Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/HG0PnTHGuprzdhcj6ahGSkzBedM.roa
File:                     HG0PnTHGuprzdhcj6ahGSkzBedM.roa (raw, json)
Hash identifier:          OdCvde5tTfMSwELQRQx5Dlj1AwdcaxLWqJOW1tGlKYA=
Subject key identifier:   1C:6D:0F:9D:31:C6:BA:9A:F3:76:17:23:E9:A8:46:4A:4C:C1:79:D3
Certificate issuer:       /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial:       0182160334ADA0C4A2418060730DD1353986
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/HG0PnTHGuprzdhcj6ahGSkzBedM.roa
Signing time:             Tue 19 Jul 2022 10:31:24 +0000
ROA not before:           Tue 19 Jul 2022 10:31:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.63.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:16:03:34:ad:a0:c4:a2:41:80:60:73:0d:d1:35:39:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
        Validity
            Not Before: Jul 19 10:31:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c6d0f9d31c6ba9af3761723e9a8464a4cc179d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f0:ae:d5:01:e7:30:a1:0a:eb:1d:5b:57:e0:
                    6e:2f:70:46:69:75:33:7e:81:25:d8:ba:ee:52:56:
                    20:85:d4:6b:f7:7b:20:97:e9:b2:11:47:aa:81:39:
                    60:33:31:cc:5d:32:00:53:e7:86:0f:83:da:54:5e:
                    76:75:bd:4a:d8:e5:48:82:2c:c2:2c:39:0a:c6:c7:
                    cb:28:0d:a1:04:b6:23:c9:da:73:8a:77:77:f9:6b:
                    03:fe:5f:b7:e3:1d:e2:1f:98:fe:99:ef:8c:9b:80:
                    ec:06:e2:c7:21:c6:f8:39:d6:8d:90:70:13:35:0d:
                    d3:12:db:75:d9:bc:e5:8d:b9:cf:4b:c9:36:e1:85:
                    a4:a9:00:c9:94:b0:96:11:56:0b:a3:8c:53:93:6b:
                    dd:50:c1:13:02:d6:7d:e6:db:80:4f:ab:13:e5:cc:
                    90:8b:c1:0a:37:15:bd:d5:9c:8d:9f:19:ef:c3:82:
                    28:ff:51:db:24:8f:8e:da:ee:07:71:b3:b4:1d:83:
                    26:2d:e0:e3:67:d8:01:e5:ed:25:7d:4d:97:fd:02:
                    36:89:cf:ac:86:e7:ac:68:f1:04:b5:b6:70:29:01:
                    a0:ee:db:eb:b7:27:53:da:80:32:b7:79:bc:86:45:
                    d7:d5:a7:10:ac:c6:8f:90:c0:65:2c:fb:02:35:29:
                    91:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:6D:0F:9D:31:C6:BA:9A:F3:76:17:23:E9:A8:46:4A:4C:C1:79:D3
            X509v3 Authority Key Identifier:
                keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/HG0PnTHGuprzdhcj6ahGSkzBedM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:f3:ef:c3:c4:da:33:9e:4a:7c:da:0c:23:5f:81:da:45:41:
         34:12:7b:4b:84:6e:00:82:36:3e:a0:ab:14:e5:d6:bb:23:c5:
         c1:4e:d5:aa:64:91:24:0c:46:4e:9c:78:a7:09:0e:75:80:a5:
         07:44:9d:29:21:20:ad:f2:8a:af:5e:1c:94:a6:7e:87:5a:e7:
         7c:86:5a:f2:85:1b:8e:6a:cb:9f:ac:85:70:fd:4b:b8:7c:6b:
         70:fd:4a:2e:2c:af:21:26:f9:f7:14:ed:84:84:17:c4:f7:57:
         f3:af:96:82:28:30:d3:21:88:4b:d0:5f:b2:aa:5b:27:c7:d6:
         16:33:cd:d5:61:a1:2d:4b:59:13:ec:07:8b:b7:35:cf:48:af:
         3d:f3:c5:09:fa:27:aa:98:65:5b:3e:1d:15:8b:54:aa:08:eb:
         e7:67:b8:f6:27:a3:ff:1e:0b:83:d8:c0:44:f8:91:e6:43:24:
         b4:3e:a7:61:39:f1:ff:62:bf:78:aa:af:5b:79:e7:e8:65:6f:
         06:0f:7d:73:76:35:19:6f:67:55:9c:18:73:10:2a:60:5e:e2:
         68:7b:1a:95:ed:bd:81:36:b9:d8:b6:56:54:9f:77:bb:3f:46:
         bd:62:67:5d:f1:29:08:0e:48:76:fc:f1:d9:e6:38:41:08:92:
         9c:12:95:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIWAzStoMSiQYBgcw3RNTmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjIwNzE5MTAzMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZkMGY5ZDMxYzZiYTlhZjM3NjE3MjNlOWE4NDY0YTRjYzE3OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPCu1QHnMKEK6x1bV+BuL3BGaXUz
foEl2LruUlYghdRr93sgl+myEUeqgTlgMzHMXTIAU+eGD4PaVF52db1K2OVIgizC
LDkKxsfLKA2hBLYjydpzind3+WsD/l+34x3iH5j+me+Mm4DsBuLHIcb4OdaNkHAT
NQ3TEtt12bzljbnPS8k24YWkqQDJlLCWEVYLo4xTk2vdUMETAtZ95tuAT6sT5cyQ
i8EKNxW91ZyNnxnvw4Io/1HbJI+O2u4HcbO0HYMmLeDjZ9gB5e0lfU2X/QI2ic+s
huesaPEEtbZwKQGg7tvrtydT2oAyt3m8hkXX1acQrMaPkMBlLPsCNSmRdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxtD50xxrqa83YXI+moRkpMwXnTMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvSEcwUG5USEd1cHJ6ZGhjajZhaEdTa3pCZWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8hMA0G
CSqGSIb3DQEBCwUAA4IBAQBY8+/DxNoznkp82gwjX4HaRUE0EntLhG4AgjY+oKsU
5da7I8XBTtWqZJEkDEZOnHinCQ51gKUHRJ0pISCt8oqvXhyUpn6HWud8hlryhRuO
asufrIVw/Uu4fGtw/UouLK8hJvn3FO2EhBfE91fzr5aCKDDTIYhL0F+yqlsnx9YW
M83VYaEtS1kT7AeLtzXPSK8988UJ+ieqmGVbPh0Vi1SqCOvnZ7j2J6P/HguD2MBE
+JHmQyS0PqdhOfH/Yr94qq9beefoZW8GD31zdjUZb2dVnBhzECpgXuJoexqV7b2B
NrnYtlZUn3e7P0a9Ymdd8SkIDkh2/PHZ5jhBCJKcEpXK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:48 2024 by rpki-client on console-fra.rpki-client.org