Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/42fb4c-295d-4da2-b1c0-35d2285f0299/1/RhCjJlaXw6ovgV5KuRZ1vuVVwwU.roa
File:                     RhCjJlaXw6ovgV5KuRZ1vuVVwwU.roa (raw, json)
Hash identifier:          A0JECfLwP1k1C+a5Ux0Q2esZCgeLXx2yvB4L9jXnJ1s=
Subject key identifier:   46:10:A3:26:56:97:C3:AA:2F:81:5E:4A:B9:16:75:BE:E5:55:C3:05
Certificate issuer:       /CN=47f2e3102a41792525d4bd6a8a6c2ff4aa8f6d71
Certificate serial:       8383FA
Authority key identifier: 47:F2:E3:10:2A:41:79:25:25:D4:BD:6A:8A:6C:2F:F4:AA:8F:6D:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R_LjECpBeSUl1L1qimwv9KqPbXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/42fb4c-295d-4da2-b1c0-35d2285f0299/1/RhCjJlaXw6ovgV5KuRZ1vuVVwwU.roa
Signing time:             Sat 01 Jan 2022 01:02:11 +0000
ROA not before:           Sat 01 Jan 2022 01:02:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        212.18.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8619002 (0x8383fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47f2e3102a41792525d4bd6a8a6c2ff4aa8f6d71
        Validity
            Not Before: Jan  1 01:02:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4610a3265697c3aa2f815e4ab91675bee555c305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:34:20:b6:39:9e:07:bc:3e:55:b0:de:93:74:
                    9b:a6:88:02:76:91:a3:57:44:4a:41:03:67:d5:65:
                    ca:a6:92:aa:d5:90:ca:b4:05:8d:b3:c4:f3:74:f3:
                    cd:0d:f2:5b:47:16:54:66:94:94:c7:51:00:d1:82:
                    47:1e:ff:d5:da:49:7a:f2:68:34:2a:2a:71:2b:a2:
                    ff:bb:8e:91:01:87:27:23:6c:cd:3c:29:f8:52:c7:
                    0a:9b:5f:6c:1e:af:af:f9:44:00:d2:ad:10:4f:dd:
                    f1:4c:a7:f7:60:b9:9d:80:bd:df:73:e3:3d:0a:31:
                    8a:ad:14:9f:2f:8b:98:60:b3:de:a3:2b:cc:01:f5:
                    06:aa:5e:ef:00:3e:06:12:d9:15:10:ac:70:85:d3:
                    4c:0c:35:0a:87:6b:17:32:ca:66:e5:93:36:18:8b:
                    99:f3:74:c7:38:74:0b:5d:9f:f7:49:01:85:56:e0:
                    8b:8b:76:5b:4b:b2:28:a8:1b:04:b0:ae:65:34:71:
                    1d:af:61:e1:83:af:0b:3a:87:fd:3a:e3:9c:7c:3d:
                    f3:3d:ee:a9:25:95:43:94:94:25:42:9d:82:a4:93:
                    73:38:09:d8:96:d8:35:97:38:2c:c2:34:00:a0:7e:
                    a0:a5:3e:ea:d0:53:94:ad:78:65:bd:b8:f1:f9:7a:
                    f2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:10:A3:26:56:97:C3:AA:2F:81:5E:4A:B9:16:75:BE:E5:55:C3:05
            X509v3 Authority Key Identifier:
                keyid:47:F2:E3:10:2A:41:79:25:25:D4:BD:6A:8A:6C:2F:F4:AA:8F:6D:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R_LjECpBeSUl1L1qimwv9KqPbXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/42fb4c-295d-4da2-b1c0-35d2285f0299/1/RhCjJlaXw6ovgV5KuRZ1vuVVwwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/42fb4c-295d-4da2-b1c0-35d2285f0299/1/R_LjECpBeSUl1L1qimwv9KqPbXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:9a:5c:84:37:88:64:6c:ee:b2:2a:15:df:f6:30:16:80:05:
         1b:44:2b:27:84:c4:3e:d6:ff:c9:39:5a:1e:03:6d:5b:bf:65:
         11:5b:fd:e8:bb:dc:ba:3f:2a:04:64:23:e7:8a:e7:9c:06:ce:
         35:20:20:36:11:03:b3:91:d0:09:91:97:d4:c8:bf:4e:4a:63:
         c7:4c:15:81:a8:1e:30:d6:59:02:f4:7b:ac:37:a2:75:a3:ee:
         7b:73:f9:b9:eb:36:44:86:b2:d9:28:61:92:af:52:ef:61:90:
         4c:e9:11:a1:be:8e:51:0c:ba:63:90:b1:f4:f4:d9:00:08:20:
         d0:e9:e7:cb:7b:51:3c:4f:a9:4d:ca:21:04:98:38:f0:68:a5:
         1d:6b:55:1c:24:5d:d0:e5:d9:62:7d:01:e9:18:96:c0:9b:b1:
         b9:0e:36:f7:67:56:02:26:3b:1b:93:cb:07:0d:52:67:57:59:
         ab:b3:bc:07:0e:64:96:98:b7:23:e7:53:ea:44:74:89:ad:7f:
         be:99:07:e7:b2:c5:dd:9e:c3:94:9e:5c:04:ce:1d:d7:16:fd:
         b5:d7:c8:36:27:81:2e:86:d6:e5:0f:50:40:5b:3f:68:5d:35:
         57:5c:8f:09:b4:d0:ed:af:6b:91:b6:c3:6b:a0:bf:a1:35:ef:
         38:43:2d:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIOD+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2YyZTMxMDJhNDE3OTI1MjVkNGJkNmE4YTZjMmZmNGFhOGY2ZDcxMB4XDTIyMDEw
MTAxMDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYxMGEzMjY1Njk3
YzNhYTJmODE1ZTRhYjkxNjc1YmVlNTU1YzMwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJI0ILY5nge8PlWw3pN0m6aIAnaRo1dESkEDZ9VlyqaSqtWQ
yrQFjbPE83TzzQ3yW0cWVGaUlMdRANGCRx7/1dpJevJoNCoqcSui/7uOkQGHJyNs
zTwp+FLHCptfbB6vr/lEANKtEE/d8Uyn92C5nYC933PjPQoxiq0Uny+LmGCz3qMr
zAH1Bqpe7wA+BhLZFRCscIXTTAw1CodrFzLKZuWTNhiLmfN0xzh0C12f90kBhVbg
i4t2W0uyKKgbBLCuZTRxHa9h4YOvCzqH/TrjnHw98z3uqSWVQ5SUJUKdgqSTczgJ
2JbYNZc4LMI0AKB+oKU+6tBTlK14Zb248fl68jMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGEKMmVpfDqi+BXkq5FnW+5VXDBTAfBgNVHSMEGDAWgBRH8uMQKkF5JSXU
vWqKbC/0qo9tcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JfTGpFQ3BCZVNVbDFMMXFpbXd2OUtxUGJYRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvNDJmYjRjLTI5NWQtNGRhMi1iMWMwLTM1ZDIyODVmMDI5OS8x
L1JoQ2pKbGFYdzZvdmdWNUt1UloxdnVWVnd3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
NDJmYjRjLTI5NWQtNGRhMi1iMWMwLTM1ZDIyODVmMDI5OS8xL1JfTGpFQ3BCZVNV
bDFMMXFpbXd2OUtxUGJYRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQSfDANBgkqhkiG9w0BAQsFAAOC
AQEAZZpchDeIZGzusioV3/YwFoAFG0QrJ4TEPtb/yTlaHgNtW79lEVv96Lvcuj8q
BGQj54rnnAbONSAgNhEDs5HQCZGX1Mi/Tkpjx0wVgageMNZZAvR7rDeidaPue3P5
ues2RIay2Shhkq9S72GQTOkRob6OUQy6Y5Cx9PTZAAgg0Onny3tRPE+pTcohBJg4
8GilHWtVHCRd0OXZYn0B6RiWwJuxuQ4292dWAiY7G5PLBw1SZ1dZq7O8Bw5klpi3
I+dT6kR0ia1/vpkH57LF3Z7DlJ5cBM4d1xb9tdfINieBLobW5Q9QQFs/aF01V1yP
CbTQ7a9rkbbDa6C/oTXvOEMt4A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:20 2023 by rpki-client on console-fra.rpki-client.org