Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HaL7CAT-iIxtSBR2NHcoYSBiRRQ.roa
File:                     HaL7CAT-iIxtSBR2NHcoYSBiRRQ.roa (raw, json)
Hash identifier:          xNvcquKWZzKNDCwiwFuljJCKz3EAVnuTQkCgvTofxgA=
Subject key identifier:   1D:A2:FB:08:04:FE:88:8C:6D:48:14:76:34:77:28:61:20:62:45:14
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       0183B4E0E8F95B35DCDDA12D471250D4D32E
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HaL7CAT-iIxtSBR2NHcoYSBiRRQ.roa
Signing time:             Fri 07 Oct 2022 23:56:21 +0000
ROA not before:           Fri 07 Oct 2022 23:56:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        45.65.113.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:b4:e0:e8:f9:5b:35:dc:dd:a1:2d:47:12:50:d4:d3:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Oct  7 23:56:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1da2fb0804fe888c6d4814763477286120624514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ea:09:8a:87:40:bc:77:3f:2a:c8:d4:17:d7:
                    17:5b:82:6b:41:b0:02:87:ed:6f:42:64:f5:85:63:
                    aa:44:3d:16:da:a9:2b:1b:14:73:96:6e:66:12:07:
                    25:05:65:0d:b8:55:e3:25:9e:e9:67:1b:6e:f1:a8:
                    7d:b8:84:f2:15:d3:15:1c:90:8d:38:35:c0:ab:c5:
                    28:4d:a8:f0:a5:b2:7b:8e:03:19:d8:70:25:f9:b8:
                    58:d8:01:2e:92:f7:74:05:39:1f:5e:e3:a4:e7:8a:
                    ab:a3:7c:37:32:34:0f:8f:1e:37:9c:90:99:ba:cb:
                    e4:f5:18:3d:07:f9:4e:7a:68:91:93:ef:ec:40:a9:
                    4c:fd:23:b5:11:21:93:1e:7b:44:75:77:0a:a0:ec:
                    50:15:e5:f0:15:b9:55:28:9c:b9:23:6f:57:fd:c1:
                    5b:14:44:75:68:62:10:df:bb:ce:90:4a:c6:d6:8e:
                    9f:7b:47:e5:9b:12:82:f2:61:00:fa:87:bb:99:23:
                    3d:84:f6:5c:e1:d7:96:93:c4:e4:b9:4f:45:17:73:
                    8f:51:df:e0:99:60:54:e0:48:83:6c:7b:d4:df:e8:
                    66:84:3f:f3:c0:8b:73:eb:c3:18:e1:0e:68:cf:d7:
                    b9:6d:20:2b:41:b5:ca:ac:08:03:f3:82:03:53:ad:
                    09:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:A2:FB:08:04:FE:88:8C:6D:48:14:76:34:77:28:61:20:62:45:14
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/HaL7CAT-iIxtSBR2NHcoYSBiRRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:74:a2:c4:c7:60:4c:fa:38:39:5b:bc:87:1d:7e:8d:08:0c:
         4c:fc:73:d2:eb:ea:af:e1:6c:ed:07:84:d1:94:34:ec:37:85:
         2e:bf:4a:f7:e1:d7:2b:50:be:95:af:59:f8:17:ff:1c:de:8f:
         9a:b8:da:85:37:8c:19:ea:15:f4:02:82:cd:c8:de:dd:af:e3:
         03:f3:8c:4d:ab:db:5e:8f:b6:00:c8:4f:5d:79:db:8c:c7:a2:
         5f:0c:7b:f9:d0:bc:07:4e:d8:fa:1a:2d:87:a4:11:78:3f:eb:
         3f:24:b5:1a:bd:b1:79:22:f2:e3:5e:7c:c7:f1:dd:49:b1:e3:
         b0:e6:81:b2:c4:95:95:a2:21:2f:d1:31:cc:4c:69:35:41:38:
         3f:61:ec:ff:b9:5a:a3:c5:bc:f9:eb:f2:3e:f6:a8:18:4d:e5:
         5c:a5:10:c2:4c:77:cc:c6:18:6b:09:7f:61:da:3a:31:03:bb:
         7f:42:7e:cb:05:cf:cd:cd:41:54:e9:91:7a:92:7b:29:7b:56:
         4e:52:21:70:d3:80:d8:6d:de:72:b5:68:35:4b:02:c6:f1:11:
         1d:70:61:fb:b0:f6:60:c8:2a:a2:11:b5:cf:2e:f3:29:39:bc:
         3e:99:47:f6:e7:9d:22:0c:5b:d9:e3:f0:73:11:a7:9e:93:da:
         12:7b:a5:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYO04Oj5WzXc3aEtRxJQ1NMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIxMDA3MjM1NjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEyZmIwODA0ZmU4ODhjNmQ0ODE0NzYzNDc3Mjg2MTIwNjI0NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluoJiodAvHc/KsjUF9cXW4JrQbAC
h+1vQmT1hWOqRD0W2qkrGxRzlm5mEgclBWUNuFXjJZ7pZxtu8ah9uITyFdMVHJCN
ODXAq8UoTajwpbJ7jgMZ2HAl+bhY2AEukvd0BTkfXuOk54qro3w3MjQPjx43nJCZ
usvk9Rg9B/lOemiRk+/sQKlM/SO1ESGTHntEdXcKoOxQFeXwFblVKJy5I29X/cFb
FER1aGIQ37vOkErG1o6fe0flmxKC8mEA+oe7mSM9hPZc4deWk8TkuU9FF3OPUd/g
mWBU4EiDbHvU3+hmhD/zwItz68MY4Q5oz9e5bSArQbXKrAgD84IDU60JWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2i+wgE/oiMbUgUdjR3KGEgYkUUMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSGFMN0NBVC1pSXh0U0JSMk5IY29ZU0JpUlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUFxMA0G
CSqGSIb3DQEBCwUAA4IBAQBLdKLEx2BM+jg5W7yHHX6NCAxM/HPS6+qv4WztB4TR
lDTsN4Uuv0r34dcrUL6Vr1n4F/8c3o+auNqFN4wZ6hX0AoLNyN7dr+MD84xNq9te
j7YAyE9deduMx6JfDHv50LwHTtj6Gi2HpBF4P+s/JLUavbF5IvLjXnzH8d1JseOw
5oGyxJWVoiEv0THMTGk1QTg/Yez/uVqjxbz56/I+9qgYTeVcpRDCTHfMxhhrCX9h
2joxA7t/Qn7LBc/NzUFU6ZF6knspe1ZOUiFw04DYbd5ytWg1SwLG8REdcGH7sPZg
yCqiEbXPLvMpObw+mUf2550iDFvZ4/BzEaeek9oSe6Wi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org