Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/HPFN6ALyacj6q3Pgq0PFTO6d_Ms.roa
File:                     HPFN6ALyacj6q3Pgq0PFTO6d_Ms.roa (raw, json)
Hash identifier:          ABUe187uxk7YmZbBujwO/v9L/DCwoTs9d2WHmhrEMlQ=
Subject key identifier:   1C:F1:4D:E8:02:F2:69:C8:FA:AB:73:E0:AB:43:C5:4C:EE:9D:FC:CB
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       08CC4467
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/HPFN6ALyacj6q3Pgq0PFTO6d_Ms.roa
Signing time:             Sat 01 Jan 2022 15:04:50 +0000
ROA not before:           Sat 01 Jan 2022 15:04:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6786
IP address blocks:        185.39.48.0/23 maxlen: 23
                          2a04:7a00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147604583 (0x8cc4467)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: Jan  1 15:04:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cf14de802f269c8faab73e0ab43c54cee9dfccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:47:d6:8c:8a:5e:40:23:03:2f:10:95:a0:14:
                    04:a4:61:1f:a3:e3:be:5c:6f:60:f7:f3:cd:a4:4c:
                    16:ff:fc:3e:29:b6:a3:b1:32:68:92:5d:cd:f0:90:
                    b6:24:93:33:0c:7e:4d:26:60:8e:99:c6:a5:ec:8e:
                    07:fe:0d:9b:59:85:0f:97:aa:81:14:2e:ff:a7:23:
                    c6:a0:fc:92:2f:13:09:b6:05:dd:91:94:1c:25:55:
                    08:bc:fb:4b:d6:96:66:a6:79:08:a8:d5:2c:8b:23:
                    cb:f5:c3:11:a9:5e:bb:2d:9d:c1:2a:ae:ef:89:27:
                    c7:73:f3:4e:5d:8b:a4:91:9e:0e:09:c2:3a:50:ee:
                    0c:7d:cd:a0:4d:0f:4f:7a:eb:36:12:ba:35:78:b3:
                    91:75:63:7f:c4:dd:c0:88:71:01:fe:3e:e9:0d:51:
                    94:87:73:c1:4f:ed:21:0d:92:60:b6:bf:6d:a7:3d:
                    50:8a:c1:73:22:ca:84:bd:c1:69:77:06:e3:08:5e:
                    54:bf:bf:86:69:05:37:dd:84:99:6a:e4:73:00:c7:
                    e2:e4:28:2c:af:c3:4e:72:37:6f:91:38:f7:bc:31:
                    ea:23:da:2e:c3:ec:be:23:d7:bd:a6:d9:c4:29:34:
                    c4:f6:39:2e:ab:fc:7b:30:5b:14:a4:dc:35:48:bb:
                    2d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:F1:4D:E8:02:F2:69:C8:FA:AB:73:E0:AB:43:C5:4C:EE:9D:FC:CB
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/HPFN6ALyacj6q3Pgq0PFTO6d_Ms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.48.0/23
                IPv6:
                  2a04:7a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:40:6e:f2:82:66:4b:53:ec:f1:f9:43:16:3a:c0:9d:de:59:
         0c:44:98:43:c2:81:d9:11:cb:2a:8b:1a:2b:03:ec:04:bf:c0:
         90:6e:ad:56:4a:d0:7b:80:cf:17:13:ce:70:fd:49:62:59:da:
         78:2b:b0:5a:6d:db:4f:92:94:72:4c:88:e0:d4:63:3b:72:3a:
         53:de:c5:f2:49:9d:d0:c5:81:7b:79:f9:67:5b:7d:3f:3c:07:
         ee:5b:67:ed:4c:2a:93:31:78:5c:77:81:44:b0:4b:60:a8:bf:
         ed:68:ec:19:a7:ca:ba:c4:63:58:c3:51:c5:08:77:11:fe:c6:
         8a:af:65:ec:71:29:e4:4c:da:1e:1c:12:89:7e:e1:09:25:04:
         17:a7:61:8d:63:22:ca:6a:af:71:ff:96:fa:44:91:c0:3a:db:
         d3:b4:63:46:db:11:13:14:b1:7e:26:9b:11:95:90:a6:1c:d9:
         30:ae:f3:c5:72:a6:3e:74:a2:4d:0b:f1:59:c9:e9:13:dd:e4:
         b2:d3:ae:65:e2:9a:e4:96:cf:d2:6a:c8:57:43:4d:79:03:66:
         76:f7:7e:33:a9:bb:93:ef:17:0a:1e:01:06:bc:74:98:99:ef:
         f7:3e:f1:0b:c5:4e:75:ca:c0:6c:4e:68:a1:d8:dc:a3:2e:5a:
         58:95:01:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECMxEZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MWVmOTY5NGFhNDhkODEyNzllOGVkZTQzMDc5NWYyNzY4ZDJkZDUyMB4XDTIyMDEw
MTE1MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNmMTRkZTgwMmYy
NjljOGZhYWI3M2UwYWI0M2M1NGNlZTlkZmNjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJH1oyKXkAjAy8QlaAUBKRhH6PjvlxvYPfzzaRMFv/8Pim2
o7EyaJJdzfCQtiSTMwx+TSZgjpnGpeyOB/4Nm1mFD5eqgRQu/6cjxqD8ki8TCbYF
3ZGUHCVVCLz7S9aWZqZ5CKjVLIsjy/XDEaleuy2dwSqu74knx3PzTl2LpJGeDgnC
OlDuDH3NoE0PT3rrNhK6NXizkXVjf8TdwIhxAf4+6Q1RlIdzwU/tIQ2SYLa/bac9
UIrBcyLKhL3BaXcG4wheVL+/hmkFN92EmWrkcwDH4uQoLK/DTnI3b5E497wx6iPa
LsPsviPXvabZxCk0xPY5Lqv8ezBbFKTcNUi7La0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQc8U3oAvJpyPqrc+CrQ8VM7p38yzAfBgNVHSMEGDAWgBTh75aUqkjYEnno
7eQweV8naNLdUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRlLVdsS3BJMkJKNTZPM2tNSGxmSjJqUzNWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYjA1NjY3LWU4NTAtNGM0NS1hZWUzLWFkZWQxYzQ2OWVhZi8x
L0hQRk42QUx5YWNqNnEzUGdxMFBGVE82ZF9Ncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YjA1NjY3LWU4NTAtNGM0NS1hZWUzLWFkZWQxYzQ2OWVhZi8xLzRlLVdsS3BJMkJK
NTZPM2tNSGxmSjJqUzNWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbknMDANBAIAAjAHAwUAKgR6ADAN
BgkqhkiG9w0BAQsFAAOCAQEAKUBu8oJmS1Ps8flDFjrAnd5ZDESYQ8KB2RHLKosa
KwPsBL/AkG6tVkrQe4DPFxPOcP1JYlnaeCuwWm3bT5KUckyI4NRjO3I6U97F8kmd
0MWBe3n5Z1t9PzwH7ltn7UwqkzF4XHeBRLBLYKi/7WjsGafKusRjWMNRxQh3Ef7G
iq9l7HEp5EzaHhwSiX7hCSUEF6dhjWMiymqvcf+W+kSRwDrb07RjRtsRExSxfiab
EZWQphzZMK7zxXKmPnSiTQvxWcnpE93kstOuZeKa5JbP0mrIV0NNeQNmdvd+M6m7
k+8XCh4BBrx0mJnv9z7xC8VOdcrAbE5oodjcoy5aWJUBkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org