Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6ce644-0256-45a7-af1c-c60e9a4a5d34/1/huSfExLDhtMGmpYRgyAIg6V8Jfg.roa
File:                     huSfExLDhtMGmpYRgyAIg6V8Jfg.roa (raw, json)
Hash identifier:          +J755fsSeijUV6E/jG8OTph38qKFzp28NG1HHDy51R0=
Subject key identifier:   86:E4:9F:13:12:C3:86:D3:06:9A:96:11:83:20:08:83:A5:7C:25:F8
Certificate issuer:       /CN=bc696339adb8e888be95040e1c83da7f95bbb385
Certificate serial:       0EED8D70
Authority key identifier: BC:69:63:39:AD:B8:E8:88:BE:95:04:0E:1C:83:DA:7F:95:BB:B3:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vGljOa246Ii-lQQOHIPaf5W7s4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6ce644-0256-45a7-af1c-c60e9a4a5d34/1/huSfExLDhtMGmpYRgyAIg6V8Jfg.roa
Signing time:             Mon 20 Jun 2022 12:35:44 +0000
ROA not before:           Mon 20 Jun 2022 12:35:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50673
IP address blocks:        91.205.192.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 250449264 (0xeed8d70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc696339adb8e888be95040e1c83da7f95bbb385
        Validity
            Not Before: Jun 20 12:35:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86e49f1312c386d3069a961183200883a57c25f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:31:42:f8:22:e7:5c:cf:c1:2a:04:da:e0:2f:
                    dc:a1:ed:ab:17:1d:dc:f5:f9:0a:23:6a:23:00:34:
                    67:64:07:86:36:42:22:a8:f5:35:88:9c:08:eb:29:
                    66:54:34:dc:42:79:35:9b:28:26:b2:af:ac:c1:44:
                    4e:e1:ef:bb:d7:53:9b:0b:19:76:e3:c1:b7:0c:89:
                    cc:e6:34:4f:92:e8:34:28:42:c0:4f:5f:ea:cf:74:
                    74:f3:d7:1d:c8:f9:3b:d3:90:88:3e:76:7b:c4:e1:
                    ca:2c:a5:02:8d:69:7d:11:aa:b9:27:18:c6:4f:d0:
                    d5:48:1a:8a:50:d7:f1:bc:cc:0b:73:3f:b2:ad:b5:
                    8b:de:64:0e:60:f0:c8:21:30:a9:eb:7a:a3:72:a6:
                    2f:ff:6f:17:ca:88:d5:f4:8d:af:cc:b4:33:06:d2:
                    31:26:a5:5e:4c:f4:74:df:17:d2:ad:5b:0e:32:8d:
                    bc:1f:9f:78:82:0a:82:8e:35:37:ce:6a:13:89:8e:
                    ab:1a:86:86:b9:f7:40:80:7e:a1:11:4c:35:ac:10:
                    e8:d9:04:21:b0:b8:77:03:38:fb:a0:f9:22:64:0d:
                    0a:53:09:a7:2e:00:c3:45:84:dc:6c:b1:3a:8d:7d:
                    09:38:e4:4e:3c:9e:21:75:cd:9d:e2:8b:ea:8d:6e:
                    4e:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:E4:9F:13:12:C3:86:D3:06:9A:96:11:83:20:08:83:A5:7C:25:F8
            X509v3 Authority Key Identifier:
                keyid:BC:69:63:39:AD:B8:E8:88:BE:95:04:0E:1C:83:DA:7F:95:BB:B3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGljOa246Ii-lQQOHIPaf5W7s4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6ce644-0256-45a7-af1c-c60e9a4a5d34/1/huSfExLDhtMGmpYRgyAIg6V8Jfg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6ce644-0256-45a7-af1c-c60e9a4a5d34/1/vGljOa246Ii-lQQOHIPaf5W7s4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:0f:8e:8d:52:43:01:18:3a:00:e5:ff:9a:e3:78:31:94:c7:
         ae:f2:42:66:c1:81:ae:59:27:73:5b:08:8a:9f:b7:31:03:cd:
         ea:03:1b:cf:29:1c:b2:ff:cd:5e:d6:51:90:f0:a0:72:78:ec:
         13:11:90:11:0e:6a:e7:42:f5:9a:95:f3:2e:40:2f:9d:54:34:
         7e:50:23:a1:41:9e:6a:9b:f3:22:a6:a9:90:29:6c:6e:14:56:
         b2:ad:99:31:0d:39:21:24:8b:d5:09:38:bd:8f:48:ec:57:38:
         66:90:3a:d2:19:a1:e8:c9:3d:2e:3e:10:56:00:8f:87:22:e0:
         87:3c:03:b5:a2:f0:d6:02:af:83:fb:32:63:10:2b:b9:f0:b3:
         d9:ac:d7:f4:6c:e6:28:09:d8:5d:ea:2f:b1:55:1c:da:76:c6:
         15:49:e0:85:e3:e4:4a:7d:06:95:02:cc:d1:3a:2e:61:a3:91:
         c8:78:ec:fa:4b:a2:53:e2:30:55:82:9a:b0:7f:d0:45:a4:cd:
         92:de:e7:c7:13:8e:b8:b1:bc:a0:dc:02:f0:95:6d:22:5f:46:
         d6:f9:da:3c:18:7d:a3:1e:84:b5:86:c2:ec:49:ab:6f:11:09:
         1b:86:31:6b:99:ab:8f:dc:b6:c9:50:48:11:d7:2c:37:5f:6d:
         40:10:c1:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDu2NcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzY5NjMzOWFkYjhlODg4YmU5NTA0MGUxYzgzZGE3Zjk1YmJiMzg1MB4XDTIyMDYy
MDEyMzU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZlNDlmMTMxMmMz
ODZkMzA2OWE5NjExODMyMDA4ODNhNTdjMjVmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIxQvgi51zPwSoE2uAv3KHtqxcd3PX5CiNqIwA0Z2QHhjZC
Iqj1NYicCOspZlQ03EJ5NZsoJrKvrMFETuHvu9dTmwsZduPBtwyJzOY0T5LoNChC
wE9f6s90dPPXHcj5O9OQiD52e8ThyiylAo1pfRGquScYxk/Q1UgailDX8bzMC3M/
sq21i95kDmDwyCEwqet6o3KmL/9vF8qI1fSNr8y0MwbSMSalXkz0dN8X0q1bDjKN
vB+feIIKgo41N85qE4mOqxqGhrn3QIB+oRFMNawQ6NkEIbC4dwM4+6D5ImQNClMJ
py4Aw0WE3GyxOo19CTjkTjyeIXXNneKL6o1uTpECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSG5J8TEsOG0waalhGDIAiDpXwl+DAfBgNVHSMEGDAWgBS8aWM5rbjoiL6V
BA4cg9p/lbuzhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZHbGpPYTI0NklpLWxRUU9ISVBhZjVXN3M0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNmNlNjQ0LTAyNTYtNDVhNy1hZjFjLWM2MGU5YTRhNWQzNC8x
L2h1U2ZFeExEaHRNR21wWVJneUFJZzZWOEpmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NmNlNjQ0LTAyNTYtNDVhNy1hZjFjLWM2MGU5YTRhNWQzNC8xL3ZHbGpPYTI0Nklp
LWxRUU9ISVBhZjVXN3M0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvNwDANBgkqhkiG9w0BAQsFAAOC
AQEAeg+OjVJDARg6AOX/muN4MZTHrvJCZsGBrlknc1sIip+3MQPN6gMbzykcsv/N
XtZRkPCgcnjsExGQEQ5q50L1mpXzLkAvnVQ0flAjoUGeapvzIqapkClsbhRWsq2Z
MQ05ISSL1Qk4vY9I7Fc4ZpA60hmh6Mk9Lj4QVgCPhyLghzwDtaLw1gKvg/syYxAr
ufCz2azX9GzmKAnYXeovsVUc2nbGFUnghePkSn0GlQLM0TouYaORyHjs+kuiU+Iw
VYKasH/QRaTNkt7nxxOOuLG8oNwC8JVtIl9G1vnaPBh9ox6EtYbC7EmrbxEJG4Yx
a5mrj9y2yVBIEdcsN19tQBDBAw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:03 2023 by rpki-client on console-fra.rpki-client.org