Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Hu1Z_YuDthZGb8fcRqmnewsyVcU.roa
File:                     Hu1Z_YuDthZGb8fcRqmnewsyVcU.roa (raw, json)
Hash identifier:          fGMBjUdFskf9bYUJp+8Ucr1YD3tgGjdCsA2q/pXsEPE=
Subject key identifier:   1E:ED:59:FD:8B:83:B6:16:46:6F:C7:DC:46:A9:A7:7B:0B:32:55:C5
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       01840F0C40CB1F605C8AEB57E6EFE663DA8A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Hu1Z_YuDthZGb8fcRqmnewsyVcU.roa
Signing time:             Tue 25 Oct 2022 12:09:31 +0000
ROA not before:           Tue 25 Oct 2022 12:09:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201871
IP address blocks:        212.80.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0f:0c:40:cb:1f:60:5c:8a:eb:57:e6:ef:e6:63:da:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Oct 25 12:09:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1eed59fd8b83b616466fc7dc46a9a77b0b3255c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:78:8f:28:8d:1f:00:24:97:b4:a4:df:30:74:
                    ba:9d:5c:d9:15:99:5e:6a:33:a7:2f:3e:55:cd:4a:
                    9a:09:4d:d7:a9:73:34:48:51:c1:93:a2:93:23:01:
                    36:97:f8:a1:10:88:23:1f:13:6d:d1:35:30:27:5a:
                    17:60:8d:4b:2b:90:69:19:03:83:9b:9f:61:41:02:
                    07:f2:24:11:1b:f1:e7:ee:4e:1b:d2:c4:0d:c6:d6:
                    a3:9b:a8:fc:fc:d2:0e:e6:2b:44:93:63:88:58:84:
                    f5:3b:64:c5:58:ec:65:e0:18:57:ba:7e:56:15:e9:
                    5b:e1:53:7e:cb:18:8d:86:26:f1:32:f7:9e:11:cd:
                    8d:c7:24:ab:2a:8d:ff:3c:a6:87:d8:57:21:f0:54:
                    c5:85:37:57:38:ea:19:35:9f:65:06:96:9b:fb:28:
                    05:e1:9b:f9:29:91:ac:0b:ee:f4:a1:e2:33:e2:38:
                    a0:7d:ab:87:9e:79:c4:f9:c3:09:2c:0e:2c:e4:af:
                    7a:72:c7:97:24:ea:eb:9c:ca:ba:4a:91:21:e7:a0:
                    82:a6:af:ec:3d:00:1d:28:9c:39:c9:7a:45:a5:b4:
                    e8:b8:c9:70:c8:2f:66:e9:ea:8b:6c:4e:8b:59:c7:
                    84:27:26:82:f4:49:3b:42:c3:83:30:28:fd:de:4c:
                    52:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:ED:59:FD:8B:83:B6:16:46:6F:C7:DC:46:A9:A7:7B:0B:32:55:C5
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Hu1Z_YuDthZGb8fcRqmnewsyVcU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.80.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:d5:c4:08:59:50:58:f7:3a:58:be:8b:34:4e:8f:0d:92:8d:
         b3:a8:24:42:7a:53:e4:7c:09:14:d2:df:97:bc:27:06:1f:7e:
         d3:f0:1f:6c:88:51:77:b8:c7:24:fb:4f:b2:5f:a8:b5:cf:20:
         5d:c1:3f:ae:b5:d9:38:bf:50:14:15:cb:a3:7d:e4:aa:5e:4c:
         5d:56:4d:1d:86:91:08:af:67:fb:06:f2:94:64:0f:a7:31:fc:
         3e:50:00:c8:55:86:b4:72:38:d2:22:c8:25:09:88:06:05:f0:
         1d:a8:15:84:37:7b:90:18:92:92:14:b0:4b:91:31:2a:21:fc:
         0c:6b:79:af:e2:ff:83:93:c3:c8:c8:af:99:ac:e3:39:44:99:
         b5:ce:c8:02:86:b1:c0:46:c2:90:e7:86:9e:3b:fb:e9:ee:8c:
         46:f3:27:3d:86:fd:3a:64:c1:e3:f8:03:03:d3:33:ca:a8:72:
         f3:71:e1:4f:7b:45:0d:2d:b2:d5:47:cd:8b:fb:72:3f:46:18:
         fd:10:07:3e:fb:3e:a4:1f:ca:35:04:62:aa:c1:77:7b:01:15:
         85:65:04:dc:12:d8:21:a3:fc:68:76:3b:3a:6b:ae:4d:da:7a:
         bc:ea:17:e7:af:4f:f0:fc:74:f4:cd:3f:c1:b5:dc:c3:fa:5d:
         63:0d:5f:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQPDEDLH2BciutX5u/mY9qKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIxMDI1MTIwOTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWVkNTlmZDhiODNiNjE2NDY2ZmM3ZGM0NmE5YTc3YjBiMzI1NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHiPKI0fACSXtKTfMHS6nVzZFZle
ajOnLz5VzUqaCU3XqXM0SFHBk6KTIwE2l/ihEIgjHxNt0TUwJ1oXYI1LK5BpGQOD
m59hQQIH8iQRG/Hn7k4b0sQNxtajm6j8/NIO5itEk2OIWIT1O2TFWOxl4BhXun5W
Felb4VN+yxiNhibxMveeEc2NxySrKo3/PKaH2Fch8FTFhTdXOOoZNZ9lBpab+ygF
4Zv5KZGsC+70oeIz4jigfauHnnnE+cMJLA4s5K96cseXJOrrnMq6SpEh56CCpq/s
PQAdKJw5yXpFpbTouMlwyC9m6eqLbE6LWceEJyaC9Ek7QsODMCj93kxSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7tWf2Lg7YWRm/H3Eapp3sLMlXFMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSHUxWl9ZdUR0aFpHYjhmY1JxbW5ld3N5VmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FAEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ1cQIWVBY9zpYvos0To8Nko2zqCRCelPkfAkU0t+X
vCcGH37T8B9siFF3uMck+0+yX6i1zyBdwT+utdk4v1AUFcujfeSqXkxdVk0dhpEI
r2f7BvKUZA+nMfw+UADIVYa0cjjSIsglCYgGBfAdqBWEN3uQGJKSFLBLkTEqIfwM
a3mv4v+Dk8PIyK+ZrOM5RJm1zsgChrHARsKQ54aeO/vp7oxG8yc9hv06ZMHj+AMD
0zPKqHLzceFPe0UNLbLVR82L+3I/Rhj9EAc++z6kH8o1BGKqwXd7ARWFZQTcEtgh
o/xodjs6a65N2nq86hfnr0/w/HT0zT/BtdzD+l1jDV81
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org