Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/RHx8zQEo1ma_ubtRP2-OnuCcQVg.roa
File:                     RHx8zQEo1ma_ubtRP2-OnuCcQVg.roa (raw, json)
Hash identifier:          cka9Ea/cLEP+Qd0OJANxaQRS7gc8/9vWkh2lMoWusA8=
Subject key identifier:   44:7C:7C:CD:01:28:D6:66:BF:B9:BB:51:3F:6F:8E:9E:E0:9C:41:58
Certificate issuer:       /CN=86f4129af869f6f5c85a7388808aad0ac0ba9c4f
Certificate serial:       01064350
Authority key identifier: 86:F4:12:9A:F8:69:F6:F5:C8:5A:73:88:80:8A:AD:0A:C0:BA:9C:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hvQSmvhp9vXIWnOIgIqtCsC6nE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/RHx8zQEo1ma_ubtRP2-OnuCcQVg.roa
Signing time:             Sat 01 Jan 2022 04:02:43 +0000
ROA not before:           Sat 01 Jan 2022 04:02:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        195.10.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17187664 (0x1064350)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86f4129af869f6f5c85a7388808aad0ac0ba9c4f
        Validity
            Not Before: Jan  1 04:02:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=447c7ccd0128d666bfb9bb513f6f8e9ee09c4158
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:25:47:ab:35:f0:87:75:65:1e:28:c4:34:7f:
                    b6:a0:59:fb:07:c1:b9:51:16:5a:f6:8e:cc:22:bb:
                    bf:bb:f8:92:a1:a9:4e:ac:72:67:4f:2c:83:10:23:
                    fa:02:25:7b:f7:b8:20:70:fe:a2:55:bd:a6:e4:ed:
                    95:5e:00:22:6e:6e:4d:ee:18:8a:22:5e:66:d0:60:
                    e7:9f:5f:30:27:70:d5:83:89:b8:6b:ae:9d:a6:fb:
                    5c:d6:2f:45:e7:de:33:e1:03:b7:0b:14:bc:a3:76:
                    f2:6f:66:b2:24:37:a2:a0:7b:86:16:91:97:1e:51:
                    48:ca:1d:72:e6:3f:6c:27:6b:2c:e3:04:60:83:e8:
                    ac:1d:06:a2:9c:66:f9:ab:48:0d:c0:66:a8:b5:80:
                    30:32:ab:3f:1c:d2:29:e9:b1:52:c4:4b:2d:9d:75:
                    f2:d3:75:83:1e:33:64:80:38:f2:d1:11:55:56:30:
                    08:84:e4:75:27:6c:d4:66:5f:5f:fa:e1:37:d8:6d:
                    14:27:a9:8a:7e:20:0d:ec:64:1b:be:ac:ea:5b:b1:
                    30:a4:f9:7a:96:58:21:88:4b:65:58:8a:dc:d5:00:
                    70:60:7c:13:a9:5f:b4:3b:d7:b0:a3:a7:f5:fe:8d:
                    f8:e9:91:dc:05:e3:bf:c2:f3:71:98:92:bb:ba:08:
                    f3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:7C:7C:CD:01:28:D6:66:BF:B9:BB:51:3F:6F:8E:9E:E0:9C:41:58
            X509v3 Authority Key Identifier:
                keyid:86:F4:12:9A:F8:69:F6:F5:C8:5A:73:88:80:8A:AD:0A:C0:BA:9C:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvQSmvhp9vXIWnOIgIqtCsC6nE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/RHx8zQEo1ma_ubtRP2-OnuCcQVg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3191ec-ce8f-4576-a940-cc50107ea146/1/hvQSmvhp9vXIWnOIgIqtCsC6nE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:1a:cf:08:22:63:43:79:f7:5a:58:ca:4c:ba:73:75:12:2d:
         81:c2:81:f2:26:16:1d:f1:e5:c3:65:b6:19:91:10:8b:23:f0:
         21:f1:45:78:0b:43:cb:ad:8e:cb:d7:3f:63:82:8d:86:fa:8e:
         59:ec:af:9a:83:19:f9:b1:34:75:46:40:67:a7:82:44:69:7f:
         c5:47:df:22:61:f0:1e:b3:4c:c3:49:f4:63:70:9a:36:9a:8f:
         4e:39:8a:93:64:64:3a:80:91:38:2e:55:70:9c:8b:80:aa:20:
         80:98:da:07:d4:28:51:eb:60:19:9b:08:0a:65:54:ac:42:4e:
         23:b2:4e:51:59:3f:27:36:1e:32:d2:4f:09:7f:4e:76:6e:3e:
         23:df:6c:b3:d2:c1:e6:7b:8d:bf:98:ce:2c:0b:f3:78:32:b1:
         d6:d1:bf:7a:39:20:ac:9d:91:d7:cc:a9:e1:91:05:99:51:4d:
         a8:81:e9:5e:1d:da:9a:20:88:7d:51:56:07:92:08:a5:e7:08:
         db:67:e9:eb:b1:fb:b7:8a:bc:ac:ac:57:a8:ae:fc:d1:de:92:
         6b:23:ea:aa:b8:b3:56:b2:36:8c:12:a6:cb:29:1b:8d:53:bc:
         22:01:03:75:e9:6f:09:ce:81:ef:da:a1:1b:5e:1c:e0:ad:01:
         3c:e7:2a:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQZDUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmY0MTI5YWY4NjlmNmY1Yzg1YTczODg4MDhhYWQwYWMwYmE5YzRmMB4XDTIyMDEw
MTA0MDI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ3YzdjY2QwMTI4
ZDY2NmJmYjliYjUxM2Y2ZjhlOWVlMDljNDE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMlR6s18Id1ZR4oxDR/tqBZ+wfBuVEWWvaOzCK7v7v4kqGp
TqxyZ08sgxAj+gIle/e4IHD+olW9puTtlV4AIm5uTe4YiiJeZtBg559fMCdw1YOJ
uGuunab7XNYvRefeM+EDtwsUvKN28m9msiQ3oqB7hhaRlx5RSModcuY/bCdrLOME
YIPorB0Gopxm+atIDcBmqLWAMDKrPxzSKemxUsRLLZ118tN1gx4zZIA48tERVVYw
CITkdSds1GZfX/rhN9htFCepin4gDexkG76s6luxMKT5epZYIYhLZViK3NUAcGB8
E6lftDvXsKOn9f6N+OmR3AXjv8LzcZiSu7oI8/8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBREfHzNASjWZr+5u1E/b46e4JxBWDAfBgNVHSMEGDAWgBSG9BKa+Gn29cha
c4iAiq0KwLqcTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h2UVNtdmhwOXZYSVduT0lnSXF0Q3NDNm5FOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMzE5MWVjLWNlOGYtNDU3Ni1hOTQwLWNjNTAxMDdlYTE0Ni8x
L1JIeDh6UUVvMW1hX3VidFJQMi1PbnVDY1FWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MzE5MWVjLWNlOGYtNDU3Ni1hOTQwLWNjNTAxMDdlYTE0Ni8xL2h2UVNtdmhwOXZY
SVduT0lnSXF0Q3NDNm5FOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMKxzANBgkqhkiG9w0BAQsFAAOC
AQEAWxrPCCJjQ3n3WljKTLpzdRItgcKB8iYWHfHlw2W2GZEQiyPwIfFFeAtDy62O
y9c/Y4KNhvqOWeyvmoMZ+bE0dUZAZ6eCRGl/xUffImHwHrNMw0n0Y3CaNpqPTjmK
k2RkOoCROC5VcJyLgKoggJjaB9QoUetgGZsICmVUrEJOI7JOUVk/JzYeMtJPCX9O
dm4+I99ss9LB5nuNv5jOLAvzeDKx1tG/ejkgrJ2R18yp4ZEFmVFNqIHpXh3amiCI
fVFWB5IIpecI22fp67H7t4q8rKxXqK780d6SayPqqrizVrI2jBKmyykbjVO8IgED
delvCc6B79qhG14c4K0BPOcqeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:42 2024 by rpki-client on console-ams.rpki-client.org