Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/hPIZUEOvSRKiqm_-QUeRPfB1Xag.roa
File:                     hPIZUEOvSRKiqm_-QUeRPfB1Xag.roa (raw, json)
Hash identifier:          sNZBs0Cuft24oj6ntPHNgW+Iwmp/zp6xO3CjkImWmMY=
Subject key identifier:   84:F2:19:50:43:AF:49:12:A2:AA:6F:FE:41:47:91:3D:F0:75:5D:A8
Certificate issuer:       /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial:       32FDFCFD
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/hPIZUEOvSRKiqm_-QUeRPfB1Xag.roa
Signing time:             Sat 01 Jan 2022 06:53:17 +0000
ROA not before:           Sat 01 Jan 2022 06:53:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52051
IP address blocks:        185.124.48.0/22 maxlen: 24
                          2a0e:8f80::/48 maxlen: 48
                          2a01:b1c2::/32 maxlen: 48
                          2a01:b1c3::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855506173 (0x32fdfcfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
        Validity
            Not Before: Jan  1 06:53:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84f2195043af4912a2aa6ffe4147913df0755da8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:61:8e:6e:35:fd:72:d9:25:ba:9e:73:7a:e6:
                    12:cb:c2:fd:6c:d0:b2:fc:1c:87:e5:fc:19:cf:45:
                    ba:0e:df:9f:ab:5e:77:c2:39:5e:85:63:89:71:66:
                    52:fd:96:72:f1:4f:4e:06:7c:b7:67:df:64:36:25:
                    89:45:d7:0a:2a:05:e7:57:87:da:69:d5:d6:32:b2:
                    e7:ed:69:c4:b2:ff:6d:ea:54:dd:2f:70:aa:88:c5:
                    0f:03:1d:af:bd:23:02:b2:e5:b3:8e:b8:48:65:a9:
                    7d:0d:01:56:7d:ac:06:ca:0b:b0:fc:fc:5a:74:5b:
                    b0:55:da:9c:4e:de:d2:b7:81:fb:9e:2b:47:6f:18:
                    68:e3:d2:b0:50:0d:92:da:df:f1:78:f7:86:d3:97:
                    c0:b8:de:94:07:69:8d:64:9d:c5:8b:97:e4:21:a1:
                    9d:4f:ae:1b:75:72:47:ee:f3:fb:66:d5:8c:f2:15:
                    6d:de:aa:ed:18:f1:eb:e3:57:1e:78:e1:ed:e2:7c:
                    b2:bc:d4:cd:94:f2:d6:dc:68:50:01:8f:93:60:c9:
                    c3:54:35:48:dd:1b:d5:03:3f:f0:21:09:9b:97:1a:
                    9a:a0:68:d6:f7:fa:d6:c4:77:02:82:33:0e:2c:fd:
                    67:e4:30:89:9a:62:06:d6:00:62:2b:96:fa:0d:9f:
                    7b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F2:19:50:43:AF:49:12:A2:AA:6F:FE:41:47:91:3D:F0:75:5D:A8
            X509v3 Authority Key Identifier:
                keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/hPIZUEOvSRKiqm_-QUeRPfB1Xag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.48.0/22
                IPv6:
                  2a01:b1c2::/31
                  2a0e:8f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:cd:95:62:35:14:72:26:67:71:46:e5:41:4b:cf:74:e6:91:
         fe:97:41:a1:64:9a:e4:c6:4e:c4:d9:92:be:d8:70:80:67:ed:
         a2:f9:2f:cc:c7:58:2c:5a:88:9d:c1:6e:1d:c3:b9:23:97:38:
         ec:af:96:d3:45:15:cb:4b:eb:e9:47:77:a9:c1:e0:18:5b:71:
         a6:7f:60:d6:35:db:a5:ce:e9:d0:e1:8d:ab:ed:89:8e:94:e7:
         1f:30:02:b8:f6:13:40:56:56:00:b7:90:fd:27:28:37:f3:ae:
         a5:aa:0c:96:31:05:0b:8e:41:e0:33:c4:6b:12:2b:30:0f:eb:
         86:f0:e8:13:98:c4:bc:a3:7b:4e:ab:dc:68:5d:a6:aa:7f:e6:
         f7:33:be:7c:55:c8:55:c1:5a:75:62:42:1f:6d:9e:97:92:2f:
         34:5c:23:78:46:65:2b:b6:ef:0c:17:bd:76:c6:56:63:3e:c9:
         2d:7a:e1:74:4b:54:2b:c1:77:02:53:e1:34:4f:20:a0:48:be:
         6f:68:ce:89:de:ba:5b:dd:02:9b:28:bb:9d:40:e6:87:67:f8:
         a4:23:f2:44:dd:5f:7c:26:8d:33:e0:e6:78:1c:54:77:3f:55:
         6b:4f:07:ff:72:dc:90:c6:eb:87:a6:e0:41:fd:3f:f6:dc:42:
         80:ae:7f:7b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEMv38/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjA3NDMzOWJiMjE2Yjg1YmRjODNkNjE3Nzg4MjFhZGY5MTQ5ZDU2MB4XDTIyMDEw
MTA2NTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRmMjE5NTA0M2Fm
NDkxMmEyYWE2ZmZlNDE0NzkxM2RmMDc1NWRhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBhjm41/XLZJbqec3rmEsvC/WzQsvwch+X8Gc9Fug7fn6te
d8I5XoVjiXFmUv2WcvFPTgZ8t2ffZDYliUXXCioF51eH2mnV1jKy5+1pxLL/bepU
3S9wqojFDwMdr70jArLls464SGWpfQ0BVn2sBsoLsPz8WnRbsFXanE7e0reB+54r
R28YaOPSsFANktrf8Xj3htOXwLjelAdpjWSdxYuX5CGhnU+uG3VyR+7z+2bVjPIV
bd6q7Rjx6+NXHnjh7eJ8srzUzZTy1txoUAGPk2DJw1Q1SN0b1QM/8CEJm5camqBo
1vf61sR3AoIzDiz9Z+QwiZpiBtYAYiuW+g2fe9MCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSE8hlQQ69JEqKqb/5BR5E98HVdqDAfBgNVHSMEGDAWgBSiB0M5uyFrhb3I
PWF3iCGt+RSdVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29nZERPYnNoYTRXOXlEMWhkNGdocmZrVW5WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8x
L2hQSVpVRU92U1JLaXFtXy1RVWVSUGZCMVhhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NTcxYjM0LWFjZjktNGViZi05ODhiLTBmZWI2NmU3ZjI4YS8xL29nZERPYnNoYTRX
OXlEMWhkNGdocmZrVW5WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEArl8MDAWBAIAAjAQAwUBKgGxwgMH
ACoOj4AAADANBgkqhkiG9w0BAQsFAAOCAQEAdM2VYjUUciZncUblQUvPdOaR/pdB
oWSa5MZOxNmSvthwgGftovkvzMdYLFqIncFuHcO5I5c47K+W00UVy0vr6Ud3qcHg
GFtxpn9g1jXbpc7p0OGNq+2JjpTnHzACuPYTQFZWALeQ/ScoN/OupaoMljEFC45B
4DPEaxIrMA/rhvDoE5jEvKN7TqvcaF2mqn/m9zO+fFXIVcFadWJCH22el5IvNFwj
eEZlK7bvDBe9dsZWYz7JLXrhdEtUK8F3AlPhNE8goEi+b2jOid66W90Cmyi7nUDm
h2f4pCPyRN1ffCaNM+DmeBxUdz9Va08H/3LckMbrh6bgQf0/9txCgK5/ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org