Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/HMDT_qfPw68dwpan-CoOGjWfdpI.roa
File:                     HMDT_qfPw68dwpan-CoOGjWfdpI.roa (raw, json)
Hash identifier:          XsAW0smtr/c18bIeqcljrQy9y6MLwT9P09a7MLYVCRU=
Subject key identifier:   1C:C0:D3:FE:A7:CF:C3:AF:1D:C2:96:A7:F8:2A:0E:1A:35:9F:76:92
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       083FA678
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/HMDT_qfPw68dwpan-CoOGjWfdpI.roa
Signing time:             Sat 01 Jan 2022 07:56:19 +0000
ROA not before:           Sat 01 Jan 2022 07:56:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     395092
IP address blocks:        2a06:c3c0:3::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 138389112 (0x83fa678)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Jan  1 07:56:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cc0d3fea7cfc3af1dc296a7f82a0e1a359f7692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:30:67:c4:50:88:c7:c7:dc:68:dc:fc:9f:58:
                    9f:37:b4:74:c8:fe:b1:0f:aa:01:83:93:c3:1d:c3:
                    0c:c0:60:ea:3f:ee:3c:ce:d2:ae:ad:c4:d5:6e:fa:
                    44:aa:b6:52:50:02:71:9d:2a:6b:e4:ba:77:4d:91:
                    7e:a4:a4:89:02:49:08:3b:93:d2:7d:36:06:a2:2a:
                    3e:38:30:80:63:9a:85:34:3d:42:63:06:52:46:a2:
                    1a:c9:74:ff:7b:56:2b:90:ef:86:e5:a3:c6:b2:a7:
                    44:e4:ce:16:0a:2f:51:98:f6:e1:ea:9b:d0:7a:83:
                    d1:8a:14:c7:42:95:1e:41:46:43:7f:9d:63:59:6d:
                    28:af:f8:56:3b:81:55:b0:fc:7f:d7:73:26:7e:9a:
                    d8:5b:88:8c:ec:2d:8c:d8:f2:29:b9:9d:fb:ce:b9:
                    ce:88:cc:f2:69:f1:c7:ee:38:8f:18:39:5c:ca:9f:
                    97:da:04:26:1f:c5:56:88:4c:b0:1b:e3:2f:9a:d5:
                    41:34:d4:dd:50:99:6a:f5:fe:2b:ee:6c:7f:d6:e0:
                    22:b2:f0:54:70:c4:7a:6b:0e:f3:7a:2b:06:72:3e:
                    7e:27:3a:53:cf:5f:e1:67:b0:bc:de:42:dc:ed:62:
                    4c:f2:34:0e:c6:9c:25:e3:e0:da:8b:a0:b4:2b:c4:
                    c5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C0:D3:FE:A7:CF:C3:AF:1D:C2:96:A7:F8:2A:0E:1A:35:9F:76:92
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/HMDT_qfPw68dwpan-CoOGjWfdpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:c3c0:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:ba:eb:3d:97:5b:a8:0a:37:e1:1e:51:bc:02:20:48:42:3d:
         d5:20:4d:5d:95:d6:23:26:f7:a4:5a:f7:ab:6e:ae:bc:da:51:
         d5:7c:0d:e6:ed:ff:8b:a1:39:86:08:ed:93:67:68:c2:02:e4:
         c2:98:48:59:58:f9:27:db:60:df:1e:49:16:fd:21:5d:40:72:
         40:b6:ba:63:09:65:2c:fa:79:0c:07:b6:12:07:d8:78:06:cb:
         1d:f3:40:62:cd:25:7d:90:d4:fa:0f:33:e1:a2:72:29:ac:6f:
         9f:35:ef:48:09:24:0f:82:e8:8d:8b:30:16:1f:1d:40:f0:f8:
         dd:66:03:21:65:19:28:1d:9c:13:43:5c:91:8e:07:79:ff:e1:
         2f:cf:b4:0d:5f:b8:1a:75:ca:05:fd:f6:05:e2:79:83:74:9a:
         be:6d:21:3c:ce:6e:11:8f:f5:99:45:b0:8e:85:ff:33:bc:dd:
         71:1f:b0:59:1a:7c:3f:48:41:86:2e:f4:0d:a9:9b:e2:11:b8:
         52:8e:a7:d0:a6:a0:b4:56:d0:f0:52:2a:26:c8:02:5f:37:09:
         ec:78:74:11:4a:b1:0e:7c:9b:ba:71:62:22:f9:91:ff:6a:67:
         32:3f:8c:64:6b:b1:e0:6e:9a:0f:02:de:2a:30:33:f7:07:1f:
         4e:e5:a9:08
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECD+meDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDYzNjUzNTViNjY1NTY0YTIxMGMzNThjNjhhMDExN2I3ZmJlYjlhMB4XDTIyMDEw
MTA3NTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNjMGQzZmVhN2Nm
YzNhZjFkYzI5NmE3ZjgyYTBlMWEzNTlmNzY5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8wZ8RQiMfH3Gjc/J9Ynze0dMj+sQ+qAYOTwx3DDMBg6j/u
PM7Srq3E1W76RKq2UlACcZ0qa+S6d02RfqSkiQJJCDuT0n02BqIqPjgwgGOahTQ9
QmMGUkaiGsl0/3tWK5DvhuWjxrKnROTOFgovUZj24eqb0HqD0YoUx0KVHkFGQ3+d
Y1ltKK/4VjuBVbD8f9dzJn6a2FuIjOwtjNjyKbmd+865zojM8mnxx+44jxg5XMqf
l9oEJh/FVohMsBvjL5rVQTTU3VCZavX+K+5sf9bgIrLwVHDEemsO83orBnI+fic6
U89f4WewvN5C3O1iTPI0DsacJePg2ougtCvExccCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQcwNP+p8/Drx3Clqf4Kg4aNZ92kjAfBgNVHSMEGDAWgBR0Y2U1W2ZVZKIQ
w1jGigEXt/vrmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RHTmxOVnRtVldTaUVNTll4b29CRjdmNzY1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvYWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8x
L0hNRFRfcWZQdzY4ZHdwYW4tQ29PR2pXZmRwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
YWVhMzZkLWJhYmYtNDQ3NC1hNzhiLTZhNGVjYWY4YjNiMS8xL2RHTmxOVnRtVldT
aUVNTll4b29CRjdmNzY1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGw8AAAzANBgkqhkiG9w0BAQsF
AAOCAQEArbrrPZdbqAo34R5RvAIgSEI91SBNXZXWIyb3pFr3q26uvNpR1XwN5u3/
i6E5hgjtk2dowgLkwphIWVj5J9tg3x5JFv0hXUByQLa6YwllLPp5DAe2EgfYeAbL
HfNAYs0lfZDU+g8z4aJyKaxvnzXvSAkkD4LojYswFh8dQPD43WYDIWUZKB2cE0Nc
kY4Hef/hL8+0DV+4GnXKBf32BeJ5g3Savm0hPM5uEY/1mUWwjoX/M7zdcR+wWRp8
P0hBhi70Damb4hG4Uo6n0KagtFbQ8FIqJsgCXzcJ7Hh0EUqxDnybunFiIvmR/2pn
Mj+MZGux4G6aDwLeKjAz9wcfTuWpCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org