Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/hspSUj-iyFe9MOhThKtg_6xuEyY.roa
File:                     hspSUj-iyFe9MOhThKtg_6xuEyY.roa (raw, json)
Hash identifier:          VOJnpdVppFupE81LLgngajpTWr+oZlRwHiOXoF1EMCY=
Subject key identifier:   86:CA:52:52:3F:A2:C8:57:BD:30:E8:53:84:AB:60:FF:AC:6E:13:26
Certificate issuer:       /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial:       173BB631
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/hspSUj-iyFe9MOhThKtg_6xuEyY.roa
Signing time:             Wed 06 Apr 2022 10:07:21 +0000
ROA not before:           Wed 06 Apr 2022 10:07:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64458
IP address blocks:        194.59.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 389789233 (0x173bb631)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
        Validity
            Not Before: Apr  6 10:07:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=86ca52523fa2c857bd30e85384ab60ffac6e1326
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:38:f6:de:36:53:b0:c9:e9:77:e0:65:bd:b6:
                    d2:44:42:ab:6b:e2:82:4d:68:16:f6:db:67:0b:3c:
                    1e:08:06:0e:64:8f:b7:c1:a0:b1:27:da:1f:92:41:
                    9b:83:ff:8e:52:00:b4:fc:81:fe:f7:75:5d:ae:0d:
                    94:e2:7e:65:57:13:6d:67:d5:4b:4c:a4:46:ef:a6:
                    4b:98:11:87:e6:f2:88:4b:57:0f:f8:d7:56:53:57:
                    3f:7b:d1:94:bf:72:6e:30:dc:ba:5a:ea:6f:9f:6c:
                    18:56:6c:4a:0e:df:c6:ad:ec:5d:0a:99:3e:9a:01:
                    81:5f:d1:af:02:72:8b:ee:dc:b5:d4:e2:37:84:12:
                    68:57:53:c4:b9:61:ce:7b:4a:fb:cf:be:fe:ef:b0:
                    d2:0b:f2:e7:74:a6:6e:70:27:17:eb:cc:51:85:99:
                    e5:63:d4:95:14:fd:b9:21:75:a3:ea:f2:af:4b:a7:
                    b6:4c:25:3e:da:b8:6a:2b:18:2b:78:fd:72:0a:60:
                    9d:35:62:e4:eb:fe:c8:17:bb:72:6d:8b:27:6a:63:
                    08:36:f3:d2:2a:0f:88:ed:a6:b5:4d:7b:35:c7:c9:
                    a5:b4:4b:ab:c9:23:76:0a:89:bf:62:85:84:15:e0:
                    37:d4:2d:c9:15:7c:11:ba:ec:01:0d:7d:f1:9b:65:
                    18:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:CA:52:52:3F:A2:C8:57:BD:30:E8:53:84:AB:60:FF:AC:6E:13:26
            X509v3 Authority Key Identifier:
                keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/hspSUj-iyFe9MOhThKtg_6xuEyY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:31:66:b5:8a:85:6b:15:05:f0:13:b0:8e:99:02:9d:bc:1b:
         e4:e7:c0:a1:21:fc:81:3a:25:7e:5f:c1:0f:fd:e3:93:48:f3:
         50:5d:e9:4a:a6:42:ca:58:f2:0e:c1:1b:27:29:23:78:35:82:
         e1:96:5f:28:d8:3a:8a:61:db:df:e4:fd:3c:da:56:f5:81:e3:
         43:fa:b5:50:7f:a2:c8:9c:6f:47:c1:05:ee:a4:65:4f:1b:63:
         53:3e:41:d4:5c:44:84:69:6f:39:61:fb:95:5c:1d:e9:70:06:
         72:94:2f:5a:87:2e:dd:61:1f:38:21:c0:e9:91:bf:42:6f:db:
         a4:20:db:6d:1a:49:c1:9a:21:3f:6f:f2:87:d3:29:07:29:37:
         b9:ad:c1:bc:6e:6e:12:d6:59:1f:87:6a:7a:e8:f5:7f:62:68:
         18:08:4e:c6:19:3d:6a:43:cd:5d:35:20:86:1a:5b:ac:9c:d4:
         26:75:66:02:6c:bf:7b:09:be:32:23:d6:01:55:95:dc:29:f9:
         d1:58:12:5a:c7:25:64:26:09:e9:da:e2:02:4a:97:2d:5e:bf:
         d5:77:6d:40:51:d5:78:32:d8:2b:e3:81:0b:e7:45:4e:c9:85:
         3d:b3:96:77:43:1f:9c:33:6f:21:45:b5:32:92:3d:ea:d1:35:
         5e:b4:c1:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFzu2MTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmVhMzdhOGU3M2U3Njc5YTkzM2Q3MGY3YjljODcyMDgxMDI0NDU1MB4XDTIyMDQw
NjEwMDcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjYTUyNTIzZmEy
Yzg1N2JkMzBlODUzODRhYjYwZmZhYzZlMTMyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk49t42U7DJ6XfgZb220kRCq2vigk1oFvbbZws8HggGDmSP
t8GgsSfaH5JBm4P/jlIAtPyB/vd1Xa4NlOJ+ZVcTbWfVS0ykRu+mS5gRh+byiEtX
D/jXVlNXP3vRlL9ybjDculrqb59sGFZsSg7fxq3sXQqZPpoBgV/RrwJyi+7ctdTi
N4QSaFdTxLlhzntK+8++/u+w0gvy53SmbnAnF+vMUYWZ5WPUlRT9uSF1o+ryr0un
tkwlPtq4aisYK3j9cgpgnTVi5Ov+yBe7cm2LJ2pjCDbz0ioPiO2mtU17NcfJpbRL
q8kjdgqJv2KFhBXgN9QtyRV8EbrsAQ198ZtlGJkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGylJSP6LIV70w6FOEq2D/rG4TJjAfBgNVHSMEGDAWgBQW6jeo5z52eakz
1w97nIcggQJEVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z1bzNxT2MtZG5tcE05Y1BlNXlISUlFQ1JGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvNTFjZDk0LWEwNTUtNDNlZS1hMDliLTQ3MmIwZDA3MmU4My8x
L2hzcFNVai1peUZlOU1PaFRoS3RnXzZ4dUV5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
NTFjZDk0LWEwNTUtNDNlZS1hMDliLTQ3MmIwZDA3MmU4My8xL0Z1bzNxT2MtZG5t
cE05Y1BlNXlISUlFQ1JGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI7qjANBgkqhkiG9w0BAQsFAAOC
AQEABDFmtYqFaxUF8BOwjpkCnbwb5OfAoSH8gTolfl/BD/3jk0jzUF3pSqZCyljy
DsEbJykjeDWC4ZZfKNg6imHb3+T9PNpW9YHjQ/q1UH+iyJxvR8EF7qRlTxtjUz5B
1FxEhGlvOWH7lVwd6XAGcpQvWocu3WEfOCHA6ZG/Qm/bpCDbbRpJwZohP2/yh9Mp
Byk3ua3BvG5uEtZZH4dqeuj1f2JoGAhOxhk9akPNXTUghhpbrJzUJnVmAmy/ewm+
MiPWAVWV3Cn50VgSWsclZCYJ6driAkqXLV6/1XdtQFHVeDLYK+OBC+dFTsmFPbOW
d0MfnDNvIUW1MpI96tE1XrTBVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:58 2024 by rpki-client on console-fra.rpki-client.org