Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/HOEEJ0H4kof_3_Y0BgvrYfjhugY.roa
File:                     HOEEJ0H4kof_3_Y0BgvrYfjhugY.roa (raw, json)
Hash identifier:          QFaEbH8YvudetbOdf5Q2AqajhBWz5gGXofeVtSNjXz4=
Subject key identifier:   1C:E1:04:27:41:F8:92:87:FF:DF:F6:34:06:0B:EB:61:F8:E1:BA:06
Certificate issuer:       /CN=985d472fa538204f1c23e8b6a758073b80cfc199
Certificate serial:       02BD8E64
Authority key identifier: 98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/HOEEJ0H4kof_3_Y0BgvrYfjhugY.roa
Signing time:             Sat 01 Jan 2022 08:55:27 +0000
ROA not before:           Sat 01 Jan 2022 08:55:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212603
IP address blocks:        195.200.194.0/24 maxlen: 24
                          45.143.176.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45977188 (0x2bd8e64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=985d472fa538204f1c23e8b6a758073b80cfc199
        Validity
            Not Before: Jan  1 08:55:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ce1042741f89287ffdff634060beb61f8e1ba06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:28:4d:2a:57:3d:36:25:7b:68:70:d8:7a:28:
                    e3:5e:02:ae:87:95:24:99:69:18:ee:e2:e0:d1:21:
                    0c:60:3f:fc:9f:25:98:7c:c4:6f:24:75:ad:91:0e:
                    d8:85:71:da:67:6a:ac:e8:46:d4:88:6d:15:42:c1:
                    93:dd:ac:fb:fc:ec:2b:82:38:71:0d:c8:12:57:09:
                    c6:6c:7a:49:5f:ec:45:e1:96:d9:5f:46:0e:8a:e2:
                    73:64:f5:26:54:1e:fa:fa:6d:cf:03:83:60:80:5b:
                    e3:8c:c7:06:3c:92:94:8f:7d:e1:1c:54:72:cc:c6:
                    92:1e:80:f1:79:77:0c:e4:64:e5:07:fb:04:5c:72:
                    0c:9a:fb:d4:95:ac:b5:7c:43:c3:4a:9e:87:92:13:
                    a3:e4:77:00:5d:6c:5a:62:6a:0b:a6:f2:19:13:a3:
                    ee:ef:0f:3f:86:95:5f:98:f1:37:32:19:d2:7b:14:
                    5c:16:d2:1c:ea:9a:5b:2a:52:fd:29:92:05:7b:35:
                    2a:bd:2e:18:6b:ef:c0:45:83:2f:d5:46:13:e5:89:
                    11:0c:fb:b5:a6:91:40:05:e0:df:2e:f0:7f:d9:64:
                    4e:f3:d4:54:4f:a8:63:c5:e4:51:60:6d:90:4a:26:
                    c5:39:5c:02:f1:cf:92:1b:f9:35:9d:2b:a9:c7:bb:
                    cf:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:E1:04:27:41:F8:92:87:FF:DF:F6:34:06:0B:EB:61:F8:E1:BA:06
            X509v3 Authority Key Identifier:
                keyid:98:5D:47:2F:A5:38:20:4F:1C:23:E8:B6:A7:58:07:3B:80:CF:C1:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mF1HL6U4IE8cI-i2p1gHO4DPwZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/HOEEJ0H4kof_3_Y0BgvrYfjhugY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c28ebc-749f-48f6-89a2-edc316222644/1/mF1HL6U4IE8cI-i2p1gHO4DPwZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.176.0/22
                  195.200.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:dd:cb:65:eb:8a:f3:2b:a7:ae:4c:3b:e2:5b:e6:73:32:84:
         53:e7:4f:fa:0e:33:71:3d:f0:a5:87:df:70:44:8a:88:2b:83:
         db:17:51:38:07:0a:48:e5:ea:0c:c6:57:07:1f:d8:ba:af:6a:
         1e:b0:b6:fa:c9:bf:c3:e2:da:ac:72:8d:ae:a0:7b:68:13:9e:
         ce:9d:d3:d9:35:95:46:18:93:63:9e:7d:1c:23:1f:6f:5a:f0:
         c5:14:27:66:c4:a0:8f:c3:ba:38:f8:c1:eb:b6:39:ec:92:f1:
         a0:b1:7b:54:4f:38:d6:12:fa:a2:86:ea:e4:0c:d6:d3:0e:c4:
         f9:0b:e5:ba:ae:5c:64:e5:d9:1a:2c:37:32:31:64:a1:ae:9f:
         d0:14:0b:b3:b3:0d:2f:3a:48:b3:87:17:b6:47:d1:67:26:af:
         43:cc:cf:1f:f2:83:0e:89:f3:78:1b:14:58:af:e9:00:ca:c2:
         d2:f8:0c:43:51:b1:e8:ed:13:6c:49:c0:13:33:4c:3f:1f:60:
         7e:55:a6:59:ef:d3:72:a6:b3:fb:b8:38:8f:92:57:3d:45:7a:
         e7:c1:b9:9b:06:86:b1:b2:a3:1b:0b:25:c9:74:59:42:01:a2:
         9f:e1:ab:2b:d5:f0:bf:da:67:5f:e7:68:39:4b:12:67:9d:e0:
         8d:b0:54:32
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAr2OZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODVkNDcyZmE1MzgyMDRmMWMyM2U4YjZhNzU4MDczYjgwY2ZjMTk5MB4XDTIyMDEw
MTA4NTUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNlMTA0Mjc0MWY4
OTI4N2ZmZGZmNjM0MDYwYmViNjFmOGUxYmEwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8oTSpXPTYle2hw2Hoo414CroeVJJlpGO7i4NEhDGA//J8l
mHzEbyR1rZEO2IVx2mdqrOhG1IhtFULBk92s+/zsK4I4cQ3IElcJxmx6SV/sReGW
2V9GDoric2T1JlQe+vptzwODYIBb44zHBjySlI994RxUcszGkh6A8Xl3DORk5Qf7
BFxyDJr71JWstXxDw0qeh5ITo+R3AF1sWmJqC6byGROj7u8PP4aVX5jxNzIZ0nsU
XBbSHOqaWypS/SmSBXs1Kr0uGGvvwEWDL9VGE+WJEQz7taaRQAXg3y7wf9lkTvPU
VE+oY8XkUWBtkEomxTlcAvHPkhv5NZ0rqce7z2cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQc4QQnQfiSh//f9jQGC+th+OG6BjAfBgNVHSMEGDAWgBSYXUcvpTggTxwj
6LanWAc7gM/BmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21GMUhMNlU0SUU4Y0ktaTJwMWdITzREUHdaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvYzI4ZWJjLTc0OWYtNDhmNi04OWEyLWVkYzMxNjIyMjY0NC8x
L0hPRUVKMEg0a29mXzNfWTBCZ3ZyWWZqaHVnWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
YzI4ZWJjLTc0OWYtNDhmNi04OWEyLWVkYzMxNjIyMjY0NC8xL21GMUhMNlU0SUU4
Y0ktaTJwMWdITzREUHdaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2PsAMEAMPIwjANBgkqhkiG9w0B
AQsFAAOCAQEAkN3LZeuK8yunrkw74lvmczKEU+dP+g4zcT3wpYffcESKiCuD2xdR
OAcKSOXqDMZXBx/Yuq9qHrC2+sm/w+LarHKNrqB7aBOezp3T2TWVRhiTY559HCMf
b1rwxRQnZsSgj8O6OPjB67Y57JLxoLF7VE841hL6oobq5AzW0w7E+Qvluq5cZOXZ
Giw3MjFkoa6f0BQLs7MNLzpIs4cXtkfRZyavQ8zPH/KDDonzeBsUWK/pAMrC0vgM
Q1Gx6O0TbEnAEzNMPx9gflWmWe/Tcqaz+7g4j5JXPUV658G5mwaGsbKjGwslyXRZ
QgGin+GrK9Xwv9pnX+doOUsSZ53gjbBUMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:01 2024 by rpki-client on console-fra.rpki-client.org