Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/0HUqB_hAn7sxJyNjL55bQxlVTcY.roa
File:                     0HUqB_hAn7sxJyNjL55bQxlVTcY.roa (raw, json)
Hash identifier:          v9/prSVgF+bZqUq6iA4Mxr/lqqpZ6tQUpIDtoESvK7U=
Subject key identifier:   D0:75:2A:07:F8:40:9F:BB:31:27:23:63:2F:9E:5B:43:19:55:4D:C6
Certificate issuer:       /CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Certificate serial:       13064710
Authority key identifier: E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/0HUqB_hAn7sxJyNjL55bQxlVTcY.roa
Signing time:             Sat 01 Jan 2022 05:02:20 +0000
ROA not before:           Sat 01 Jan 2022 05:02:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199620
IP address blocks:        80.86.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 319178512 (0x13064710)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e123860e20cdb2cfdf2cefb3753a15b822829266
        Validity
            Not Before: Jan  1 05:02:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d0752a07f8409fbb312723632f9e5b4319554dc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ae:b4:29:c4:ee:5f:bb:61:f0:c0:16:fb:f9:
                    31:f7:8e:dd:f0:5a:44:1d:0f:65:18:94:84:ac:92:
                    f5:84:52:3e:6e:2e:ef:f4:09:56:0c:cb:9e:6d:30:
                    21:cf:1c:dc:0d:14:3b:00:96:3e:e2:44:f5:65:da:
                    3f:76:ae:d6:24:4b:61:f9:14:f3:b5:e2:69:33:47:
                    12:14:dc:fb:a5:cb:61:15:ef:f9:f6:9b:86:6a:0d:
                    18:83:43:87:8b:84:c8:c3:8f:16:9c:e7:05:eb:33:
                    89:d6:67:db:e3:95:25:5f:1a:66:27:99:33:9d:aa:
                    1b:c0:b0:37:7e:1f:ff:d6:6a:78:c6:2f:7f:dc:fd:
                    01:81:7e:51:37:c7:45:ee:25:fb:92:fd:cb:22:f6:
                    a9:0a:df:5f:09:90:48:86:42:72:bd:a8:de:a1:a3:
                    99:31:92:34:4b:57:c0:ee:14:5e:85:c7:ef:8a:77:
                    39:09:8f:8f:2a:4c:59:7a:36:47:a4:9e:54:11:2e:
                    bf:a5:a0:19:41:14:8d:0d:12:a4:33:48:d9:0c:2a:
                    bf:fc:ea:72:20:ad:fe:30:fe:a4:c6:3a:6e:7b:cc:
                    ff:4d:4f:fb:98:78:3f:00:4b:fb:29:0c:6a:5c:7f:
                    f0:fe:01:86:2d:2d:bd:d8:54:15:1d:6b:01:58:c8:
                    28:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:75:2A:07:F8:40:9F:BB:31:27:23:63:2F:9E:5B:43:19:55:4D:C6
            X509v3 Authority Key Identifier:
                keyid:E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/0HUqB_hAn7sxJyNjL55bQxlVTcY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/4SOGDiDNss_fLO-zdToVuCKCkmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.86.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:63:11:c3:58:d9:fa:ec:77:8d:9f:af:b0:15:c6:58:6a:87:
         27:f9:0a:69:ae:c1:e0:cd:be:5b:6a:4c:e3:2c:78:c6:a3:45:
         33:94:a4:09:89:cf:40:83:e4:14:81:ae:ce:3f:36:c2:31:42:
         78:d6:88:a2:1b:d6:81:03:10:ff:a3:ec:44:d2:0c:be:92:8e:
         6b:45:f0:90:4f:58:c7:b2:fc:b0:5c:26:99:7b:66:fd:83:d5:
         ba:4d:f7:10:ff:7a:78:34:87:ea:da:5f:65:20:57:1f:d3:d5:
         3c:40:61:2d:5a:46:26:36:6b:9a:08:37:fa:2c:36:e2:95:b9:
         9b:e2:98:a5:63:de:73:65:4c:58:2d:7a:2c:8e:66:78:7f:6b:
         b9:ac:36:43:2b:a4:01:1f:5b:2a:df:db:2a:99:07:a5:b1:d1:
         c9:df:f1:80:4d:1b:65:e9:92:33:10:18:86:70:32:0b:39:db:
         0f:79:65:88:6c:0e:15:90:ad:17:57:8a:c7:dd:45:34:69:aa:
         d1:ed:ff:f9:88:79:26:3e:fd:81:c8:a3:95:7e:e2:67:13:5e:
         33:35:8c:a0:a8:f7:8b:b8:b3:21:df:c4:67:a2:73:3b:ef:f3:
         ba:cb:08:c7:7f:a9:14:43:da:90:27:9e:ec:d2:bd:b7:18:5f:
         7f:63:6e:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEwZHEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTIzODYwZTIwY2RiMmNmZGYyY2VmYjM3NTNhMTViODIyODI5MjY2MB4XDTIyMDEw
MTA1MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA3NTJhMDdmODQw
OWZiYjMxMjcyMzYzMmY5ZTViNDMxOTU1NGRjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmutCnE7l+7YfDAFvv5MfeO3fBaRB0PZRiUhKyS9YRSPm4u
7/QJVgzLnm0wIc8c3A0UOwCWPuJE9WXaP3au1iRLYfkU87XiaTNHEhTc+6XLYRXv
+fabhmoNGINDh4uEyMOPFpznBeszidZn2+OVJV8aZieZM52qG8CwN34f/9ZqeMYv
f9z9AYF+UTfHRe4l+5L9yyL2qQrfXwmQSIZCcr2o3qGjmTGSNEtXwO4UXoXH74p3
OQmPjypMWXo2R6SeVBEuv6WgGUEUjQ0SpDNI2Qwqv/zqciCt/jD+pMY6bnvM/01P
+5h4PwBL+ykMalx/8P4Bhi0tvdhUFR1rAVjIKDsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTQdSoH+ECfuzEnI2MvnltDGVVNxjAfBgNVHSMEGDAWgBThI4YOIM2yz98s
77N1OhW4IoKSZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRTT0dEaUROc3NfZkxPLXpkVG9WdUNLQ2ttWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8x
LzBIVXFCX2hBbjdzeEp5TmpMNTViUXhsVlRjWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
ODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8xLzRTT0dEaUROc3Nf
ZkxPLXpkVG9WdUNLQ2ttWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFBW7jANBgkqhkiG9w0BAQsFAAOC
AQEAVWMRw1jZ+ux3jZ+vsBXGWGqHJ/kKaa7B4M2+W2pM4yx4xqNFM5SkCYnPQIPk
FIGuzj82wjFCeNaIohvWgQMQ/6PsRNIMvpKOa0XwkE9Yx7L8sFwmmXtm/YPVuk33
EP96eDSH6tpfZSBXH9PVPEBhLVpGJjZrmgg3+iw24pW5m+KYpWPec2VMWC16LI5m
eH9ruaw2QyukAR9bKt/bKpkHpbHRyd/xgE0bZemSMxAYhnAyCznbD3lliGwOFZCt
F1eKx91FNGmq0e3/+Yh5Jj79gcijlX7iZxNeMzWMoKj3i7izId/EZ6JzO+/zussI
x3+pFEPakCee7NK9txhff2NutQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org