Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/HxispfxTb1L5FsV2iATfmzsTL9Y.roa
File:                     HxispfxTb1L5FsV2iATfmzsTL9Y.roa (raw, json)
Hash identifier:          Ll0auEu1Y3qmNr9QR1eEyOKq0339NCDfZ401sFaPO3M=
Subject key identifier:   1F:18:AC:A5:FC:53:6F:52:F9:16:C5:76:88:04:DF:9B:3B:13:2F:D6
Certificate issuer:       /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial:       082E267B
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/HxispfxTb1L5FsV2iATfmzsTL9Y.roa
Signing time:             Sat 01 Jan 2022 05:06:15 +0000
ROA not before:           Sat 01 Jan 2022 05:06:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207200
IP address blocks:        2a0e:1cc0:8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137242235 (0x82e267b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
        Validity
            Not Before: Jan  1 05:06:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f18aca5fc536f52f916c5768804df9b3b132fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c9:ab:51:3d:80:38:ba:cf:ef:55:83:3b:b0:
                    af:cc:23:e4:b0:bf:d9:4c:64:94:2b:be:13:bc:f7:
                    45:1d:80:1f:cd:9c:a4:4e:46:47:e9:bb:9f:e1:bc:
                    b4:eb:ed:1d:1b:d8:8c:3d:6f:8f:87:f2:6b:2b:95:
                    38:66:a4:1c:c9:1a:b2:54:44:a2:0a:30:2c:47:51:
                    3c:27:b4:20:36:cd:66:a9:3d:36:f2:32:85:66:e7:
                    1b:74:09:9f:3c:8a:2b:16:56:99:d2:d6:0b:03:6c:
                    c4:5a:0c:65:0a:ab:00:e8:b3:5e:19:77:0a:30:e9:
                    7b:d0:bc:d6:b2:1a:98:96:93:53:7a:5e:3e:5a:fd:
                    31:d5:8a:42:2f:19:5a:39:1f:a2:2c:ea:bb:3c:19:
                    e9:5b:57:86:45:bd:90:6e:e4:10:d3:88:2d:4b:9c:
                    cd:19:28:a4:e6:3c:d4:93:0e:9b:a5:24:3c:2d:38:
                    fa:e1:a4:4f:0f:4a:df:05:87:ca:95:10:28:28:97:
                    61:61:8c:98:66:b5:94:51:a9:68:b9:83:a4:3c:65:
                    f4:b8:f9:90:1a:57:32:10:3e:cf:c2:ca:91:15:0a:
                    8e:b0:ff:9e:a1:eb:b0:e2:5c:da:6c:e8:bb:c1:c8:
                    00:7a:bb:61:f3:4f:b0:88:7d:5d:aa:d2:ca:0c:6b:
                    81:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:18:AC:A5:FC:53:6F:52:F9:16:C5:76:88:04:DF:9B:3B:13:2F:D6
            X509v3 Authority Key Identifier:
                keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/HxispfxTb1L5FsV2iATfmzsTL9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:1cc0:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         d8:9d:c2:77:0f:a5:6d:7b:54:0a:50:ff:32:e8:8f:4e:cd:2a:
         4c:86:df:0e:7a:f4:a0:d5:b3:d7:e5:7f:76:02:08:13:56:69:
         7f:26:98:1a:69:2a:1e:42:49:66:09:4a:3d:70:d5:06:2a:09:
         fe:8d:51:59:6b:1d:38:83:fb:60:ea:7e:7a:68:8a:63:31:48:
         b1:cf:83:6c:a8:ae:13:91:da:66:52:d4:80:b2:e9:8c:b1:9d:
         8a:2d:00:07:72:fa:3f:be:4c:9c:bb:68:87:9f:90:57:c5:14:
         66:88:c1:be:f9:be:23:61:32:7d:4e:0b:c8:6e:18:d8:37:e1:
         2e:c7:d4:b5:3b:23:d0:d7:52:9d:f3:f0:a2:85:eb:7d:9d:5d:
         d4:33:f2:2a:b8:48:db:15:b9:0b:c4:10:87:4c:02:36:f8:f1:
         06:57:ef:5e:c8:b2:93:00:e1:e7:01:ac:7e:09:4b:01:89:ab:
         cd:56:f8:f6:62:16:ae:42:b6:64:39:6b:e4:ee:a3:d7:77:4a:
         85:b8:bc:c5:db:b4:1c:48:f6:d7:b9:36:63:72:84:37:b1:12:
         69:b1:60:2d:75:eb:04:6a:81:75:86:9e:c4:ed:ea:9c:fe:c8:
         db:f3:03:ce:4a:82:4c:39:9d:dd:19:30:40:b3:de:4b:f0:30:
         36:f7:84:26
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECC4mezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTMxMzY3ZGY2ZDE4NjEwNzFjOTJiYWU3MjY1MjMzMjZmNDViYTJhMB4XDTIyMDEw
MTA1MDYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYxOGFjYTVmYzUz
NmY1MmY5MTZjNTc2ODgwNGRmOWIzYjEzMmZkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIPJq1E9gDi6z+9Vgzuwr8wj5LC/2UxklCu+E7z3RR2AH82c
pE5GR+m7n+G8tOvtHRvYjD1vj4fyayuVOGakHMkaslREogowLEdRPCe0IDbNZqk9
NvIyhWbnG3QJnzyKKxZWmdLWCwNsxFoMZQqrAOizXhl3CjDpe9C81rIamJaTU3pe
Plr9MdWKQi8ZWjkfoizquzwZ6VtXhkW9kG7kENOILUuczRkopOY81JMOm6UkPC04
+uGkTw9K3wWHypUQKCiXYWGMmGa1lFGpaLmDpDxl9Lj5kBpXMhA+z8LKkRUKjrD/
nqHrsOJc2mzou8HIAHq7YfNPsIh9XarSygxrgXMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQfGKyl/FNvUvkWxXaIBN+bOxMv1jAfBgNVHSMEGDAWgBTuMTZ99tGGEHHJ
K65yZSMyb0W6KjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdqRTJmZmJSaGhCeHlTdXVjbVVqTW05RnVpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMWJiNGRkLWU5YzQtNGQzZC05YTNiLTExNTlkYmZiZWQ1NC8x
L0h4aXNwZnhUYjFMNUZzVjJpQVRmbXpzVEw5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MWJiNGRkLWU5YzQtNGQzZC05YTNiLTExNTlkYmZiZWQ1NC8xLzdqRTJmZmJSaGhC
eHlTdXVjbVVqTW05RnVpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOHMAACDANBgkqhkiG9w0BAQsF
AAOCAQEA2J3Cdw+lbXtUClD/MuiPTs0qTIbfDnr0oNWz1+V/dgIIE1ZpfyaYGmkq
HkJJZglKPXDVBioJ/o1RWWsdOIP7YOp+emiKYzFIsc+DbKiuE5HaZlLUgLLpjLGd
ii0AB3L6P75MnLtoh5+QV8UUZojBvvm+I2EyfU4LyG4Y2DfhLsfUtTsj0NdSnfPw
ooXrfZ1d1DPyKrhI2xW5C8QQh0wCNvjxBlfvXsiykwDh5wGsfglLAYmrzVb49mIW
rkK2ZDlr5O6j13dKhbi8xdu0HEj217k2Y3KEN7ESabFgLXXrBGqBdYaexO3qnP7I
2/MDzkqCTDmd3RkwQLPeS/AwNveEJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org