Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HsfmRaWhLFjHlwfoX9gZbarbD80.roa
File:                     HsfmRaWhLFjHlwfoX9gZbarbD80.roa (raw, json)
Hash identifier:          DRAt8h1iIadMVNSWLoAw/xHY8LKNF7SmcCRSyCm/PpM=
Subject key identifier:   1E:C7:E6:45:A5:A1:2C:58:C7:97:07:E8:5F:D8:19:6D:AA:DB:0F:CD
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       0183A27CB722EA29A0AFC1F3A026D779146D
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HsfmRaWhLFjHlwfoX9gZbarbD80.roa
Signing time:             Tue 04 Oct 2022 10:13:45 +0000
ROA not before:           Tue 04 Oct 2022 10:13:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35277
IP address blocks:        5.189.219.0/24 maxlen: 24
                          5.189.218.0/24 maxlen: 24
                          5.189.217.0/24 maxlen: 24
                          5.189.216.0/24 maxlen: 24
                          5.188.51.0/24 maxlen: 24
                          5.188.50.0/24 maxlen: 24
                          5.101.44.0/24 maxlen: 24
                          5.101.47.0/24 maxlen: 24
                          5.101.46.0/24 maxlen: 24
                          5.101.45.0/24 maxlen: 24
                          5.188.203.0/24 maxlen: 24
                          5.188.202.0/24 maxlen: 24
                          5.188.201.0/24 maxlen: 24
                          5.188.200.0/24 maxlen: 24
                          91.243.40.0/24 maxlen: 24
                          91.243.43.0/24 maxlen: 24
                          5.189.253.0/24 maxlen: 24
                          5.189.252.0/24 maxlen: 24
                          5.189.255.0/24 maxlen: 24
                          5.8.44.0/24 maxlen: 24
                          5.8.47.0/24 maxlen: 24
                          5.8.46.0/24 maxlen: 24
                          5.8.45.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a2:7c:b7:22:ea:29:a0:af:c1:f3:a0:26:d7:79:14:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Oct  4 10:13:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ec7e645a5a12c58c79707e85fd8196daadb0fcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c5:be:c4:0e:82:2f:61:70:4a:15:7d:c5:52:
                    fc:80:41:ed:66:37:c2:29:8f:d1:01:c0:df:4f:75:
                    44:63:56:bd:81:08:7d:c1:e9:f4:68:6e:b6:01:bd:
                    f8:bd:84:be:fe:14:60:cc:06:86:69:10:db:d0:b0:
                    c9:ac:da:89:80:b5:96:4e:d3:32:21:97:ff:0a:6b:
                    7b:d6:1f:5a:94:4d:4c:24:da:80:01:f8:12:ba:44:
                    14:5e:95:dc:c9:ca:0c:33:b4:a1:ca:ea:03:4d:be:
                    1b:91:56:14:4a:f8:0d:70:32:b5:09:0e:bc:50:fe:
                    76:8b:1a:87:fb:3d:72:d2:93:fa:39:86:4f:1a:0a:
                    fa:7b:67:69:22:22:6f:12:e4:b5:5d:4c:f8:a5:b9:
                    ec:fb:71:bb:59:d8:f4:ec:61:3f:b8:cf:50:a6:29:
                    ef:ee:6b:43:4a:c4:bb:af:25:7e:35:00:7e:fa:4c:
                    72:1c:1e:e5:99:64:cf:d2:47:b7:e7:5e:29:8f:73:
                    78:a1:a9:7c:9f:14:ce:32:8d:5a:4f:50:02:85:a9:
                    a9:45:87:e6:32:93:a9:9c:75:63:c3:e3:ab:31:97:
                    2e:91:e7:52:56:81:4c:a8:96:26:90:ca:a2:2e:a9:
                    7c:34:ee:88:46:89:52:78:8b:c0:14:7b:b6:2b:5b:
                    83:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C7:E6:45:A5:A1:2C:58:C7:97:07:E8:5F:D8:19:6D:AA:DB:0F:CD
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/HsfmRaWhLFjHlwfoX9gZbarbD80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.44.0/22
                  5.101.44.0/22
                  5.188.50.0/23
                  5.188.200.0/22
                  5.189.216.0/22
                  5.189.252.0/23
                  5.189.255.0/24
                  91.243.40.0/24
                  91.243.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:d8:dd:8c:8a:e0:26:a4:a1:d4:ed:08:61:ee:75:25:b1:b2:
         66:79:5d:0b:7b:5b:ab:e0:89:85:b5:0c:6a:84:5c:f6:7e:c1:
         2d:c5:5d:7b:e5:54:02:9d:af:4e:4d:e2:3f:be:62:85:16:39:
         bb:47:c7:5f:1b:82:68:91:3a:e0:b8:9d:9c:23:ca:2a:c1:b2:
         78:6c:94:da:5f:7b:6d:9c:72:da:f7:7a:14:a1:4f:29:9b:8f:
         50:b7:d5:0a:e6:dd:7f:a1:2c:65:da:c7:cc:d7:17:8b:28:0c:
         40:d5:01:c8:51:b6:af:e9:b5:ee:27:22:21:18:35:be:0e:fe:
         11:86:be:ea:27:a5:49:01:54:de:4b:fb:81:af:62:ce:b1:4a:
         44:ed:2c:e7:fd:da:25:32:d5:02:7a:7d:5f:eb:eb:9b:4a:ff:
         af:ed:19:0c:c0:9b:f9:da:d2:00:71:8e:c6:92:d5:b0:04:f8:
         76:74:9e:15:42:f4:0d:a2:34:4d:a8:04:de:a6:f8:6a:71:e7:
         02:c3:be:ee:38:e4:76:8d:54:7a:00:14:b4:fc:6a:c5:0a:2b:
         be:aa:21:d5:93:11:3a:49:50:23:53:03:ef:ac:c3:0a:6c:0e:
         2a:eb:02:f1:ff:bf:4d:2c:69:9f:a2:a8:4e:f3:24:93:e7:4b:
         79:de:9f:0d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYOifLci6imgr8HzoCbXeRRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMDA0MTAxMzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM3ZTY0NWE1YTEyYzU4Yzc5NzA3ZTg1ZmQ4MTk2ZGFhZGIwZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsW+xA6CL2FwShV9xVL8gEHtZjfC
KY/RAcDfT3VEY1a9gQh9wen0aG62Ab34vYS+/hRgzAaGaRDb0LDJrNqJgLWWTtMy
IZf/Cmt71h9alE1MJNqAAfgSukQUXpXcycoMM7ShyuoDTb4bkVYUSvgNcDK1CQ68
UP52ixqH+z1y0pP6OYZPGgr6e2dpIiJvEuS1XUz4pbns+3G7Wdj07GE/uM9Qpinv
7mtDSsS7ryV+NQB++kxyHB7lmWTP0ke3514pj3N4oal8nxTOMo1aT1AChampRYfm
MpOpnHVjw+OrMZcukedSVoFMqJYmkMqiLql8NO6IRolSeIvAFHu2K1uDWQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFB7H5kWloSxYx5cH6F/YGW2q2w/NMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvSHNmbVJhV2hMRmpIbHdmb1g5Z1piYXJiRDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCBQgsAwQC
BWUsAwQBBbwyAwQCBbzIAwQCBb3YAwQBBb38AwQABb3/AwQAW/MoAwQAW/MrMA0G
CSqGSIb3DQEBCwUAA4IBAQCD2N2MiuAmpKHU7Qhh7nUlsbJmeV0Le1ur4ImFtQxq
hFz2fsEtxV175VQCna9OTeI/vmKFFjm7R8dfG4JokTrguJ2cI8oqwbJ4bJTaX3tt
nHLa93oUoU8pm49Qt9UK5t1/oSxl2sfM1xeLKAxA1QHIUbav6bXuJyIhGDW+Dv4R
hr7qJ6VJAVTeS/uBr2LOsUpE7Szn/dolMtUCen1f6+ubSv+v7RkMwJv52tIAcY7G
ktWwBPh2dJ4VQvQNojRNqATepvhqcecCw77uOOR2jVR6ABS0/GrFCiu+qiHVkxE6
SVAjUwPvrMMKbA4q6wLx/79NLGmfoqhO8yST50t53p8N
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org