Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hKcfn-6rRIhmxu3LH4FQ5Y_X0GQ.roa
File:                     hKcfn-6rRIhmxu3LH4FQ5Y_X0GQ.roa (raw, json)
Hash identifier:          cQ/vO35AmPdLYD0FN57pZoxiWWEuMjct8UjAuroFE7Y=
Subject key identifier:   84:A7:1F:9F:EE:AB:44:88:66:C6:ED:CB:1F:81:50:E5:8F:D7:D0:64
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0182208D3CB2961A933EE12E781041E8CB5D
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hKcfn-6rRIhmxu3LH4FQ5Y_X0GQ.roa
Signing time:             Thu 21 Jul 2022 11:38:23 +0000
ROA not before:           Thu 21 Jul 2022 11:38:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        81.31.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:20:8d:3c:b2:96:1a:93:3e:e1:2e:78:10:41:e8:cb:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jul 21 11:38:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84a71f9feeab448866c6edcb1f8150e58fd7d064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:05:d9:83:2b:b9:bc:b3:bb:e1:c0:2b:ca:a5:
                    7d:91:bc:00:c3:a8:78:19:6a:61:fa:0d:f4:31:9f:
                    4c:67:90:d0:4e:9d:90:a5:79:25:86:c2:7e:4a:01:
                    48:2d:c0:17:60:b9:f2:7a:4c:0e:60:c7:31:f7:32:
                    3a:0e:b4:c1:3f:c0:df:35:6a:8b:61:fb:2d:cb:a4:
                    46:fc:07:dd:39:f4:7a:40:aa:ea:b0:45:7f:f1:3b:
                    44:ac:43:b0:6d:fb:c9:62:d2:2a:84:b6:02:16:df:
                    ad:e2:4d:1a:1a:f9:37:51:13:be:f2:a3:2f:d0:10:
                    fa:de:b3:35:8c:82:4f:de:ce:83:cf:85:bc:57:ed:
                    05:b2:ea:ee:bd:8b:67:b0:b5:b4:5a:15:71:f6:37:
                    fa:80:7f:18:34:f5:6a:ad:6d:ec:64:b3:27:7d:02:
                    c7:c5:c6:96:2f:b2:a0:9a:ea:cb:80:3f:1d:b3:48:
                    15:be:5c:50:62:de:7b:de:e1:4b:02:bd:08:44:fd:
                    18:bc:9b:d2:63:cc:34:91:34:4f:7f:d9:ac:ad:94:
                    c2:f7:1a:2f:a9:c3:84:e2:2e:37:52:87:13:59:52:
                    65:94:93:37:bf:ec:36:97:f2:18:82:b6:e6:97:0b:
                    76:fa:3d:b6:d1:c8:df:4e:30:08:62:db:57:9a:48:
                    a6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:A7:1F:9F:EE:AB:44:88:66:C6:ED:CB:1F:81:50:E5:8F:D7:D0:64
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/hKcfn-6rRIhmxu3LH4FQ5Y_X0GQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:93:11:0e:b4:90:a3:e5:a1:cc:ad:fa:ac:50:63:8f:16:8d:
         57:37:05:b0:0b:0b:34:b4:c2:52:d2:71:0f:fc:46:b5:0c:65:
         46:35:68:d6:32:2b:50:d7:32:a0:af:aa:6a:ce:11:07:6a:b2:
         89:ab:3f:bf:fc:bc:f9:a7:3e:b4:ef:3f:70:c1:4f:4c:b9:af:
         11:50:2c:a6:63:60:08:66:c6:c6:1d:12:d0:88:75:43:63:38:
         1e:7f:fc:e9:e6:28:c9:91:d7:99:2c:28:e1:c6:f7:76:b2:c9:
         b5:54:fc:7d:32:e1:d1:3f:19:b8:14:5f:e0:38:b3:9c:77:8e:
         d4:9a:9e:67:14:24:ef:8e:47:45:ef:94:10:f0:1e:ab:01:ef:
         f1:62:73:bd:95:fd:73:8a:c4:e7:97:78:64:cb:5c:fd:88:a6:
         cd:3a:29:b3:98:5e:ed:8d:11:13:df:a2:e8:c7:6e:01:af:a1:
         00:3d:db:62:70:4d:3a:f7:b6:da:7b:77:33:c5:fa:2d:b6:76:
         35:9b:28:48:cf:6c:85:be:c7:f3:50:95:e5:4a:77:31:d8:31:
         0d:d0:ff:01:a0:8c:8e:d4:eb:05:12:4b:c8:f8:ba:70:fa:c9:
         65:6f:c8:cc:ab:5d:82:af:8d:38:d3:a1:8d:05:40:1b:b7:16:
         85:25:7f:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIgjTyylhqTPuEueBBB6MtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIwNzIxMTEzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE3MWY5ZmVlYWI0NDg4NjZjNmVkY2IxZjgxNTBlNThmZDdkMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgXZgyu5vLO74cAryqV9kbwAw6h4
GWph+g30MZ9MZ5DQTp2QpXklhsJ+SgFILcAXYLnyekwOYMcx9zI6DrTBP8DfNWqL
Yfsty6RG/AfdOfR6QKrqsEV/8TtErEOwbfvJYtIqhLYCFt+t4k0aGvk3URO+8qMv
0BD63rM1jIJP3s6Dz4W8V+0FsuruvYtnsLW0WhVx9jf6gH8YNPVqrW3sZLMnfQLH
xcaWL7KgmurLgD8ds0gVvlxQYt573uFLAr0IRP0YvJvSY8w0kTRPf9msrZTC9xov
qcOE4i43UocTWVJllJM3v+w2l/IYgrbmlwt2+j220cjfTjAIYttXmkim0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISnH5/uq0SIZsbtyx+BUOWP19BkMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvaEtjZm4tNnJSSWhteHUzTEg0RlE1WV9YMEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/oMA0G
CSqGSIb3DQEBCwUAA4IBAQCQkxEOtJCj5aHMrfqsUGOPFo1XNwWwCws0tMJS0nEP
/Ea1DGVGNWjWMitQ1zKgr6pqzhEHarKJqz+//Lz5pz607z9wwU9Mua8RUCymY2AI
ZsbGHRLQiHVDYzgef/zp5ijJkdeZLCjhxvd2ssm1VPx9MuHRPxm4FF/gOLOcd47U
mp5nFCTvjkdF75QQ8B6rAe/xYnO9lf1zisTnl3hky1z9iKbNOimzmF7tjRET36Lo
x24Br6EAPdticE0697bae3czxfottnY1myhIz2yFvsfzUJXlSncx2DEN0P8BoIyO
1OsFEkvI+Lpw+sllb8jMq12Cr40406GNBUAbtxaFJX9e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org