Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa
File:                     hglGB2_cdvAQTw8NjxK9DkJRvds.roa (raw, json)
Hash identifier:          pjfi8cIf4CgPXi2SLC5xlLNHDnxdVNxhNEovDxURHxY=
Subject key identifier:   86:09:46:07:6F:DC:76:F0:10:4F:0F:0D:8F:12:BD:0E:42:51:BD:DB
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0184F6F9C569B872357DF2C4793A498EDD83
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa
Signing time:             Fri 09 Dec 2022 13:01:14 +0000
ROA not before:           Fri 09 Dec 2022 13:01:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211373
IP address blocks:        81.168.117.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f6:f9:c5:69:b8:72:35:7d:f2:c4:79:3a:49:8e:dd:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec  9 13:01:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=860946076fdc76f0104f0f0d8f12bd0e4251bddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:68:2f:06:03:a3:f3:77:fc:9a:b6:df:26:6c:
                    bd:99:ae:29:ba:d0:15:7a:c5:9c:11:4f:31:1d:25:
                    90:62:a5:65:b2:23:58:58:2e:d8:9f:fb:5c:29:00:
                    3c:be:ec:f9:32:9f:2c:c8:96:5d:86:0e:cc:99:f2:
                    98:4c:d0:57:28:ff:c3:05:14:f5:1c:cb:6f:a3:c5:
                    e7:9b:0c:65:87:ed:28:e7:0c:a1:9d:4b:37:d3:e5:
                    f7:1e:6f:53:38:04:a7:b5:c3:87:3e:86:85:6a:6c:
                    82:a5:ed:81:d7:d7:c5:79:29:01:14:ae:3a:4d:ef:
                    8d:2d:df:25:e1:e1:d6:37:c3:90:89:b1:16:c6:7e:
                    02:fa:e2:ae:be:75:83:4c:a8:d7:d0:cc:7b:20:da:
                    95:9a:73:0d:68:93:6b:0c:2c:65:3e:e9:71:92:fc:
                    7f:f2:8e:b9:4d:6f:31:c4:1c:ce:fb:71:bd:45:de:
                    d4:13:4f:00:72:6e:ca:6a:35:f2:20:e8:31:94:e4:
                    ff:38:45:7e:e5:80:cf:53:4b:eb:72:e2:5c:15:e5:
                    78:c7:6e:e1:c4:18:40:68:e2:17:30:9c:45:5d:e1:
                    30:f1:57:dd:fb:12:aa:6c:28:f3:8b:65:b1:a5:72:
                    8f:3b:28:d8:ea:dc:24:4b:7a:e6:22:e3:64:6f:77:
                    89:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:09:46:07:6F:DC:76:F0:10:4F:0F:0D:8F:12:BD:0E:42:51:BD:DB
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hglGB2_cdvAQTw8NjxK9DkJRvds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:53:13:4c:0e:3d:a6:27:bb:a4:06:47:f2:68:f8:f0:c5:22:
         d9:5e:42:88:0a:0a:ee:48:06:27:70:d5:44:9a:d9:0d:33:88:
         bf:32:5b:c1:0a:02:26:14:35:32:f3:a2:aa:80:5c:fa:44:80:
         69:14:06:8b:c5:f5:60:7b:1c:3a:70:8e:6f:9d:3b:88:ca:2c:
         d3:8f:21:87:98:f5:63:74:6d:49:00:51:1a:f1:41:49:3d:cd:
         fc:8f:83:8b:4a:95:6e:93:02:18:18:2d:37:71:fb:84:89:7a:
         eb:ee:7e:7b:c6:e1:6b:2b:04:86:e9:21:57:c9:94:47:01:c7:
         3a:59:f6:21:11:36:e8:18:b0:fe:5d:b9:1a:f4:c7:49:39:b8:
         a9:49:d1:cc:44:23:d5:1c:c1:8b:24:2f:28:9e:3c:ea:19:b7:
         dc:82:42:a4:cf:27:c7:76:a2:05:b8:e0:57:a4:db:20:7b:d9:
         b7:88:f3:10:4a:c1:78:53:fc:cf:2d:c6:1d:bf:59:93:97:f4:
         ef:0f:51:cb:31:18:7e:2a:22:71:30:61:45:b4:9f:55:f7:97:
         96:0e:91:b1:6f:83:f4:cf:dc:7c:7b:2f:9b:f8:fc:ee:a4:46:
         21:87:4c:1e:7b:d3:97:c0:9d:5a:d9:e8:a8:88:45:72:bf:e5:
         a2:b1:3b:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2+cVpuHI1ffLEeTpJjt2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjA5MTMwMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjA5NDYwNzZmZGM3NmYwMTA0ZjBmMGQ4ZjEyYmQwZTQyNTFiZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWgvBgOj83f8mrbfJmy9ma4putAV
esWcEU8xHSWQYqVlsiNYWC7Yn/tcKQA8vuz5Mp8syJZdhg7MmfKYTNBXKP/DBRT1
HMtvo8Xnmwxlh+0o5wyhnUs30+X3Hm9TOASntcOHPoaFamyCpe2B19fFeSkBFK46
Te+NLd8l4eHWN8OQibEWxn4C+uKuvnWDTKjX0Mx7INqVmnMNaJNrDCxlPulxkvx/
8o65TW8xxBzO+3G9Rd7UE08Acm7KajXyIOgxlOT/OEV+5YDPU0vrcuJcFeV4x27h
xBhAaOIXMJxFXeEw8Vfd+xKqbCjzi2WxpXKPOyjY6twkS3rmIuNkb3eJpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYJRgdv3HbwEE8PDY8SvQ5CUb3bMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaGdsR0IyX2NkdkFRVHc4Tmp4SzlEa0pSdmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQATUxNMDj2mJ7ukBkfyaPjwxSLZXkKICgruSAYncNVE
mtkNM4i/MlvBCgImFDUy86KqgFz6RIBpFAaLxfVgexw6cI5vnTuIyizTjyGHmPVj
dG1JAFEa8UFJPc38j4OLSpVukwIYGC03cfuEiXrr7n57xuFrKwSG6SFXyZRHAcc6
WfYhETboGLD+Xbka9MdJObipSdHMRCPVHMGLJC8onjzqGbfcgkKkzyfHdqIFuOBX
pNsge9m3iPMQSsF4U/zPLcYdv1mTl/TvD1HLMRh+KiJxMGFFtJ9V95eWDpGxb4P0
z9x8ey+b+PzupEYhh0wee9OXwJ1a2eioiEVyv+WisTui
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org