Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HwuzIHoy62Le8SoeI_BEUFTCeS0.roa
File:                     HwuzIHoy62Le8SoeI_BEUFTCeS0.roa (raw, json)
Hash identifier:          7i+U5xD7laMGkFVIRC0ilujTJ4zRezPUcCYe5ylePuo=
Subject key identifier:   1F:0B:B3:20:7A:32:EB:62:DE:F1:2A:1E:23:F0:44:50:54:C2:79:2D
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       01821C3888572001B46E39D4B1DA763FAD14
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HwuzIHoy62Le8SoeI_BEUFTCeS0.roa
Signing time:             Wed 20 Jul 2022 15:27:23 +0000
ROA not before:           Wed 20 Jul 2022 15:27:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203061
IP address blocks:        45.11.240.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1c:38:88:57:20:01:b4:6e:39:d4:b1:da:76:3f:ad:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jul 20 15:27:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f0bb3207a32eb62def12a1e23f0445054c2792d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:85:3e:54:60:0e:fa:61:f8:0d:c2:bd:28:93:
                    e8:a1:e6:ef:d9:e0:7b:c3:27:95:99:82:53:af:19:
                    f5:b2:f8:85:a1:bc:14:2f:49:f8:a5:1c:ca:c0:b4:
                    82:fb:93:49:27:a7:2d:fd:84:91:c2:63:51:24:21:
                    93:be:d4:0a:b6:01:d0:96:51:fe:2d:c2:b0:8a:41:
                    a7:3b:22:7d:15:39:d7:38:f8:f3:9a:3d:71:3d:af:
                    4c:79:1d:df:7f:c7:99:76:81:6e:6c:a2:86:00:d9:
                    12:fd:e0:4b:d7:7d:e2:36:1c:73:37:86:8f:b2:9e:
                    67:c5:16:44:7f:5a:60:a3:d5:ae:51:b2:65:ec:10:
                    af:02:16:a7:f0:a9:0d:9f:08:0a:ef:31:a8:20:cd:
                    50:2a:16:6f:6e:31:68:86:ca:91:ff:37:4b:52:66:
                    df:0d:ad:4f:88:c3:99:a5:3b:e1:1f:5a:61:4e:ab:
                    d5:23:94:4f:62:b7:64:a0:fb:8b:89:5d:53:4b:52:
                    67:7c:6f:0b:15:0c:50:3d:d2:b3:91:37:74:cb:e0:
                    49:da:5b:1d:31:a5:ac:cf:a6:25:e0:5b:34:b4:7e:
                    ad:d1:f5:91:c0:fc:f8:34:f3:5e:ea:63:a9:e6:7d:
                    24:21:69:b9:8c:e8:ae:40:92:07:63:de:70:4a:34:
                    d4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:0B:B3:20:7A:32:EB:62:DE:F1:2A:1E:23:F0:44:50:54:C2:79:2D
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/HwuzIHoy62Le8SoeI_BEUFTCeS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:62:ca:89:4e:b5:6b:38:37:9b:70:00:22:57:a8:19:02:c4:
         6d:19:d0:dd:12:a0:d9:4d:7b:80:f7:2e:34:24:d8:89:14:a6:
         81:b4:5f:5e:d5:77:53:88:68:08:21:90:a6:f7:fb:82:77:52:
         d1:a0:82:78:67:a8:7e:a2:8c:3c:9f:b6:c2:8c:0c:9c:5e:c7:
         d3:6e:52:03:d4:74:d7:09:16:e8:24:d1:c9:0e:b2:2f:33:a2:
         f3:b4:d5:1f:e5:31:15:53:c6:14:f2:12:9a:64:87:7f:6b:fe:
         6d:de:bd:eb:83:ef:13:a9:33:28:fa:c9:a8:31:11:0e:a0:4d:
         f5:48:1a:d0:49:9d:ef:5c:ec:1d:3c:05:73:7e:c7:06:95:23:
         a7:69:17:8d:86:f2:e8:aa:2e:b2:d1:37:09:88:9e:42:5b:f8:
         6b:a9:ad:fb:6c:55:97:db:8f:63:45:db:85:8e:d5:70:72:44:
         6c:5c:48:8c:d5:ee:6f:8b:ff:1e:ce:dd:1b:4f:d1:1c:5d:e8:
         df:cd:08:e9:ce:4a:9e:05:bb:7f:22:60:29:6a:d6:52:0a:ee:
         38:1a:48:68:b5:e0:6f:7d:8f:95:12:97:eb:d1:31:bd:cd:a4:
         02:c3:73:2f:19:18:41:72:04:e6:d5:8b:9a:64:7c:1b:76:6a:
         31:e4:90:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIcOIhXIAG0bjnUsdp2P60UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjIwNzIwMTUyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjBiYjMyMDdhMzJlYjYyZGVmMTJhMWUyM2YwNDQ1MDU0YzI3OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4U+VGAO+mH4DcK9KJPooebv2eB7
wyeVmYJTrxn1sviFobwUL0n4pRzKwLSC+5NJJ6ct/YSRwmNRJCGTvtQKtgHQllH+
LcKwikGnOyJ9FTnXOPjzmj1xPa9MeR3ff8eZdoFubKKGANkS/eBL133iNhxzN4aP
sp5nxRZEf1pgo9WuUbJl7BCvAhan8KkNnwgK7zGoIM1QKhZvbjFohsqR/zdLUmbf
Da1PiMOZpTvhH1phTqvVI5RPYrdkoPuLiV1TS1JnfG8LFQxQPdKzkTd0y+BJ2lsd
MaWsz6Yl4Fs0tH6t0fWRwPz4NPNe6mOp5n0kIWm5jOiuQJIHY95wSjTUoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8LsyB6Muti3vEqHiPwRFBUwnktMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvSHd1eklIb3k2MkxlOFNvZUlfQkVVRlRDZVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQvwMA0G
CSqGSIb3DQEBCwUAA4IBAQAPYsqJTrVrODebcAAiV6gZAsRtGdDdEqDZTXuA9y40
JNiJFKaBtF9e1XdTiGgIIZCm9/uCd1LRoIJ4Z6h+oow8n7bCjAycXsfTblID1HTX
CRboJNHJDrIvM6LztNUf5TEVU8YU8hKaZId/a/5t3r3rg+8TqTMo+smoMREOoE31
SBrQSZ3vXOwdPAVzfscGlSOnaReNhvLoqi6y0TcJiJ5CW/hrqa37bFWX249jRduF
jtVwckRsXEiM1e5vi/8ezt0bT9EcXejfzQjpzkqeBbt/ImApatZSCu44GkhoteBv
fY+VEpfr0TG9zaQCw3MvGRhBcgTm1YuaZHwbdmox5JAL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:52 2023 by rpki-client on console-fra.rpki-client.org