Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hvUzrm9p-mke4QcB4uLrWB9MSIA.roa
File:                     hvUzrm9p-mke4QcB4uLrWB9MSIA.roa (raw, json)
Hash identifier:          qQ7QvbAoo+VYDHcfElKkndrFlGDmkysfA6jE6ysxZuA=
Subject key identifier:   86:F5:33:AE:6F:69:FA:69:1E:E1:07:01:E2:E2:EB:58:1F:4C:48:80
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       08AFCA69
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hvUzrm9p-mke4QcB4uLrWB9MSIA.roa
Signing time:             Sat 01 Jan 2022 14:01:47 +0000
ROA not before:           Sat 01 Jan 2022 14:01:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210915
IP address blocks:        2a0e:8f02:f036::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145738345 (0x8afca69)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Jan  1 14:01:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86f533ae6f69fa691ee10701e2e2eb581f4c4880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7c:d2:95:c9:86:ba:fa:32:ce:a7:34:d3:2a:
                    19:64:e1:81:92:8d:6e:6a:22:95:f3:66:a7:0a:61:
                    f3:a2:2a:d2:7d:63:12:99:91:01:2e:02:2c:fc:7e:
                    dc:b6:7f:4a:b8:6c:76:90:12:a8:5d:43:e4:1e:22:
                    da:b3:78:55:1d:f5:83:19:30:b8:ae:6d:3a:4d:1b:
                    af:f6:2d:5d:e7:c9:8e:f8:93:40:a1:25:4e:41:41:
                    0f:59:bd:d6:8b:16:4a:08:16:05:10:d3:fe:1b:e3:
                    3b:22:38:2a:19:ad:d7:66:a3:85:b7:c9:50:e8:58:
                    2a:78:de:cb:ff:7b:a6:5a:87:77:d8:b5:5e:e7:1b:
                    9a:64:88:da:b4:d3:2f:25:a9:12:60:27:86:2a:8e:
                    15:07:73:d0:8b:5b:d1:ab:1a:c2:d4:8e:f7:04:f4:
                    26:53:5f:73:a3:d5:4d:9e:3e:b8:a1:f2:e9:a1:c3:
                    4e:e0:d2:79:19:2b:01:a5:1b:b2:5b:2a:03:15:24:
                    0a:68:42:75:66:10:39:23:11:a1:db:fa:80:2b:43:
                    65:c2:2e:67:b3:a6:41:0b:51:1d:16:30:d9:d2:9d:
                    87:ed:0f:0d:25:5e:cd:bb:4f:75:42:a9:60:9a:42:
                    a9:02:d3:ac:d2:11:8d:42:7b:91:df:9a:ea:3f:9c:
                    9b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F5:33:AE:6F:69:FA:69:1E:E1:07:01:E2:E2:EB:58:1F:4C:48:80
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/hvUzrm9p-mke4QcB4uLrWB9MSIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f036::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:6e:a6:83:b5:ef:05:c2:8f:08:67:47:d9:30:5b:a6:33:0a:
         3d:b8:cf:64:3a:70:85:b4:c1:81:11:1b:53:a7:71:2c:b9:a9:
         46:10:70:b1:10:92:ec:fa:2e:39:6c:0a:31:37:b2:0a:8c:c7:
         d7:98:f0:2e:90:92:a0:22:17:a5:e7:cd:0c:12:e0:8f:67:d3:
         ef:e8:19:e2:18:4f:99:70:81:d3:5e:b9:b3:31:d3:87:b6:51:
         e8:c1:94:5f:fb:45:9b:57:24:76:65:f2:e9:56:8c:62:60:c2:
         b6:3f:8d:60:6b:d4:dc:eb:02:bc:a9:e7:2c:c6:23:e8:92:41:
         ed:a3:24:3f:89:6c:04:29:b6:1e:c9:8e:c3:b8:b4:70:79:b4:
         8b:83:b4:98:37:70:1d:90:33:cd:d1:0a:31:df:20:fd:43:7f:
         b4:40:a6:13:40:ce:33:6d:74:28:42:2f:cb:f8:6b:3d:a8:6c:
         cf:22:ac:3f:54:af:7e:ad:b2:a5:1e:57:96:e7:9d:41:66:eb:
         6d:3d:61:c6:08:19:d6:74:5f:5c:31:59:11:e5:f6:f9:8c:c0:
         11:f7:ef:61:4a:6a:71:29:e2:1f:ac:2e:a2:17:f6:ff:a4:80:
         5b:49:c2:5a:ec:48:6e:ad:53:0d:1d:5b:2d:98:95:15:2a:c0:
         be:0a:a2:91
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECK/KaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZmNTMzYWU2ZjY5
ZmE2OTFlZTEwNzAxZTJlMmViNTgxZjRjNDg4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK980pXJhrr6Ms6nNNMqGWThgZKNbmoilfNmpwph86Iq0n1j
EpmRAS4CLPx+3LZ/SrhsdpASqF1D5B4i2rN4VR31gxkwuK5tOk0br/YtXefJjviT
QKElTkFBD1m91osWSggWBRDT/hvjOyI4Khmt12ajhbfJUOhYKnjey/97plqHd9i1
XucbmmSI2rTTLyWpEmAnhiqOFQdz0Itb0asawtSO9wT0JlNfc6PVTZ4+uKHy6aHD
TuDSeRkrAaUbslsqAxUkCmhCdWYQOSMRodv6gCtDZcIuZ7OmQQtRHRYw2dKdh+0P
DSVezbtPdUKpYJpCqQLTrNIRjUJ7kd+a6j+cm6UCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSG9TOub2n6aR7hBwHi4utYH0xIgDAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L2h2VXpybTlwLW1rZTRRY0I0dUxyV0I5TVNJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwNjANBgkqhkiG9w0BAQsF
AAOCAQEAhm6mg7XvBcKPCGdH2TBbpjMKPbjPZDpwhbTBgREbU6dxLLmpRhBwsRCS
7PouOWwKMTeyCozH15jwLpCSoCIXpefNDBLgj2fT7+gZ4hhPmXCB0165szHTh7ZR
6MGUX/tFm1ckdmXy6VaMYmDCtj+NYGvU3OsCvKnnLMYj6JJB7aMkP4lsBCm2HsmO
w7i0cHm0i4O0mDdwHZAzzdEKMd8g/UN/tECmE0DOM210KEIvy/hrPahszyKsP1Sv
fq2ypR5XluedQWbrbT1hxggZ1nRfXDFZEeX2+YzAEffvYUpqcSniH6wuohf2/6SA
W0nCWuxIbq1TDR1bLZiVFSrAvgqikQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org