Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa
File:                     g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa (raw, json)
Hash identifier:          QqqWQwtwshi8gp9LkvN9eN7AwYgFUGxJUcdJIH1P3jY=
Subject key identifier:   83:D6:F1:F5:9C:1E:C4:32:50:66:36:EA:6F:F3:54:BC:5C:87:C0:C3
Certificate issuer:       /CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
Certificate serial:       3819A76B
Authority key identifier: 1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa
Signing time:             Sat 01 Jan 2022 14:05:41 +0000
ROA not before:           Sat 01 Jan 2022 14:05:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13041
IP address blocks:        193.242.98.0/24 maxlen: 24
                          192.94.163.0/24 maxlen: 24
                          84.88.0.0/15 maxlen: 18
                          2001:7f8:2a::/48 maxlen: 48
                          2001:40b0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 941205355 (0x3819a76b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
        Validity
            Not Before: Jan  1 14:05:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=83d6f1f59c1ec432506636ea6ff354bc5c87c0c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:ee:8f:a7:c6:d1:e8:ce:e8:c9:00:98:94:f1:
                    ff:71:c3:bf:dd:84:91:52:14:88:39:29:45:8f:f6:
                    e1:9f:5e:e9:7b:04:82:d8:a0:c0:b9:a6:a6:ec:c7:
                    bf:83:9f:14:87:aa:f8:30:c4:01:64:56:17:c1:2d:
                    df:5a:67:7a:d6:ea:39:6f:8e:0f:9c:ce:88:f7:67:
                    b4:a0:f1:d5:d0:3f:11:80:24:93:bc:e1:6e:03:bc:
                    d4:22:3f:aa:ba:9b:00:a6:0f:c4:f3:77:d4:76:8f:
                    0d:02:d5:0e:d5:de:b6:19:fa:da:32:fc:53:6a:0e:
                    96:a3:a2:1e:d3:df:6e:bf:4f:b6:be:43:f2:1b:65:
                    aa:41:04:40:79:90:7d:6a:50:90:42:94:c2:7b:38:
                    ad:8a:b8:c3:46:7f:76:eb:b8:55:ab:bc:8a:7e:08:
                    c6:34:e4:e8:7a:2e:50:da:d0:18:d0:e1:af:d1:d9:
                    f8:17:6d:98:40:7e:7c:02:e9:c5:c2:d5:a7:32:d5:
                    6d:78:7a:2b:c8:43:a5:0a:ac:27:c9:95:27:78:53:
                    61:9c:c2:ba:63:05:c1:e0:6f:24:e1:92:1e:cb:47:
                    6f:76:2c:ab:fb:94:f9:59:11:a8:c2:5b:f4:f6:06:
                    7b:6d:24:13:e0:89:db:a3:49:e3:dc:ce:0c:3d:1f:
                    19:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:D6:F1:F5:9C:1E:C4:32:50:66:36:EA:6F:F3:54:BC:5C:87:C0:C3
            X509v3 Authority Key Identifier:
                keyid:1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/g9bx9ZwexDJQZjbqb_NUvFyHwMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/HMRR-9-qEu_DUqWbAHsKiCO45l0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.88.0.0/15
                  192.94.163.0/24
                  193.242.98.0/24
                IPv6:
                  2001:7f8:2a::/48
                  2001:40b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:46:07:01:c9:d6:ed:7c:11:18:56:a9:92:ae:75:1e:94:63:
         4c:35:11:d4:d8:b2:0e:44:5a:23:34:7c:6e:ac:4d:5f:72:d3:
         2e:c5:d9:c3:9e:67:3b:87:dd:66:85:9e:17:d8:ad:bd:c2:ca:
         0a:99:32:ac:a6:9f:ab:ac:db:d2:4c:59:b1:7f:f7:fe:a4:c2:
         78:7b:29:ef:12:87:63:8b:5b:6e:cb:ca:76:d5:f0:87:c2:be:
         e4:18:48:25:10:52:43:23:a1:24:85:07:3f:99:4a:9a:71:7d:
         94:4c:48:0e:6d:75:e1:84:61:83:16:be:bb:64:9e:6a:83:77:
         a1:2a:75:37:fd:fd:53:bd:4a:37:b4:1f:19:da:14:55:9e:b8:
         73:cb:a5:80:f2:0f:6c:a9:60:a3:1e:e8:8e:13:23:2a:e2:b4:
         76:ac:2f:53:b8:8f:0c:1e:36:fc:2f:f6:78:f0:64:80:82:57:
         33:f9:6e:ac:53:84:2f:18:80:e5:78:89:d9:28:88:5b:49:f3:
         6c:6c:b3:e1:9a:02:30:3c:c0:46:3f:8d:fa:51:bd:f8:63:18:
         7d:5b:03:38:94:1e:9c:0c:c8:75:54:45:ef:72:d7:a8:5d:e7:
         4f:c1:fd:7b:65:11:f7:8c:da:74:50:e2:00:0e:2c:2c:29:49:
         e9:12:00:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEOBmnazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2M0NTFmYmRmYWExMmVmYzM1MmE1OWIwMDdiMGE4ODIzYjhlNjVkMB4XDTIyMDEw
MTE0MDU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODNkNmYxZjU5YzFl
YzQzMjUwNjYzNmVhNmZmMzU0YmM1Yzg3YzBjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPbuj6fG0ejO6MkAmJTx/3HDv92EkVIUiDkpRY/24Z9e6XsE
gtigwLmmpuzHv4OfFIeq+DDEAWRWF8Et31pnetbqOW+OD5zOiPdntKDx1dA/EYAk
k7zhbgO81CI/qrqbAKYPxPN31HaPDQLVDtXethn62jL8U2oOlqOiHtPfbr9Ptr5D
8htlqkEEQHmQfWpQkEKUwns4rYq4w0Z/duu4Vau8in4IxjTk6HouUNrQGNDhr9HZ
+BdtmEB+fALpxcLVpzLVbXh6K8hDpQqsJ8mVJ3hTYZzCumMFweBvJOGSHstHb3Ys
q/uU+VkRqMJb9PYGe20kE+CJ26NJ49zODD0fGZUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSD1vH1nB7EMlBmNupv81S8XIfAwzAfBgNVHSMEGDAWgBQcxFH736oS78NS
pZsAewqII7jmXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hNUlItOS1xRXVfRFVxV2JBSHNLaUNPNDVsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8x
L2c5Yng5WndleERKUVpqYnFiX05VdkZ5SHdNTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8xL0hNUlItOS1xRXVf
RFVxV2JBSHNLaUNPNDVsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwFwQCAAEwEQMDAVRYAwQAwF6jAwQAwfJiMBYEAgAC
MBADBwAgAQf4ACoDBQAgAUCwMA0GCSqGSIb3DQEBCwUAA4IBAQA7RgcBydbtfBEY
VqmSrnUelGNMNRHU2LIORFojNHxurE1fctMuxdnDnmc7h91mhZ4X2K29wsoKmTKs
pp+rrNvSTFmxf/f+pMJ4eynvEodji1tuy8p21fCHwr7kGEglEFJDI6EkhQc/mUqa
cX2UTEgObXXhhGGDFr67ZJ5qg3ehKnU3/f1TvUo3tB8Z2hRVnrhzy6WA8g9sqWCj
HuiOEyMq4rR2rC9TuI8MHjb8L/Z48GSAglcz+W6sU4QvGIDleInZKIhbSfNsbLPh
mgIwPMBGP436Ub34Yxh9WwM4lB6cDMh1VEXvcteoXedPwf17ZRH3jNp0UOIADiws
KUnpEgA0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:32 2024 by rpki-client on console-ams.rpki-client.org