Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/3-Hu6rhYyRtS-zN3Qd8rIOHIqKQ.roa
File:                     3-Hu6rhYyRtS-zN3Qd8rIOHIqKQ.roa (raw, json)
Hash identifier:          9lK0zIugbT2sMw8YUZz5vFCkhseMK0aN5BAo5dzdJdY=
Subject key identifier:   DF:E1:EE:EA:B8:58:C9:1B:52:FB:33:77:41:DF:2B:20:E1:C8:A8:A4
Certificate issuer:       /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial:       0183A6E4A5BA60C98BE81CC90961D5DDE807
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/3-Hu6rhYyRtS-zN3Qd8rIOHIqKQ.roa
Signing time:             Wed 05 Oct 2022 06:45:45 +0000
ROA not before:           Wed 05 Oct 2022 06:45:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8536
IP address blocks:        212.52.160.0/22 maxlen: 22
                          212.52.168.0/22 maxlen: 22
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a6:e4:a5:ba:60:c9:8b:e8:1c:c9:09:61:d5:dd:e8:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
        Validity
            Not Before: Oct  5 06:45:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfe1eeeab858c91b52fb337741df2b20e1c8a8a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:1c:67:3e:ee:12:1e:34:a2:49:ef:69:5b:8c:
                    42:74:56:94:79:33:a6:06:a3:6e:19:1e:3f:ad:d7:
                    88:10:d1:a3:7d:0f:8b:e2:85:8c:a2:e4:7d:4f:ab:
                    17:db:a9:e7:45:a5:c8:fc:98:1a:75:95:8c:d8:99:
                    fd:27:af:ef:79:fe:b6:5f:6b:6d:8b:d7:15:b0:37:
                    ee:7f:56:fe:27:90:cc:ac:be:c3:25:79:31:3b:de:
                    fa:b7:e5:3a:67:93:28:4d:92:89:42:c6:0c:87:16:
                    15:ef:73:0c:90:ed:b8:b5:78:b2:29:c1:26:5d:8b:
                    74:ff:d7:af:94:37:ff:5f:6e:8f:d0:01:f5:c8:cd:
                    bf:91:3e:02:28:e3:3e:9e:fd:f3:34:86:0c:77:90:
                    78:29:28:21:8b:bd:d9:d2:d7:41:a5:b2:00:cf:74:
                    3d:31:9a:43:4d:80:4d:75:31:37:8a:c1:62:c9:25:
                    54:10:6d:fb:8a:8d:44:ce:9a:91:04:b2:51:2d:4c:
                    7b:bf:eb:56:e4:33:83:5c:17:4d:cd:83:17:1a:01:
                    cf:cf:a0:72:16:cf:84:bc:52:27:92:47:ac:e3:35:
                    49:34:f4:a1:3e:41:9d:11:33:3a:fb:46:ed:7d:39:
                    ec:0c:8a:f3:34:45:d8:31:fc:b7:05:14:68:96:2e:
                    77:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E1:EE:EA:B8:58:C9:1B:52:FB:33:77:41:DF:2B:20:E1:C8:A8:A4
            X509v3 Authority Key Identifier:
                keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/3-Hu6rhYyRtS-zN3Qd8rIOHIqKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.52.160.0/22
                  212.52.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:ae:80:0c:28:1a:6d:44:90:23:f3:78:d0:f5:75:f5:ad:80:
         3e:0d:46:bf:fb:87:f4:db:fd:16:c6:59:18:23:c4:9d:13:c6:
         e5:79:53:d7:4c:3b:49:0f:dc:83:be:7d:94:a6:14:8f:b9:da:
         a8:54:e3:73:cb:c4:fc:93:d5:1b:5e:fd:87:6a:78:78:9f:a8:
         1a:e1:9c:bd:d2:e0:5c:2c:fe:93:9b:81:48:0d:5b:e8:a9:26:
         db:9f:87:9b:69:42:ad:ee:8f:e5:f8:59:78:f8:da:d9:ab:5f:
         28:48:7e:6e:c3:12:82:a2:ee:eb:85:9a:6f:05:ff:e4:25:d6:
         19:4b:1d:da:48:e6:85:95:0a:cb:fc:80:1b:8d:4b:11:19:16:
         7c:9f:cd:d0:38:91:13:ae:e8:a3:14:aa:cb:97:53:6e:2b:43:
         c4:af:2f:ed:ca:6a:01:7a:4e:cc:c4:e8:7e:95:f8:f0:27:10:
         18:c1:02:d6:06:31:d0:de:79:e4:f8:25:45:ea:e7:7b:06:01:
         d8:c4:c7:c3:c4:73:c6:d0:3c:71:2d:cf:9c:49:77:9e:e6:6d:
         30:44:58:24:79:30:af:94:ca:d6:81:49:90:59:64:4d:bc:31:
         43:79:d5:22:3f:cb:1d:ba:ca:a7:3c:cf:5d:4f:3e:63:23:9e:
         31:5b:19:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOm5KW6YMmL6BzJCWHV3egHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjIxMDA1MDY0NTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUxZWVlYWI4NThjOTFiNTJmYjMzNzc0MWRmMmIyMGUxYzhhOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRxnPu4SHjSiSe9pW4xCdFaUeTOm
BqNuGR4/rdeIENGjfQ+L4oWMouR9T6sX26nnRaXI/JgadZWM2Jn9J6/vef62X2tt
i9cVsDfuf1b+J5DMrL7DJXkxO976t+U6Z5MoTZKJQsYMhxYV73MMkO24tXiyKcEm
XYt0/9evlDf/X26P0AH1yM2/kT4CKOM+nv3zNIYMd5B4KSghi73Z0tdBpbIAz3Q9
MZpDTYBNdTE3isFiySVUEG37io1EzpqRBLJRLUx7v+tW5DODXBdNzYMXGgHPz6By
Fs+EvFInkkes4zVJNPShPkGdETM6+0btfTnsDIrzNEXYMfy3BRRoli53mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/h7uq4WMkbUvszd0HfKyDhyKikMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvMy1IdTZyaFl5UnRTLXpOM1FkOHJJT0hJcUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1DSgAwQC
1DSoMA0GCSqGSIb3DQEBCwUAA4IBAQA1roAMKBptRJAj83jQ9XX1rYA+DUa/+4f0
2/0WxlkYI8SdE8bleVPXTDtJD9yDvn2UphSPudqoVONzy8T8k9UbXv2Hanh4n6ga
4Zy90uBcLP6Tm4FIDVvoqSbbn4ebaUKt7o/l+Fl4+NrZq18oSH5uwxKCou7rhZpv
Bf/kJdYZSx3aSOaFlQrL/IAbjUsRGRZ8n83QOJETruijFKrLl1NuK0PEry/tymoB
ek7MxOh+lfjwJxAYwQLWBjHQ3nnk+CVF6ud7BgHYxMfDxHPG0DxxLc+cSXee5m0w
RFgkeTCvlMrWgUmQWWRNvDFDedUiP8sdusqnPM9dTz5jI54xWxks
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:54 2025 by rpki-client