Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/hFdwZ-wsoyjgyHyOZZcVkJmDRMY.roa
File:                     hFdwZ-wsoyjgyHyOZZcVkJmDRMY.roa (raw, json)
Hash identifier:          u+RRdZszfOZvJvWRwDElx8lev27aekV74/M/JAzzUQU=
Subject key identifier:   84:57:70:67:EC:2C:A3:28:E0:C8:7C:8E:65:97:15:90:99:83:44:C6
Certificate issuer:       /CN=261b941dbe59651fafbba9724a12775e07edb635
Certificate serial:       01824436E0695D753D919F3BEC83427242AC
Authority key identifier: 26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/hFdwZ-wsoyjgyHyOZZcVkJmDRMY.roa
Signing time:             Thu 28 Jul 2022 09:50:23 +0000
ROA not before:           Thu 28 Jul 2022 09:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31367
IP address blocks:        185.172.152.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:44:36:e0:69:5d:75:3d:91:9f:3b:ec:83:42:72:42:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=261b941dbe59651fafbba9724a12775e07edb635
        Validity
            Not Before: Jul 28 09:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=84577067ec2ca328e0c87c8e65971590998344c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:23:a5:b8:a8:2b:97:e5:94:63:52:80:5b:61:
                    a3:5b:d3:01:af:e2:1b:fa:07:81:c1:b3:6c:bb:02:
                    e0:8d:ee:5c:4e:ee:ac:62:0d:89:a8:f2:d4:6a:ce:
                    1d:48:e5:e4:f2:38:03:45:24:93:db:3e:20:29:78:
                    05:a5:88:e1:b4:64:77:c2:09:8b:21:ac:b0:3f:52:
                    09:00:04:b8:fb:e7:c8:ca:44:05:d7:a5:b8:c3:59:
                    91:97:fa:27:09:fc:49:e7:f1:5b:90:87:80:ea:e9:
                    a0:92:ad:5e:ab:87:26:52:6c:50:61:61:3b:2c:c0:
                    d9:81:0c:2c:1d:96:90:2e:26:fc:c9:59:16:65:04:
                    77:4b:15:71:75:5f:06:55:2b:11:1a:29:f3:18:40:
                    56:66:d0:42:a4:52:d6:d9:0d:fd:9c:a4:bc:38:2a:
                    b6:60:4c:ab:87:a8:91:34:50:8d:a5:51:8d:3b:7e:
                    5c:12:1c:ae:9e:ca:58:56:7a:de:f0:b3:dd:1f:fc:
                    f8:40:c3:8a:06:92:48:6b:49:05:c8:01:1b:9a:8e:
                    7b:6b:a4:54:63:74:df:8a:3c:eb:e7:e0:77:c5:c4:
                    14:d3:4b:3d:52:69:81:88:43:b6:77:f2:ec:14:15:
                    f9:28:22:a5:fd:0a:01:61:3f:9e:39:4d:ba:b6:f3:
                    98:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:57:70:67:EC:2C:A3:28:E0:C8:7C:8E:65:97:15:90:99:83:44:C6
            X509v3 Authority Key Identifier:
                keyid:26:1B:94:1D:BE:59:65:1F:AF:BB:A9:72:4A:12:77:5E:07:ED:B6:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JhuUHb5ZZR-vu6lyShJ3XgfttjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/hFdwZ-wsoyjgyHyOZZcVkJmDRMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2f830f-af4d-4d33-a300-b98df544bc20/1/JhuUHb5ZZR-vu6lyShJ3XgfttjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:15:18:2a:22:8d:6e:d9:3d:dc:80:fc:05:ee:1e:fc:9f:d9:
         d3:a4:44:f6:fe:6e:71:58:d2:8d:c3:c9:42:8e:bd:73:5e:a7:
         3d:d0:62:f2:94:7a:05:43:6e:dd:d5:6f:ec:e2:37:f2:67:65:
         ab:1d:36:f2:cc:89:82:58:f1:b7:13:3f:2f:b6:79:60:da:f5:
         7c:83:2b:1d:54:3f:d8:9d:62:7e:e1:4a:0d:89:7f:45:bf:27:
         48:c8:96:b3:6d:3b:6e:d7:f0:2a:df:a2:3a:4e:77:37:fc:2a:
         a8:c1:26:87:96:bd:39:56:a8:2b:9e:a1:35:01:29:69:25:5a:
         02:26:28:79:c1:cf:bc:b0:cc:aa:ee:4e:dd:74:b1:fd:bf:48:
         76:a0:48:ac:00:15:79:d5:de:c5:28:36:38:4e:21:b2:4b:0a:
         cb:70:5c:e9:c9:ec:65:a1:db:41:b4:74:14:f4:a1:80:c9:b8:
         a3:60:d8:49:de:d5:23:15:ad:57:bc:e9:1d:39:64:92:f7:93:
         73:f4:e3:fd:b5:98:14:7f:e7:e5:2b:de:ef:f5:b7:6a:5c:8d:
         19:18:a2:2c:18:ff:3d:38:a7:2e:db:85:d6:6b:ad:9e:3e:74:
         f2:79:df:9f:9c:a9:71:de:e1:0f:dc:01:67:f7:51:28:76:1f:
         2c:a0:cb:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJENuBpXXU9kZ877INCckKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MWI5NDFkYmU1OTY1MWZhZmJiYTk3MjRhMTI3NzVlMDdl
ZGI2MzUwHhcNMjIwNzI4MDk1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU3NzA2N2VjMmNhMzI4ZTBjODdjOGU2NTk3MTU5MDk5ODM0NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSOluKgrl+WUY1KAW2GjW9MBr+Ib
+geBwbNsuwLgje5cTu6sYg2JqPLUas4dSOXk8jgDRSST2z4gKXgFpYjhtGR3wgmL
IaywP1IJAAS4++fIykQF16W4w1mRl/onCfxJ5/FbkIeA6umgkq1eq4cmUmxQYWE7
LMDZgQwsHZaQLib8yVkWZQR3SxVxdV8GVSsRGinzGEBWZtBCpFLW2Q39nKS8OCq2
YEyrh6iRNFCNpVGNO35cEhyunspYVnre8LPdH/z4QMOKBpJIa0kFyAEbmo57a6RU
Y3Tfijzr5+B3xcQU00s9UmmBiEO2d/LsFBX5KCKl/QoBYT+eOU26tvOYCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRXcGfsLKMo4Mh8jmWXFZCZg0TGMB8GA1UdIwQY
MBaAFCYblB2+WWUfr7upckoSd14H7bY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAt
Yjk4ZGY1NDRiYzIwLzEvaEZkd1otd3NveWpneUh5T1paY1ZrSm1EUk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yZjgzMGYtYWY0ZC00ZDMzLWEzMDAtYjk4ZGY1NDRiYzIw
LzEvSmh1VUhiNVpaUi12dTZseVNoSjNYZ2Z0dGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuayYMA0G
CSqGSIb3DQEBCwUAA4IBAQA7FRgqIo1u2T3cgPwF7h78n9nTpET2/m5xWNKNw8lC
jr1zXqc90GLylHoFQ27d1W/s4jfyZ2WrHTbyzImCWPG3Ez8vtnlg2vV8gysdVD/Y
nWJ+4UoNiX9FvydIyJazbTtu1/Aq36I6Tnc3/CqowSaHlr05VqgrnqE1ASlpJVoC
Jih5wc+8sMyq7k7ddLH9v0h2oEisABV51d7FKDY4TiGySwrLcFzpyexlodtBtHQU
9KGAybijYNhJ3tUjFa1XvOkdOWSS95Nz9OP9tZgUf+flK97v9bdqXI0ZGKIsGP89
OKcu24XWa62ePnTyed+fnKlx3uEP3AFn91Eodh8soMvY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:57 2024 by rpki-client on console-fra.rpki-client.org