91:1a:af:d1:
         36:0b:79:83:a6:21:f3:f0:36:74:8a:f9:bb:b0:f3:4d:c9:ac:
         73:38:ce:55
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAKpRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQx
OGM0OWM2ZDcxMzIyMjQ1ODNlYWYzNDhhZTQxYzUwZTYxZDlmNDUwHhcNMjIwNTE4
MTExNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZGVlYTgzNDUwOWY5
YzVmMTc4MWU5NDI2NTJkNzNkMjY0OGIyM2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuBfx6qynykB7tNeG5VEvn+U+C1Dndv23u8xc1kAnVI1QRX0b
ngBGeoSHIoYo/nleZNTXPZSGVXqTrosI3hcddiEEm9z4Fe8gSW8aatq3wyOXX5gn
jHlPzKxqjQxwFP9lxkJ9o0UIoXQfSA16+2xqYk48CaC4TpWWgdYTqMhixvDfnbrC
ujhbMQSkYUUgBk1lsSZHgqCrL58tIAN+ysqnPh9fwKKOs8h1T02qLx7z5V6XZ+Ta
4RWDl/a8r6HdsOCNU2SwTju/X/JkGMMKzRNCIPeA16Cx8rZ/qlvLQofqw+1HvTej
f//bXpY5yy9va1+yWrzO29pTMyar6gQoujqKowIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFB3uqDRQn5xfF4HpQmUtc9JkiyPYMB8GA1UdIwQYMBaAFNGMScbXEyIkWD6v
NIrkHFDmHZ9FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MFl4Snh0Y1RJaVJZUHE4MGl1UWNVT1lkbjBVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMy8xZmVmODItMGFlOC00OGM2LTk4NjgtNGExNmZmOWM3OTViLzEv
SGU2b05GQ2ZuRjhYZ2VsQ1pTMXowbVNMSTlnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8x
ZmVmODItMGFlOC00OGM2LTk4NjgtNGExNmZmOWM3OTViLzEvMFl4Snh0Y1RJaVJZ
UHE4MGl1UWNVT1lkbjBVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvcMA0GCSqGSIb3DQEBCwUAA4IB
AQAPTI7R6OlNWCzWnO7GOgre6DugEgr4ROl379IEcBb3R1GrmV0MKMAv1emFLFp9
3skrbX25zb4pElJbHRyZ16UCQizFyENHBuQFXTICjydBq8pBhIfgu7Pbv/qGW1vP
4Yrs1TBm0unv8cgsiWESKNANTGz8zS0jGjOMYvnR4+uDQDkNc+gNK32VEwMvjdIH
89JaIUjP/evYr0V5OyOt6zxAIYRaHs6V7UxAdzxfdNsrFLds5Znu9OzogG/ff0Pn
ORabAKa6m6KHZ0rY/fGSsQAvhRiHAm6yfC17n1pg3Uknj0OM1TcyepEar9E2C3mD
piHz8DZ0ivm7sPNNyaxzOM5V
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:18 2024 by rpki-client on console-ams.rpki-client.org