Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HUj-yYxlChNG93zTv3Okplg0fwE.roa
File:                     HUj-yYxlChNG93zTv3Okplg0fwE.roa (raw, json)
Hash identifier:          WBJw+H272XNvTpa0BnyqWm9VWg9JlSgUxwx3ov03ANk=
Subject key identifier:   1D:48:FE:C9:8C:65:0A:13:46:F7:7C:D3:BF:73:A4:A6:58:34:7F:01
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       018212C9BDBAAC0B47F1358CE7B638DADD4B
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HUj-yYxlChNG93zTv3Okplg0fwE.roa
Signing time:             Mon 18 Jul 2022 19:29:47 +0000
ROA not before:           Mon 18 Jul 2022 19:29:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        212.111.211.0/24 maxlen: 24
                          212.111.218.0/23 maxlen: 24
                          212.111.216.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:12:c9:bd:ba:ac:0b:47:f1:35:8c:e7:b6:38:da:dd:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Jul 18 19:29:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1d48fec98c650a1346f77cd3bf73a4a658347f01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:85:39:cb:3b:8f:3c:f0:11:3a:02:54:03:8e:
                    3b:08:66:5e:c6:6c:0e:fd:2f:b6:03:eb:09:b1:e0:
                    a5:65:cf:de:31:f6:db:0c:00:c5:97:01:54:52:3e:
                    19:a6:ff:ae:41:ee:c7:df:bb:7c:dc:71:e0:da:11:
                    82:b9:b6:2c:3b:91:33:a0:eb:e8:04:7e:fc:ec:94:
                    1f:a3:66:6f:e9:b5:ab:39:3c:e4:ee:c7:58:9d:2c:
                    06:6b:a0:94:04:43:41:59:5e:62:3a:cf:c1:b4:03:
                    2c:f2:e0:fd:15:57:88:87:c8:56:dd:75:e5:dc:64:
                    7e:97:9f:41:cd:9e:15:88:75:8e:17:90:33:e2:8d:
                    e6:36:d3:86:d2:f7:12:86:92:bf:2f:87:d0:9e:06:
                    48:a6:53:68:ff:f5:bf:4f:d2:11:0b:2e:d2:3b:de:
                    72:73:05:fb:0c:68:c6:bd:18:f1:ee:f4:82:f0:51:
                    12:d2:21:78:20:e6:77:4e:6e:ea:85:69:84:71:5a:
                    d6:c2:38:8d:51:3c:ff:26:a3:d6:78:95:ba:56:a6:
                    f9:6f:c7:5c:58:59:2f:f4:e1:02:69:3b:23:dc:8a:
                    c6:6b:ba:fb:ae:13:e7:c4:5e:97:9f:bb:56:28:22:
                    89:b9:c9:52:2a:20:7f:02:31:4f:60:5d:2d:0e:56:
                    76:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:48:FE:C9:8C:65:0A:13:46:F7:7C:D3:BF:73:A4:A6:58:34:7F:01
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HUj-yYxlChNG93zTv3Okplg0fwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.111.211.0/24
                  212.111.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:15:fd:73:56:bc:3d:01:8b:1c:c8:e7:3b:a6:a7:aa:b8:21:
         e4:4c:bb:b4:df:19:36:2d:be:65:85:59:51:5e:5d:c7:95:24:
         d1:3b:11:85:06:2f:24:ca:40:da:5c:92:68:70:21:88:5b:b1:
         15:53:05:8c:82:b5:37:6a:87:ff:9b:3e:10:f8:3b:aa:5c:43:
         8d:32:19:a0:f1:c5:86:b1:ed:08:84:73:b5:b3:bd:ba:6d:8a:
         c8:5a:e9:ba:4d:71:ff:a4:58:a5:ec:c7:a2:63:0e:20:ab:11:
         5d:a8:0f:38:75:36:fe:8d:fe:7d:76:53:3f:66:0c:94:d3:c8:
         0b:80:a8:31:24:28:f8:f7:9a:3d:58:e2:6a:d6:9c:60:26:ae:
         c7:ac:0e:ac:a7:d2:7a:97:34:7e:82:ba:f9:c9:f8:23:cf:91:
         79:08:e5:d5:21:e6:13:b0:4a:96:a7:9e:bb:ed:b1:ef:ac:9c:
         e4:df:75:0f:fe:bc:8a:27:5d:9d:f8:39:a9:17:7e:5d:32:65:
         3a:a9:ca:21:6d:2f:f8:de:de:2a:e5:4b:01:31:8b:9d:ee:4c:
         b6:64:a2:bd:53:d5:f0:25:9a:e0:64:f2:3f:b6:af:fe:67:07:
         91:28:cc:c2:12:84:bd:ae:4f:da:8b:ed:d5:6b:45:0a:44:21:
         13:6e:59:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYISyb26rAtH8TWM57Y42t1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjIwNzE4MTkyOTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ4ZmVjOThjNjUwYTEzNDZmNzdjZDNiZjczYTRhNjU4MzQ3ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYU5yzuPPPAROgJUA447CGZexmwO
/S+2A+sJseClZc/eMfbbDADFlwFUUj4Zpv+uQe7H37t83HHg2hGCubYsO5EzoOvo
BH787JQfo2Zv6bWrOTzk7sdYnSwGa6CUBENBWV5iOs/BtAMs8uD9FVeIh8hW3XXl
3GR+l59BzZ4ViHWOF5Az4o3mNtOG0vcShpK/L4fQngZIplNo//W/T9IRCy7SO95y
cwX7DGjGvRjx7vSC8FES0iF4IOZ3Tm7qhWmEcVrWwjiNUTz/JqPWeJW6Vqb5b8dc
WFkv9OECaTsj3IrGa7r7rhPnxF6Xn7tWKCKJuclSKiB/AjFPYF0tDlZ21QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1I/smMZQoTRvd8079zpKZYNH8BMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvSFVqLXlZeGxDaE5HOTN6VHYzT2twbGcwZndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1G/TAwQC
1G/YMA0GCSqGSIb3DQEBCwUAA4IBAQCNFf1zVrw9AYscyOc7pqequCHkTLu03xk2
Lb5lhVlRXl3HlSTROxGFBi8kykDaXJJocCGIW7EVUwWMgrU3aof/mz4Q+DuqXEON
Mhmg8cWGse0IhHO1s726bYrIWum6TXH/pFil7MeiYw4gqxFdqA84dTb+jf59dlM/
ZgyU08gLgKgxJCj495o9WOJq1pxgJq7HrA6sp9J6lzR+grr5yfgjz5F5COXVIeYT
sEqWp5677bHvrJzk33UP/ryKJ12d+DmpF35dMmU6qcohbS/43t4q5UsBMYud7ky2
ZKK9U9XwJZrgZPI/tq/+ZweRKMzCEoS9rk/ai+3Va0UKRCETblkk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:38 2024 by rpki-client on console-ams.rpki-client.org