Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/HnW74YhWx9w243uKeAs7-TU9Q1k.roa
File:                     HnW74YhWx9w243uKeAs7-TU9Q1k.roa (raw, json)
Hash identifier:          gDzzdef0lBoJda6vR9vQ5vJJuEu6SPnPVwi00uGCd38=
Subject key identifier:   1E:75:BB:E1:88:56:C7:DC:36:E3:7B:8A:78:0B:3B:F9:35:3D:43:59
Certificate issuer:       /CN=7af8a601e274d53ecbf18115164df3de4b291ff5
Certificate serial:       07C45263
Authority key identifier: 7A:F8:A6:01:E2:74:D5:3E:CB:F1:81:15:16:4D:F3:DE:4B:29:1F:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/evimAeJ01T7L8YEVFk3z3kspH_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/HnW74YhWx9w243uKeAs7-TU9Q1k.roa
Signing time:             Sat 01 Jan 2022 01:02:01 +0000
ROA not before:           Sat 01 Jan 2022 01:02:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12586
IP address blocks:        195.200.192.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130306659 (0x7c45263)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7af8a601e274d53ecbf18115164df3de4b291ff5
        Validity
            Not Before: Jan  1 01:02:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e75bbe18856c7dc36e37b8a780b3bf9353d4359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2a:29:45:77:20:d9:b2:f5:25:f3:80:2d:0a:
                    ed:c2:4b:39:55:be:37:f2:ac:16:86:3d:d2:98:ef:
                    27:96:8b:37:cd:73:41:62:f4:d1:4c:2c:54:b0:00:
                    01:4a:01:86:ed:eb:a6:db:e7:a3:00:e6:e2:c5:d3:
                    42:82:bb:93:a7:32:c2:d4:97:0d:c1:ab:21:1f:91:
                    88:20:6e:25:84:e9:35:47:dd:ae:f4:c7:09:59:18:
                    8f:6d:34:e7:c5:e9:51:66:af:31:8f:9c:a2:7f:81:
                    85:88:48:69:d5:b9:72:d1:f4:d4:d0:90:fe:1b:97:
                    c6:7d:81:e1:9d:e0:3d:cb:ea:de:e0:47:30:db:42:
                    17:4d:cc:9d:15:ce:6f:ea:9c:a6:af:9b:05:8a:22:
                    e0:1e:3f:4e:3e:b8:a6:b8:13:88:79:c7:39:89:09:
                    d8:ba:ce:80:12:4f:65:58:c2:05:ca:eb:9a:7e:f6:
                    cf:70:25:a9:3a:97:06:97:9b:ca:b5:bc:42:ab:e0:
                    08:c7:77:4e:c1:38:33:0c:f1:50:ac:7f:7f:c2:54:
                    e2:79:3d:d3:ab:c3:83:f7:ec:b5:4b:d6:e0:8c:05:
                    b0:25:78:51:9b:50:c3:2b:bf:8d:90:02:8b:20:58:
                    d8:2e:ea:11:f8:bd:3b:e5:63:35:e9:c4:6a:20:2b:
                    94:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:75:BB:E1:88:56:C7:DC:36:E3:7B:8A:78:0B:3B:F9:35:3D:43:59
            X509v3 Authority Key Identifier:
                keyid:7A:F8:A6:01:E2:74:D5:3E:CB:F1:81:15:16:4D:F3:DE:4B:29:1F:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evimAeJ01T7L8YEVFk3z3kspH_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/HnW74YhWx9w243uKeAs7-TU9Q1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5eb97d-3a91-404e-8647-98116832534f/1/evimAeJ01T7L8YEVFk3z3kspH_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.200.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:88:4b:65:25:ff:ca:88:5e:91:50:83:53:54:13:51:0d:ac:
         8a:e7:7e:6a:46:e5:eb:ca:47:85:be:a8:4f:4b:32:88:7d:9c:
         6d:f0:5c:7c:9e:e6:83:52:2a:db:bb:30:6a:ea:0a:f3:6e:16:
         82:4d:1b:5c:2c:58:db:9b:e9:76:52:9b:ba:6c:e1:77:eb:a4:
         76:7e:2f:4a:b2:f8:0e:83:4a:cb:76:72:75:fd:67:cf:ab:d0:
         76:0b:9d:c5:16:c2:2a:ca:ba:f8:40:2d:2b:0a:95:6b:35:c0:
         fc:06:5b:fc:79:41:0c:79:3c:87:ef:61:4d:30:bd:6d:3a:c5:
         8f:9e:a9:f6:b6:79:0b:4b:3d:85:57:ef:85:23:81:8e:72:9e:
         c5:ce:4a:62:f1:9e:de:49:93:b0:51:d4:66:2d:a1:c2:6b:82:
         68:56:73:d1:5b:58:93:5f:eb:53:fe:dd:19:c1:23:ba:95:13:
         ce:6e:1f:47:2d:a4:ca:4f:1c:d4:44:20:ba:4b:9c:f2:50:3a:
         fe:e1:89:15:40:32:c3:f7:f9:f0:65:7f:0b:a2:a2:9f:d9:7f:
         f0:67:10:38:7a:22:57:e3:7c:84:fe:ee:df:42:b4:cc:e0:1c:
         4b:9c:98:b7:18:ab:80:75:98:29:91:c8:8a:2b:9a:df:49:c3:
         11:b4:d3:1b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8RSYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YWY4YTYwMWUyNzRkNTNlY2JmMTgxMTUxNjRkZjNkZTRiMjkxZmY1MB4XDTIyMDEw
MTAxMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU3NWJiZTE4ODU2
YzdkYzM2ZTM3YjhhNzgwYjNiZjkzNTNkNDM1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUqKUV3INmy9SXzgC0K7cJLOVW+N/KsFoY90pjvJ5aLN81z
QWL00UwsVLAAAUoBhu3rptvnowDm4sXTQoK7k6cywtSXDcGrIR+RiCBuJYTpNUfd
rvTHCVkYj20058XpUWavMY+con+BhYhIadW5ctH01NCQ/huXxn2B4Z3gPcvq3uBH
MNtCF03MnRXOb+qcpq+bBYoi4B4/Tj64prgTiHnHOYkJ2LrOgBJPZVjCBcrrmn72
z3AlqTqXBpebyrW8QqvgCMd3TsE4MwzxUKx/f8JU4nk906vDg/fstUvW4IwFsCV4
UZtQwyu/jZACiyBY2C7qEfi9O+VjNenEaiArlJECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQedbvhiFbH3Dbje4p4Czv5NT1DWTAfBgNVHSMEGDAWgBR6+KYB4nTVPsvx
gRUWTfPeSykf9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2V2aW1BZUowMVQ3TDhZRVZGazN6M2tzcEhfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNWViOTdkLTNhOTEtNDA0ZS04NjQ3LTk4MTE2ODMyNTM0Zi8x
L0huVzc0WWhXeDl3MjQzdUtlQXM3LVRVOVExay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
NWViOTdkLTNhOTEtNDA0ZS04NjQ3LTk4MTE2ODMyNTM0Zi8xL2V2aW1BZUowMVQ3
TDhZRVZGazN6M2tzcEhfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPIwDANBgkqhkiG9w0BAQsFAAOC
AQEADIhLZSX/yohekVCDU1QTUQ2siud+akbl68pHhb6oT0syiH2cbfBcfJ7mg1Iq
27swauoK824Wgk0bXCxY25vpdlKbumzhd+ukdn4vSrL4DoNKy3Zydf1nz6vQdgud
xRbCKsq6+EAtKwqVazXA/AZb/HlBDHk8h+9hTTC9bTrFj56p9rZ5C0s9hVfvhSOB
jnKexc5KYvGe3kmTsFHUZi2hwmuCaFZz0VtYk1/rU/7dGcEjupUTzm4fRy2kyk8c
1EQgukuc8lA6/uGJFUAyw/f58GV/C6Kin9l/8GcQOHoiV+N8hP7u30K0zOAcS5yY
txirgHWYKZHIiiua30nDEbTTGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org