Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/hvKdpqQFTU1_8UoAMcwUnI_dOr0.roa
File:                     hvKdpqQFTU1_8UoAMcwUnI_dOr0.roa (raw, json)
Hash identifier:          3MQLiNdeEFkN9kMAGrcAnY4hK3+Sitrnhslgz0tMT1g=
Subject key identifier:   86:F2:9D:A6:A4:05:4D:4D:7F:F1:4A:00:31:CC:14:9C:8F:DD:3A:BD
Certificate issuer:       /CN=69d78759e0ec6f14566d10b83c83f2bf199b7100
Certificate serial:       14B14449
Authority key identifier: 69:D7:87:59:E0:EC:6F:14:56:6D:10:B8:3C:83:F2:BF:19:9B:71:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/adeHWeDsbxRWbRC4PIPyvxmbcQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/hvKdpqQFTU1_8UoAMcwUnI_dOr0.roa
Signing time:             Sat 01 Jan 2022 13:56:06 +0000
ROA not before:           Sat 01 Jan 2022 13:56:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        84.254.68.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 347161673 (0x14b14449)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69d78759e0ec6f14566d10b83c83f2bf199b7100
        Validity
            Not Before: Jan  1 13:56:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86f29da6a4054d4d7ff14a0031cc149c8fdd3abd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:8d:0b:df:dd:2f:bd:e6:19:6f:b5:1e:a1:56:
                    d4:dc:d0:75:e5:94:d2:17:d8:78:91:5b:12:be:8c:
                    b3:ef:41:fd:7e:d8:0f:ea:7b:19:75:1b:82:8a:fd:
                    03:fe:ab:15:4c:63:41:e4:11:29:64:63:07:aa:21:
                    71:7f:7b:55:99:c2:10:d5:eb:4a:b0:05:61:09:31:
                    d2:b9:89:0c:f1:ec:a8:b4:59:c1:98:8a:4b:12:ac:
                    c5:25:a6:be:44:41:bb:13:a8:f1:27:fa:70:f2:61:
                    45:8f:e9:97:e6:3d:76:fa:b5:e6:b6:a1:f0:9c:a1:
                    b4:1a:36:07:b9:6a:ad:5a:ea:5e:b0:91:51:1c:89:
                    ed:3c:be:a4:1c:e3:38:e5:26:11:39:1d:4f:07:b8:
                    21:39:f6:31:ec:05:78:ed:18:8c:58:90:aa:27:5b:
                    41:d7:1d:42:e1:c0:f2:de:a0:09:05:2d:71:48:56:
                    b6:e6:bb:8c:f0:20:99:d5:70:70:87:0c:42:eb:fd:
                    d0:a3:0a:88:f7:ad:0d:3e:cf:f0:48:30:a3:6e:1a:
                    3d:43:ae:de:74:42:57:60:b1:dc:ac:86:8c:83:30:
                    da:bf:ff:fa:59:d8:6b:23:6e:37:48:43:4a:34:5f:
                    69:97:5d:46:d4:b4:86:d3:96:1b:05:52:d7:35:ba:
                    d2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:F2:9D:A6:A4:05:4D:4D:7F:F1:4A:00:31:CC:14:9C:8F:DD:3A:BD
            X509v3 Authority Key Identifier:
                keyid:69:D7:87:59:E0:EC:6F:14:56:6D:10:B8:3C:83:F2:BF:19:9B:71:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adeHWeDsbxRWbRC4PIPyvxmbcQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/hvKdpqQFTU1_8UoAMcwUnI_dOr0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/adeHWeDsbxRWbRC4PIPyvxmbcQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.254.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:0e:1c:c3:cd:ec:3e:1a:ee:cb:40:02:dc:de:f1:90:f8:c7:
         18:ca:f2:10:e8:7d:94:97:c9:47:50:37:35:b1:19:05:ef:0d:
         30:4d:e8:76:ee:32:41:ca:3f:26:ae:2f:26:97:4b:09:db:9e:
         6d:35:8d:fe:00:32:24:7a:5a:f5:b5:1d:d3:80:78:21:cb:a4:
         45:95:f5:e8:65:90:11:1e:c7:66:1a:8d:0d:a0:68:b5:79:59:
         7c:8d:ec:3e:f1:f4:65:fc:d5:f1:96:7a:1a:fd:26:e6:d3:65:
         25:23:32:27:57:06:a2:4b:9c:cb:ff:a8:e6:5f:75:91:ad:b7:
         e0:19:32:6e:3c:09:3e:9f:d1:4b:3d:bc:27:62:24:ff:21:42:
         15:7b:ac:ce:46:ba:4a:25:0a:3f:75:e8:cb:c6:0b:e3:c3:54:
         96:a7:4b:30:70:6d:ee:06:7d:7d:19:67:83:e6:a4:49:97:10:
         95:5d:eb:96:d7:ee:87:15:af:38:30:af:af:ef:d8:95:58:9c:
         4a:6d:63:cd:62:e3:8f:87:49:ff:9b:db:9b:7b:f4:ba:06:66:
         24:d8:48:43:17:3c:ed:34:d5:c5:f4:d1:d1:db:a6:55:94:2f:
         1b:4e:77:71:22:ca:ba:2f:bf:df:25:07:35:c2:9b:ea:33:67:
         89:3d:15:96
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFLFESTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWQ3ODc1OWUwZWM2ZjE0NTY2ZDEwYjgzYzgzZjJiZjE5OWI3MTAwMB4XDTIyMDEw
MTEzNTYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZmMjlkYTZhNDA1
NGQ0ZDdmZjE0YTAwMzFjYzE0OWM4ZmRkM2FiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPGNC9/dL73mGW+1HqFW1NzQdeWU0hfYeJFbEr6Ms+9B/X7Y
D+p7GXUbgor9A/6rFUxjQeQRKWRjB6ohcX97VZnCENXrSrAFYQkx0rmJDPHsqLRZ
wZiKSxKsxSWmvkRBuxOo8Sf6cPJhRY/pl+Y9dvq15rah8JyhtBo2B7lqrVrqXrCR
URyJ7Ty+pBzjOOUmETkdTwe4ITn2MewFeO0YjFiQqidbQdcdQuHA8t6gCQUtcUhW
tua7jPAgmdVwcIcMQuv90KMKiPetDT7P8Egwo24aPUOu3nRCV2Cx3KyGjIMw2r//
+lnYayNuN0hDSjRfaZddRtS0htOWGwVS1zW60ksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSG8p2mpAVNTX/xSgAxzBScj906vTAfBgNVHSMEGDAWgBRp14dZ4OxvFFZt
ELg8g/K/GZtxADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FkZUhXZURzYnhSV2JSQzRQSVB5dnhtYmNRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvYjU5ZGY2LWQ1ZmItNDUyNC04ZDcyLWUxOGFhYzUwNTRhOS8x
L2h2S2RwcVFGVFUxXzhVb0FNY3dVbklfZE9yMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
YjU5ZGY2LWQ1ZmItNDUyNC04ZDcyLWUxOGFhYzUwNTRhOS8xL2FkZUhXZURzYnhS
V2JSQzRQSVB5dnhtYmNRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlT+RDANBgkqhkiG9w0BAQsFAAOC
AQEADw4cw83sPhruy0AC3N7xkPjHGMryEOh9lJfJR1A3NbEZBe8NME3odu4yQco/
Jq4vJpdLCduebTWN/gAyJHpa9bUd04B4IcukRZX16GWQER7HZhqNDaBotXlZfI3s
PvH0ZfzV8ZZ6Gv0m5tNlJSMyJ1cGokucy/+o5l91ka234BkybjwJPp/RSz28J2Ik
/yFCFXuszka6SiUKP3Xoy8YL48NUlqdLMHBt7gZ9fRlng+akSZcQlV3rltfuhxWv
ODCvr+/YlVicSm1jzWLjj4dJ/5vbm3v0ugZmJNhIQxc87TTVxfTR0dumVZQvG053
cSLKui+/3yUHNcKb6jNniT0Vlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:42 2024 by rpki-client on console-fra.rpki-client.org