Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HYqp5Mft3BgiY4505NXUHbNPqVU.roa
File:                     HYqp5Mft3BgiY4505NXUHbNPqVU.roa (raw, json)
Hash identifier:          l1In2/tooQUlApE9K7Daou5og3oXMGNcuR1e8uge/WA=
Subject key identifier:   1D:8A:A9:E4:C7:ED:DC:18:22:63:8E:74:E4:D5:D4:1D:B3:4F:A9:55
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       091585BA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HYqp5Mft3BgiY4505NXUHbNPqVU.roa
Signing time:             Sat 01 Jan 2022 16:00:36 +0000
ROA not before:           Sat 01 Jan 2022 16:00:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138219
IP address blocks:        178.218.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152405434 (0x91585ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:00:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1d8aa9e4c7eddc1822638e74e4d5d41db34fa955
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:89:fd:87:55:35:3c:f9:84:77:bd:bf:fd:68:
                    66:e3:a5:d7:b8:cd:1e:f8:ec:06:6f:e6:a6:91:eb:
                    1d:05:a7:aa:10:0b:85:be:ff:84:30:c8:b4:d0:9c:
                    9f:6c:f3:da:7c:cf:30:d8:ee:a1:c5:77:80:4a:b0:
                    c4:89:fb:f6:82:a2:a5:3a:7b:15:5c:ff:a2:92:20:
                    f2:b5:52:5b:b5:3b:e6:43:fb:a9:4f:8b:7c:f3:03:
                    48:b5:fc:37:5d:05:f5:43:15:bf:e4:d7:ee:fd:f2:
                    e8:1b:4e:9c:e6:0e:68:32:f1:2a:af:97:b1:d9:bc:
                    78:c9:bb:e0:3b:c2:e8:43:b9:33:34:d1:cc:22:ee:
                    df:64:3d:24:d6:7c:b7:f2:ad:65:aa:85:91:f1:b8:
                    3f:5e:ce:28:ea:f4:85:cc:37:0e:e5:fe:32:bf:60:
                    56:a6:bd:6a:13:c5:ed:bb:63:ca:25:af:89:4a:b8:
                    d4:d7:aa:52:50:ac:18:01:e1:57:99:4b:68:4a:f1:
                    8c:cd:d7:5c:80:fe:a2:28:20:fe:04:e8:37:a2:df:
                    2b:0e:ef:d1:56:dd:d8:6d:fd:a8:35:4a:26:77:bb:
                    65:fa:a9:4f:f2:75:21:57:dd:9d:f7:76:84:71:2b:
                    10:e7:14:5b:91:82:4e:54:90:0f:cd:35:a6:81:d8:
                    10:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:8A:A9:E4:C7:ED:DC:18:22:63:8E:74:E4:D5:D4:1D:B3:4F:A9:55
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HYqp5Mft3BgiY4505NXUHbNPqVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.218.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:5a:4e:59:65:11:eb:dd:ea:2d:6e:2f:ca:60:61:c5:01:cc:
         fe:56:ce:fa:3a:2c:3b:9e:ab:73:90:c0:c6:eb:7b:39:2c:86:
         c7:c2:84:59:7b:39:c3:ae:9e:a5:f8:cc:64:c5:4a:10:66:71:
         f0:db:c1:de:5e:97:67:5a:cb:e1:f8:eb:95:7c:24:3e:df:6d:
         28:28:76:cf:c1:d4:ac:a5:63:63:47:b6:37:d2:70:b5:b3:ff:
         b1:29:45:40:cb:13:6d:5c:28:55:f8:e4:e3:82:af:01:22:28:
         03:02:f8:33:79:b4:a9:8d:a9:bb:dd:7c:02:0d:e9:67:fd:f5:
         c5:fb:8e:ab:be:01:ab:91:6d:92:b4:24:fb:84:41:78:06:39:
         40:cd:61:a2:a6:32:52:d9:b1:13:96:d2:4c:8a:89:3a:06:7e:
         2c:bc:f1:ca:6a:71:78:c3:28:51:b3:01:4f:f4:23:76:63:85:
         5a:fe:da:cf:6a:ea:2c:0e:a3:38:2d:51:13:be:2a:c5:d4:4d:
         29:e6:58:cf:b2:52:58:d2:d6:81:bb:18:5e:65:c8:97:0c:9b:
         8f:7b:59:d3:a1:7e:ca:de:3b:60:13:15:c3:af:0d:b8:75:91:
         9e:82:9a:9c:bd:43:15:d4:31:f0:46:3f:b8:1d:eb:91:8f:71:
         7c:3d:f7:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRWFujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ4YWE5ZTRjN2Vk
ZGMxODIyNjM4ZTc0ZTRkNWQ0MWRiMzRmYTk1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6J/YdVNTz5hHe9v/1oZuOl17jNHvjsBm/mppHrHQWnqhAL
hb7/hDDItNCcn2zz2nzPMNjuocV3gEqwxIn79oKipTp7FVz/opIg8rVSW7U75kP7
qU+LfPMDSLX8N10F9UMVv+TX7v3y6BtOnOYOaDLxKq+Xsdm8eMm74DvC6EO5MzTR
zCLu32Q9JNZ8t/KtZaqFkfG4P17OKOr0hcw3DuX+Mr9gVqa9ahPF7btjyiWviUq4
1NeqUlCsGAHhV5lLaErxjM3XXID+oigg/gToN6LfKw7v0Vbd2G39qDVKJne7Zfqp
T/J1IVfdnfd2hHErEOcUW5GCTlSQD801poHYEM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdiqnkx+3cGCJjjnTk1dQds0+pVTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L0hZcXA1TWZ0M0JnaVk0NTA1TlhVSGJOUHFWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLakzANBgkqhkiG9w0BAQsFAAOC
AQEA01pOWWUR693qLW4vymBhxQHM/lbO+josO56rc5DAxut7OSyGx8KEWXs5w66e
pfjMZMVKEGZx8NvB3l6XZ1rL4fjrlXwkPt9tKCh2z8HUrKVjY0e2N9JwtbP/sSlF
QMsTbVwoVfjk44KvASIoAwL4M3m0qY2pu918Ag3pZ/31xfuOq74Bq5FtkrQk+4RB
eAY5QM1hoqYyUtmxE5bSTIqJOgZ+LLzxympxeMMoUbMBT/QjdmOFWv7az2rqLA6j
OC1RE74qxdRNKeZYz7JSWNLWgbsYXmXIlwybj3tZ06F+yt47YBMVw68NuHWRnoKa
nL1DFdQx8EY/uB3rkY9xfD33dA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org