Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Hvzr7pts7tz8vYUOcJmXTgqJVSc.roa
File:                     Hvzr7pts7tz8vYUOcJmXTgqJVSc.roa (raw, json)
Hash identifier:          N50RSXGFq83M5gh+6YZUhxLMSaJPpiXd8hXyOcEdrKc=
Subject key identifier:   1E:FC:EB:EE:9B:6C:EE:DC:FC:BD:85:0E:70:99:97:4E:0A:89:55:27
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       0183E9C8C8DD8A328B46C188B4F3488B12CA
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Hvzr7pts7tz8vYUOcJmXTgqJVSc.roa
Signing time:             Tue 18 Oct 2022 06:29:53 +0000
ROA not before:           Tue 18 Oct 2022 06:29:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50939
IP address blocks:        80.96.32.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:e9:c8:c8:dd:8a:32:8b:46:c1:88:b4:f3:48:8b:12:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Oct 18 06:29:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1efcebee9b6ceedcfcbd850e7099974e0a895527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c1:b8:39:de:ec:eb:39:eb:23:fe:ee:e1:bb:
                    18:04:66:07:43:bf:0a:db:e6:e5:c0:63:56:c0:e5:
                    89:45:81:a9:87:54:c2:53:e4:9f:31:87:81:56:2f:
                    56:dc:49:d6:b5:5c:1b:58:45:97:f9:9d:02:8a:34:
                    ca:6a:31:ce:9a:2a:27:06:46:bf:b3:9e:85:c0:c4:
                    8a:cf:89:86:9b:97:b5:24:41:45:b7:6d:59:f3:3f:
                    77:5f:85:5d:57:49:35:00:1d:3a:d3:87:2a:3f:7e:
                    21:40:7c:71:76:14:d3:36:ab:63:b9:f4:48:18:ce:
                    75:1b:05:95:f6:54:f2:cb:1c:8c:90:0e:73:16:11:
                    bd:25:c4:e4:67:1b:8e:51:ac:84:6f:be:c9:ef:bd:
                    ff:77:1a:58:3c:85:28:e3:b0:c5:c5:6f:0d:e8:64:
                    a0:99:2f:cb:22:2e:b9:17:b2:f5:ae:bf:42:fe:d0:
                    a3:12:d9:92:4e:1c:31:79:56:02:b5:7e:a7:77:86:
                    92:e1:f5:b8:49:5f:b5:0d:e1:e4:88:47:4c:5e:35:
                    ed:22:64:76:74:87:58:8c:2e:4a:ff:f9:ad:c1:eb:
                    42:26:b8:e7:02:b9:72:ee:3c:79:94:b3:d7:90:01:
                    b9:f4:16:89:a6:80:39:66:68:f5:36:4f:dd:9d:9e:
                    30:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:FC:EB:EE:9B:6C:EE:DC:FC:BD:85:0E:70:99:97:4E:0A:89:55:27
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Hvzr7pts7tz8vYUOcJmXTgqJVSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:80:80:d9:df:07:b6:a2:42:bd:e0:db:57:21:f4:37:c2:0b:
         c1:3d:49:d5:87:0b:5a:33:8e:d3:5b:ce:2d:b8:47:a0:d5:dc:
         21:1d:d6:23:73:bf:f5:d3:b6:66:27:cc:9a:66:98:36:da:d1:
         2b:7c:f2:dc:39:70:bf:0e:d2:46:9a:a3:3c:a3:3a:0d:b7:d8:
         51:15:37:4c:5e:25:12:03:e4:32:c1:e9:19:54:40:06:43:a6:
         6b:64:e7:cf:f6:c8:bb:e5:8c:3b:a4:0a:ad:75:90:1e:76:e3:
         8e:dd:2f:6a:d5:e7:28:3f:2b:f3:d5:71:ab:29:6d:7a:cb:f1:
         a8:25:b0:de:11:d8:4d:a5:07:05:a6:d9:00:7f:73:92:4b:66:
         1a:4e:05:79:fb:ab:d4:1c:7e:80:72:1c:84:a2:b9:6b:0d:62:
         8a:d2:ea:ff:d7:92:15:73:e8:96:77:73:30:8e:3b:c2:16:86:
         65:19:81:bd:77:b5:86:97:64:d3:c6:b3:6a:11:8c:3c:43:19:
         63:e4:14:b3:04:4f:e5:f8:9c:ce:e2:1d:d8:d9:a3:3c:5f:7a:
         d3:fd:3b:7d:cc:3b:bb:f5:6f:74:00:04:e3:6b:1f:ab:8f:f0:
         65:27:de:88:f2:1f:1c:d7:5a:39:21:40:1e:a9:b6:1f:b0:1f:
         14:07:d9:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPpyMjdijKLRsGItPNIixLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIxMDE4MDYyOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjZWJlZTliNmNlZWRjZmNiZDg1MGU3MDk5OTc0ZTBhODk1NTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsG4Od7s6znrI/7u4bsYBGYHQ78K
2+blwGNWwOWJRYGph1TCU+SfMYeBVi9W3EnWtVwbWEWX+Z0CijTKajHOmionBka/
s56FwMSKz4mGm5e1JEFFt21Z8z93X4VdV0k1AB0604cqP34hQHxxdhTTNqtjufRI
GM51GwWV9lTyyxyMkA5zFhG9JcTkZxuOUayEb77J773/dxpYPIUo47DFxW8N6GSg
mS/LIi65F7L1rr9C/tCjEtmSThwxeVYCtX6nd4aS4fW4SV+1DeHkiEdMXjXtImR2
dIdYjC5K//mtwetCJrjnArly7jx5lLPXkAG59BaJpoA5Zmj1Nk/dnZ4wFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB786+6bbO7c/L2FDnCZl04KiVUnMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSHZ6cjdwdHM3dHo4dllVT2NKbVhUZ3FKVlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUGAgMA0G
CSqGSIb3DQEBCwUAA4IBAQAYgIDZ3we2okK94NtXIfQ3wgvBPUnVhwtaM47TW84t
uEeg1dwhHdYjc7/107ZmJ8yaZpg22tErfPLcOXC/DtJGmqM8ozoNt9hRFTdMXiUS
A+QywekZVEAGQ6ZrZOfP9si75Yw7pAqtdZAeduOO3S9q1ecoPyvz1XGrKW16y/Go
JbDeEdhNpQcFptkAf3OSS2YaTgV5+6vUHH6AchyEorlrDWKK0ur/15IVc+iWd3Mw
jjvCFoZlGYG9d7WGl2TTxrNqEYw8Qxlj5BSzBE/l+JzO4h3Y2aM8X3rT/Tt9zDu7
9W90AATjax+rj/BlJ96I8h8c11o5IUAeqbYfsB8UB9la
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org