Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/hS4DZO_UBI1AWs-c6NMOTZqPmL0.roa
File:                     hS4DZO_UBI1AWs-c6NMOTZqPmL0.roa (raw, json)
Hash identifier:          O0rynLa9KuCZkzETyisQ0P8W7UjDe2CZoEGUif9cpG4=
Subject key identifier:   85:2E:03:64:EF:D4:04:8D:40:5A:CF:9C:E8:D3:0E:4D:9A:8F:98:BD
Certificate issuer:       /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial:       0181FC66E2C9359CCACCD199DD35AFBBDC2C
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/hS4DZO_UBI1AWs-c6NMOTZqPmL0.roa
Signing time:             Thu 14 Jul 2022 11:10:10 +0000
ROA not before:           Thu 14 Jul 2022 11:10:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48383
IP address blocks:        217.12.32.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fc:66:e2:c9:35:9c:ca:cc:d1:99:dd:35:af:bb:dc:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
        Validity
            Not Before: Jul 14 11:10:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=852e0364efd4048d405acf9ce8d30e4d9a8f98bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:4b:61:80:7f:71:0f:29:7e:a0:4c:36:74:38:
                    9e:8e:2f:11:e6:4d:66:f1:d2:d4:b5:c2:c9:ca:05:
                    0d:db:6b:0c:a2:34:7f:32:31:7f:cc:43:3d:2c:c5:
                    fc:83:39:57:ad:a1:f4:c3:01:bc:f4:e5:59:24:fe:
                    a2:17:ff:ba:a3:d4:4d:36:26:fc:67:e7:54:8d:c5:
                    67:6f:db:20:56:46:d0:f8:79:2b:4b:e7:67:76:bb:
                    9f:dc:db:87:60:ac:24:0d:58:c3:23:ce:90:6f:ac:
                    20:40:f6:55:38:17:ff:e9:6d:39:e5:9a:fb:f8:91:
                    06:85:87:62:af:b0:74:ac:06:80:e6:82:d9:cf:44:
                    f4:59:93:be:ae:e7:51:de:26:ea:1a:a2:6d:53:c2:
                    23:74:ce:ae:19:96:29:cf:ee:9c:1f:66:a3:63:61:
                    57:d6:a1:e1:f5:d8:1a:c5:94:2b:e8:0f:d1:54:d6:
                    df:6b:6d:38:26:36:26:bc:62:09:11:c2:5c:ec:28:
                    97:76:36:3f:5a:d7:ee:9f:e2:3e:13:37:84:c0:8a:
                    39:76:0b:df:1c:be:67:ca:e2:7d:66:9e:4b:2d:b1:
                    81:aa:12:d4:cd:f6:dd:6c:db:09:98:2d:5d:51:64:
                    f0:0d:17:15:f9:ac:0d:9d:50:e4:9a:70:14:b7:81:
                    5c:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:2E:03:64:EF:D4:04:8D:40:5A:CF:9C:E8:D3:0E:4D:9A:8F:98:BD
            X509v3 Authority Key Identifier:
                keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/hS4DZO_UBI1AWs-c6NMOTZqPmL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.12.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3c:7d:c6:5c:6d:00:45:e1:e4:9b:cf:35:82:20:51:77:30:19:
         63:30:ac:e9:be:fb:6e:2d:64:8b:24:b6:b1:fa:50:53:a5:69:
         46:51:b2:f7:02:ab:c7:d5:ff:74:17:2d:21:0d:29:51:d3:6e:
         63:e0:f8:48:2c:2e:f8:45:6a:17:46:7f:87:d2:bd:38:5c:d5:
         15:09:cd:c6:6a:6f:dd:13:9d:14:9b:e9:4c:55:59:b3:a8:a9:
         27:2c:07:7a:a9:dd:e5:10:e5:5f:34:fa:16:47:56:5b:30:64:
         b8:c9:f6:ba:57:e9:d4:a8:ec:dd:70:86:be:02:70:c4:16:ce:
         7a:54:e5:39:a2:5e:bb:5c:0b:70:fe:47:06:d2:d1:0f:c8:34:
         65:f3:46:a3:49:d4:4e:8b:07:88:23:84:08:19:a7:a7:b1:76:
         e9:41:81:ad:64:1e:b0:96:6c:0e:df:33:71:23:b7:62:1f:42:
         7a:fe:b1:f4:42:62:8a:aa:8e:34:7d:d5:29:d1:e8:65:e2:1d:
         fe:f8:f2:34:af:4c:b0:92:20:50:d0:b2:88:72:c8:7c:7c:eb:
         89:65:76:2c:b3:5c:ea:4d:d2:69:72:00:4a:d6:ec:3f:60:8b:
         ce:87:43:e4:60:b5:f4:9c:ae:15:c3:4b:5f:50:64:ec:5c:0d:
         fa:ec:2b:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH8ZuLJNZzKzNGZ3TWvu9wsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjIwNzE0MTExMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJlMDM2NGVmZDQwNDhkNDA1YWNmOWNlOGQzMGU0ZDlhOGY5OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUthgH9xDyl+oEw2dDieji8R5k1m
8dLUtcLJygUN22sMojR/MjF/zEM9LMX8gzlXraH0wwG89OVZJP6iF/+6o9RNNib8
Z+dUjcVnb9sgVkbQ+HkrS+dndruf3NuHYKwkDVjDI86Qb6wgQPZVOBf/6W055Zr7
+JEGhYdir7B0rAaA5oLZz0T0WZO+rudR3ibqGqJtU8IjdM6uGZYpz+6cH2ajY2FX
1qHh9dgaxZQr6A/RVNbfa204JjYmvGIJEcJc7CiXdjY/Wtfun+I+EzeEwIo5dgvf
HL5nyuJ9Zp5LLbGBqhLUzfbdbNsJmC1dUWTwDRcV+awNnVDkmnAUt4Fc2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUuA2Tv1ASNQFrPnOjTDk2aj5i9MB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvaFM0RFpPX1VCSTFBV3MtYzZOTU9UWnFQbUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2QwgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8fcZcbQBF4eSbzzWCIFF3MBljMKzpvvtuLWSLJLax
+lBTpWlGUbL3AqvH1f90Fy0hDSlR025j4PhILC74RWoXRn+H0r04XNUVCc3Gam/d
E50Um+lMVVmzqKknLAd6qd3lEOVfNPoWR1ZbMGS4yfa6V+nUqOzdcIa+AnDEFs56
VOU5ol67XAtw/kcG0tEPyDRl80ajSdROiweII4QIGaensXbpQYGtZB6wlmwO3zNx
I7diH0J6/rH0QmKKqo40fdUp0ehl4h3++PI0r0ywkiBQ0LKIcsh8fOuJZXYss1zq
TdJpcgBK1uw/YIvOh0PkYLX0nK4Vw0tfUGTsXA367Cvz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:44 2024 by rpki-client on console-ams.rpki-client.org