Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/dHEShYhD6GWZp-Yyy1V_anc2XB8.roa
File:                     dHEShYhD6GWZp-Yyy1V_anc2XB8.roa (raw, json)
Hash identifier:          aFg1/DdFgvVyLsKukUbu3QUX9nWKa0xp36HSnfTwd2g=
Subject key identifier:   74:71:12:85:88:43:E8:65:99:A7:E6:32:CB:55:7F:6A:77:36:5C:1F
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B5204A6
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/dHEShYhD6GWZp-Yyy1V_anc2XB8.roa
Signing time:             Sat 01 Jan 2022 08:58:28 +0000
ROA not before:           Sat 01 Jan 2022 08:58:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8869
IP address blocks:        212.133.180.0/24 maxlen: 24
                          212.133.128.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189924518 (0xb5204a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=747112858843e86599a7e632cb557f6a77365c1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3a:b8:ad:d6:61:1f:0b:e9:f4:46:95:1d:2f:
                    60:78:6b:d9:38:51:d9:a6:4c:ba:eb:90:a1:c6:cc:
                    f3:6e:5d:fd:3a:69:f2:ba:c5:ee:31:ed:c8:4a:22:
                    e9:d9:c1:f5:e4:11:b8:c2:a6:d0:22:fb:d0:f5:a3:
                    b6:64:e9:8c:84:6a:af:d1:8e:26:ad:8b:c1:80:d8:
                    a7:c4:e6:aa:da:6e:bc:b0:87:75:3b:10:ee:2f:88:
                    b7:bd:9d:0b:6a:f2:2c:3c:6b:f3:76:d3:52:81:b7:
                    6f:bb:f2:e5:c7:20:b7:6b:91:56:b2:64:82:d1:14:
                    fc:d3:fc:0a:dc:cd:26:6d:6e:6e:15:b5:38:f7:3e:
                    b9:b3:fe:72:29:99:0d:f3:45:0c:61:27:d2:80:07:
                    4a:cc:b6:02:0d:a2:8e:b1:02:d0:95:ff:d2:24:81:
                    94:80:d5:24:f5:b8:c7:09:b1:e3:16:be:1f:fe:a8:
                    f2:63:67:40:9e:86:86:2e:6c:9c:e0:8e:70:bc:ea:
                    1b:2a:ce:85:66:51:24:a1:91:12:0f:39:25:f1:00:
                    86:3f:76:76:ca:7e:0e:14:8c:76:db:6a:a0:20:fa:
                    7d:45:91:55:54:46:70:61:7b:28:b9:69:38:69:23:
                    11:bd:39:d0:9f:ab:35:67:9f:fe:4b:fa:d3:08:ba:
                    67:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:71:12:85:88:43:E8:65:99:A7:E6:32:CB:55:7F:6A:77:36:5C:1F
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/dHEShYhD6GWZp-Yyy1V_anc2XB8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.133.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         20:b2:92:ca:b6:58:5d:38:6e:c5:74:c9:4a:eb:3a:51:6e:80:
         e3:3e:b9:c1:83:aa:31:07:98:ca:e2:bd:bd:df:45:0a:20:ce:
         a5:17:d7:85:3e:48:51:55:d4:38:39:a1:ac:41:25:c9:de:3d:
         01:9d:4c:5f:de:24:12:5e:2e:b2:34:8c:a8:cb:0c:92:02:29:
         3d:cb:82:72:ac:13:27:da:66:f2:c1:15:d1:7c:96:3f:d0:d6:
         09:e6:d5:f2:28:51:f2:84:7f:c0:a0:2a:0b:d0:f2:a4:0b:77:
         3b:0d:2c:98:dc:17:22:49:79:10:c1:bd:56:51:89:24:f3:a9:
         28:56:1b:41:73:88:d3:20:ec:e8:90:26:62:d5:f1:60:18:1b:
         39:89:a5:b4:9d:a1:b3:6b:59:4e:17:49:38:68:6d:8f:09:b9:
         93:a5:29:de:31:e0:48:57:1f:dc:06:f6:33:fb:e5:d6:15:14:
         df:e6:37:5b:df:51:db:ba:5b:84:7d:3a:90:04:f1:f0:64:97:
         9d:6a:85:2e:6e:c4:fc:33:2f:2a:e1:f3:20:4e:4a:28:f4:48:
         cc:f3:cb:de:61:84:8a:55:84:04:a9:41:ac:14:04:66:60:9f:
         44:54:a9:e7:c4:3d:cd:38:59:80:f3:44:59:87:d5:f7:6a:76:
         bb:25:2a:61
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC1IEpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTgyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ3MTEyODU4ODQz
ZTg2NTk5YTdlNjMyY2I1NTdmNmE3NzM2NWMxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJU6uK3WYR8L6fRGlR0vYHhr2ThR2aZMuuuQocbM825d/Tpp
8rrF7jHtyEoi6dnB9eQRuMKm0CL70PWjtmTpjIRqr9GOJq2LwYDYp8TmqtpuvLCH
dTsQ7i+It72dC2ryLDxr83bTUoG3b7vy5ccgt2uRVrJkgtEU/NP8CtzNJm1ubhW1
OPc+ubP+cimZDfNFDGEn0oAHSsy2Ag2ijrEC0JX/0iSBlIDVJPW4xwmx4xa+H/6o
8mNnQJ6Ghi5snOCOcLzqGyrOhWZRJKGREg85JfEAhj92dsp+DhSMdttqoCD6fUWR
VVRGcGF7KLlpOGkjEb050J+rNWef/kv60wi6Z7UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0cRKFiEPoZZmn5jLLVX9qdzZcHzAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
L2RIRVNoWWhENkdXWnAtWXl5MVZfYW5jMlhCOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtSFgDANBgkqhkiG9w0BAQsFAAOC
AQEAILKSyrZYXThuxXTJSus6UW6A4z65wYOqMQeYyuK9vd9FCiDOpRfXhT5IUVXU
ODmhrEElyd49AZ1MX94kEl4usjSMqMsMkgIpPcuCcqwTJ9pm8sEV0XyWP9DWCebV
8ihR8oR/wKAqC9DypAt3Ow0smNwXIkl5EMG9VlGJJPOpKFYbQXOI0yDs6JAmYtXx
YBgbOYmltJ2hs2tZThdJOGhtjwm5k6Up3jHgSFcf3Ab2M/vl1hUU3+Y3W99R27pb
hH06kATx8GSXnWqFLm7E/DMvKuHzIE5KKPRIzPPL3mGEilWEBKlBrBQEZmCfRFSp
58Q9zThZgPNEWYfV92p2uyUqYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org