Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6077a1-cec6-437c-bc90-d120da3e8e92/1/rehppT6_3qMSj_ARUNVBMvkbB_0.roa
File:                     rehppT6_3qMSj_ARUNVBMvkbB_0.roa (raw, json)
Hash identifier:          S6oqvQejSvDZ2Q+pkqTRP44A5167pDO2hBnr0CPYhVo=
Subject key identifier:   AD:E8:69:A5:3E:BF:DE:A3:12:8F:F0:11:50:D5:41:32:F9:1B:07:FD
Certificate issuer:       /CN=12aa2c1ee4349a086c769013a42e8b4ac2ba19bf
Certificate serial:       0C9FC071
Authority key identifier: 12:AA:2C:1E:E4:34:9A:08:6C:76:90:13:A4:2E:8B:4A:C2:BA:19:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EqosHuQ0mghsdpATpC6LSsK6Gb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/6077a1-cec6-437c-bc90-d120da3e8e92/1/rehppT6_3qMSj_ARUNVBMvkbB_0.roa
Signing time:             Sat 01 Jan 2022 15:01:02 +0000
ROA not before:           Sat 01 Jan 2022 15:01:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59943
IP address blocks:        193.200.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 211796081 (0xc9fc071)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12aa2c1ee4349a086c769013a42e8b4ac2ba19bf
        Validity
            Not Before: Jan  1 15:01:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ade869a53ebfdea3128ff01150d54132f91b07fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8d:ca:ce:3f:b5:88:bd:30:0a:7d:84:9b:68:
                    00:41:a2:e3:12:ab:8a:ae:86:55:9c:56:fb:37:2c:
                    73:13:17:71:a6:97:d8:01:84:43:f3:22:a8:29:94:
                    7e:60:bf:d7:a9:ca:9d:9f:ec:20:4b:fd:6e:12:d0:
                    b1:e4:cc:30:0d:d3:6e:ab:7d:4f:1c:66:b0:d5:dc:
                    9d:55:fa:00:46:3b:d9:80:d0:87:d4:37:31:3a:5a:
                    6d:c2:59:ab:8f:95:f9:c1:51:a1:24:2f:c6:88:16:
                    ca:b3:26:8a:cd:ba:16:40:d4:68:08:e3:e4:15:79:
                    93:49:57:62:19:75:2a:b0:40:35:2e:14:e5:55:0d:
                    ea:e3:f7:92:16:1f:c9:e6:1c:ff:0e:e9:b3:d0:72:
                    5b:96:8c:e2:3c:d3:0d:d0:65:9e:74:d9:11:b5:8c:
                    88:38:82:c3:6d:74:34:6f:40:25:b2:00:d3:58:e6:
                    84:c8:e3:fd:22:91:f5:67:2d:4f:5f:7b:4c:88:e0:
                    00:74:2e:52:94:06:a4:f6:57:da:4d:9d:af:3a:a1:
                    5e:0b:74:ef:04:2f:8b:4a:0c:71:36:4d:da:bf:90:
                    8c:9c:31:d5:da:9e:02:62:bd:05:72:99:1e:f9:52:
                    1d:d9:4f:02:ef:55:fe:a6:b7:4a:9b:fe:05:10:85:
                    ab:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E8:69:A5:3E:BF:DE:A3:12:8F:F0:11:50:D5:41:32:F9:1B:07:FD
            X509v3 Authority Key Identifier:
                keyid:12:AA:2C:1E:E4:34:9A:08:6C:76:90:13:A4:2E:8B:4A:C2:BA:19:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqosHuQ0mghsdpATpC6LSsK6Gb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6077a1-cec6-437c-bc90-d120da3e8e92/1/rehppT6_3qMSj_ARUNVBMvkbB_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6077a1-cec6-437c-bc90-d120da3e8e92/1/EqosHuQ0mghsdpATpC6LSsK6Gb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:3f:46:e0:30:ea:94:59:d3:65:3d:22:af:08:ee:39:4c:3d:
         f0:49:fd:c1:82:3e:17:1b:ba:10:5b:17:ff:a1:6a:f1:c5:6c:
         89:4a:f6:1f:be:1d:af:43:15:92:ef:34:80:7d:7b:1e:c8:46:
         55:92:cc:21:ae:12:37:8c:dc:55:6d:8e:b2:ac:87:83:ee:68:
         64:aa:32:71:0e:a6:49:da:24:ae:a3:ab:6a:8b:d9:98:73:be:
         54:30:a5:7d:ad:5b:83:ee:6f:52:aa:7b:11:2b:c4:bc:dd:d7:
         14:dc:a9:7e:30:12:06:78:c0:37:b6:19:73:18:e9:c0:c5:c5:
         b9:40:97:98:fb:48:e4:e1:89:d3:7e:dc:40:d6:04:e7:31:5c:
         3c:65:0c:7a:fc:d7:4a:b6:dd:3e:77:1c:ee:b8:37:b5:22:22:
         c3:0a:87:02:c6:33:ed:57:67:d7:1a:c3:2c:78:20:50:84:3f:
         1f:ef:09:2d:bb:1f:10:c3:b5:ca:30:46:8a:de:9f:0a:ef:75:
         85:ed:1d:45:85:fb:24:8e:8a:f0:6a:70:bf:21:2d:92:f3:8c:
         97:4b:3a:f4:e0:c0:87:44:47:59:48:00:38:ee:36:ac:fc:7a:
         29:6c:a3:99:54:a4:64:c3:57:40:09:62:c8:3f:f7:a8:a2:28:
         4c:c2:d8:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDJ/AcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MmFhMmMxZWU0MzQ5YTA4NmM3NjkwMTNhNDJlOGI0YWMyYmExOWJmMB4XDTIyMDEw
MTE1MDEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRlODY5YTUzZWJm
ZGVhMzEyOGZmMDExNTBkNTQxMzJmOTFiMDdmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2Nys4/tYi9MAp9hJtoAEGi4xKriq6GVZxW+zcscxMXcaaX
2AGEQ/MiqCmUfmC/16nKnZ/sIEv9bhLQseTMMA3Tbqt9TxxmsNXcnVX6AEY72YDQ
h9Q3MTpabcJZq4+V+cFRoSQvxogWyrMmis26FkDUaAjj5BV5k0lXYhl1KrBANS4U
5VUN6uP3khYfyeYc/w7ps9ByW5aM4jzTDdBlnnTZEbWMiDiCw210NG9AJbIA01jm
hMjj/SKR9WctT197TIjgAHQuUpQGpPZX2k2drzqhXgt07wQvi0oMcTZN2r+QjJwx
1dqeAmK9BXKZHvlSHdlPAu9V/qa3Spv+BRCFq3ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSt6GmlPr/eoxKP8BFQ1UEy+RsH/TAfBgNVHSMEGDAWgBQSqiwe5DSaCGx2
kBOkLotKwroZvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Vxb3NIdVEwbWdoc2RwQVRwQzZMU3NLNkdiOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNjA3N2ExLWNlYzYtNDM3Yy1iYzkwLWQxMjBkYTNlOGU5Mi8x
L3JlaHBwVDZfM3FNU2pfQVJVTlZCTXZrYkJfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NjA3N2ExLWNlYzYtNDM3Yy1iYzkwLWQxMjBkYTNlOGU5Mi8xL0Vxb3NIdVEwbWdo
c2RwQVRwQzZMU3NLNkdiOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHIHTANBgkqhkiG9w0BAQsFAAOC
AQEACj9G4DDqlFnTZT0irwjuOUw98En9wYI+Fxu6EFsX/6Fq8cVsiUr2H74dr0MV
ku80gH17HshGVZLMIa4SN4zcVW2OsqyHg+5oZKoycQ6mSdokrqOraovZmHO+VDCl
fa1bg+5vUqp7ESvEvN3XFNypfjASBnjAN7YZcxjpwMXFuUCXmPtI5OGJ037cQNYE
5zFcPGUMevzXSrbdPncc7rg3tSIiwwqHAsYz7Vdn1xrDLHggUIQ/H+8JLbsfEMO1
yjBGit6fCu91he0dRYX7JI6K8GpwvyEtkvOMl0s69ODAh0RHWUgAOO42rPx6KWyj
mVSkZMNXQAliyD/3qKIoTMLY5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:54 2024 by rpki-client on console-fra.rpki-client.org