Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/9HpHdrifdg9L0CoPjeozY26ae1A.roa
File:                     9HpHdrifdg9L0CoPjeozY26ae1A.roa (raw, json)
Hash identifier:          TWSnC3XMCJmb3M2O8gfiHQG8LC/U44U9IgfpyLS5+LQ=
Subject key identifier:   F4:7A:47:76:B8:9F:76:0F:4B:D0:2A:0F:8D:EA:33:63:6E:9A:7B:50
Certificate issuer:       /CN=03485fbdb0b1a04d52e81dcdb95858916a1ddae4
Certificate serial:       02F1EBCA
Authority key identifier: 03:48:5F:BD:B0:B1:A0:4D:52:E8:1D:CD:B9:58:58:91:6A:1D:DA:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0hfvbCxoE1S6B3NuVhYkWod2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/9HpHdrifdg9L0CoPjeozY26ae1A.roa
Signing time:             Sat 01 Jan 2022 15:56:32 +0000
ROA not before:           Sat 01 Jan 2022 15:56:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211879
IP address blocks:        2001:67c:1b50::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49408970 (0x2f1ebca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03485fbdb0b1a04d52e81dcdb95858916a1ddae4
        Validity
            Not Before: Jan  1 15:56:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f47a4776b89f760f4bd02a0f8dea33636e9a7b50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e9:cd:c7:8e:2e:14:99:41:b1:f4:56:3c:5c:
                    3b:eb:7a:85:12:3e:f4:fb:75:0f:67:78:ec:7e:3b:
                    5a:c5:3b:71:68:55:3a:4a:cd:17:5d:ae:30:93:17:
                    a9:8b:ec:32:5a:fe:21:39:64:30:ca:d8:74:0c:d2:
                    a9:72:ea:73:5a:77:f4:7a:2a:42:6e:a6:d9:c4:3f:
                    56:03:2d:6c:fe:0c:69:14:24:18:eb:66:fb:f5:82:
                    8f:b7:91:eb:0d:f4:f8:6f:f8:d0:cd:0c:95:4d:e0:
                    45:4b:d3:0c:9c:7f:9a:70:c2:d1:a5:1a:7c:38:53:
                    14:8f:33:86:e8:d8:0a:88:64:d3:5b:e6:27:2c:33:
                    33:d5:82:af:8b:22:1f:a4:8f:80:ce:13:58:b5:6f:
                    5c:b4:c8:56:96:44:da:0d:5b:ea:97:fd:5e:18:e6:
                    86:79:a8:ea:43:53:82:7f:7d:51:24:17:d8:97:1f:
                    d0:13:fc:51:23:70:25:ed:c3:86:80:fc:49:cb:ce:
                    53:9e:66:ca:4b:06:5c:77:dd:b8:0c:4c:26:f7:09:
                    d3:97:11:9c:54:0a:f0:26:2a:3e:8f:b1:2a:04:27:
                    06:7a:83:bc:f1:7b:70:37:db:72:a8:82:51:ef:fb:
                    ac:2e:69:75:6e:87:fc:24:95:24:07:a3:af:71:bb:
                    a2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:7A:47:76:B8:9F:76:0F:4B:D0:2A:0F:8D:EA:33:63:6E:9A:7B:50
            X509v3 Authority Key Identifier:
                keyid:03:48:5F:BD:B0:B1:A0:4D:52:E8:1D:CD:B9:58:58:91:6A:1D:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0hfvbCxoE1S6B3NuVhYkWod2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/9HpHdrifdg9L0CoPjeozY26ae1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/A0hfvbCxoE1S6B3NuVhYkWod2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1b50::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:4f:16:94:f9:77:09:ee:ea:33:7b:10:05:e4:0f:6c:77:aa:
         86:9c:13:fb:00:96:ec:a5:4c:5b:6a:2b:a1:d5:63:b8:29:c6:
         cc:d7:a2:97:22:53:3d:40:a2:42:ea:3a:81:61:d7:4a:b2:02:
         67:bd:44:1f:5e:2b:c3:91:11:e7:57:e0:bc:3f:a0:98:e1:e8:
         c9:20:96:43:ec:4b:6f:9b:32:4e:d3:4d:57:97:8e:02:2b:9c:
         e9:f0:6f:ac:91:6d:58:eb:82:aa:2b:2f:19:2b:92:95:24:84:
         ce:c6:87:01:a5:17:64:3a:cf:9b:f6:92:43:f5:97:02:89:b0:
         5b:f5:04:49:9c:90:26:09:09:35:0d:cb:23:b3:f7:dd:b2:d8:
         81:45:e6:18:cb:74:c8:7e:da:e5:99:a4:51:02:88:8e:f0:e7:
         62:e3:a2:07:15:1b:b5:b4:4d:49:cc:a5:c8:c8:e9:ba:b8:1d:
         10:53:b2:85:81:3a:86:a8:19:1e:5d:f1:04:a2:7b:08:0d:e3:
         05:e3:37:b8:c8:0e:87:eb:cf:66:d0:8d:a0:c5:bb:e7:7a:af:
         55:51:a7:ab:bc:78:72:f1:10:4d:29:4e:cb:27:43:9e:28:1e:
         f9:81:68:bd:a7:15:a5:29:c8:fc:e6:87:cc:91:16:07:10:5b:
         31:6d:df:6c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAvHryjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzQ4NWZiZGIwYjFhMDRkNTJlODFkY2RiOTU4NTg5MTZhMWRkYWU0MB4XDTIyMDEw
MTE1NTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ3YTQ3NzZiODlm
NzYwZjRiZDAyYTBmOGRlYTMzNjM2ZTlhN2I1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnpzceOLhSZQbH0VjxcO+t6hRI+9Pt1D2d47H47WsU7cWhV
OkrNF12uMJMXqYvsMlr+ITlkMMrYdAzSqXLqc1p39HoqQm6m2cQ/VgMtbP4MaRQk
GOtm+/WCj7eR6w30+G/40M0MlU3gRUvTDJx/mnDC0aUafDhTFI8zhujYCohk01vm
JywzM9WCr4siH6SPgM4TWLVvXLTIVpZE2g1b6pf9Xhjmhnmo6kNTgn99USQX2Jcf
0BP8USNwJe3DhoD8ScvOU55myksGXHfduAxMJvcJ05cRnFQK8CYqPo+xKgQnBnqD
vPF7cDfbcqiCUe/7rC5pdW6H/CSVJAejr3G7og0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT0ekd2uJ92D0vQKg+N6jNjbpp7UDAfBgNVHSMEGDAWgBQDSF+9sLGgTVLo
Hc25WFiRah3a5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EwaGZ2YkN4b0UxUzZCM051VmhZa1dvZDJ1US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNTI0ZTViLWE4YWUtNDVhYi1iYmQ5LTQ0OTE4NDVkY2Q0Ny8x
LzlIcEhkcmlmZGc5TDBDb1BqZW96WTI2YWUxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NTI0ZTViLWE4YWUtNDVhYi1iYmQ5LTQ0OTE4NDVkY2Q0Ny8xL0EwaGZ2YkN4b0Ux
UzZCM051VmhZa1dvZDJ1US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwbUDANBgkqhkiG9w0BAQsF
AAOCAQEAH08WlPl3Ce7qM3sQBeQPbHeqhpwT+wCW7KVMW2orodVjuCnGzNeilyJT
PUCiQuo6gWHXSrICZ71EH14rw5ER51fgvD+gmOHoySCWQ+xLb5syTtNNV5eOAiuc
6fBvrJFtWOuCqisvGSuSlSSEzsaHAaUXZDrPm/aSQ/WXAomwW/UESZyQJgkJNQ3L
I7P33bLYgUXmGMt0yH7a5ZmkUQKIjvDnYuOiBxUbtbRNScylyMjpurgdEFOyhYE6
hqgZHl3xBKJ7CA3jBeM3uMgOh+vPZtCNoMW753qvVVGnq7x4cvEQTSlOyydDnige
+YFovacVpSnI/OaHzJEWBxBbMW3fbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:41 2024 by rpki-client on console-fra.rpki-client.org