Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HGyc_L6Ga4meJv4hSiy991gRC7o.roa
File:                     HGyc_L6Ga4meJv4hSiy991gRC7o.roa (raw, json)
Hash identifier:          bXlqyRTaY5W4nc09tyf7DUaVHrSolw/q6AJ9txpWvrM=
Subject key identifier:   1C:6C:9C:FC:BE:86:6B:89:9E:26:FE:21:4A:2C:BD:F7:58:11:0B:BA
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0183080C404BC0C585E17604005023538D41
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HGyc_L6Ga4meJv4hSiy991gRC7o.roa
Signing time:             Sun 04 Sep 2022 10:29:24 +0000
ROA not before:           Sun 04 Sep 2022 10:29:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205090
IP address blocks:        185.112.102.0/24 maxlen: 24
                          185.117.117.0/24 maxlen: 24
                          185.112.101.0/24 maxlen: 24
                          185.112.103.0/24 maxlen: 24
                          45.9.73.0/24 maxlen: 24
                          45.9.75.0/24 maxlen: 24
                          193.162.143.0/24 maxlen: 24
                          185.233.83.0/24 maxlen: 24
                          185.105.90.0/24 maxlen: 24
                          185.105.88.0/24 maxlen: 24
                          185.105.91.0/24 maxlen: 24
                          185.105.89.0/24 maxlen: 24
                          185.221.162.0/24 maxlen: 24
                          45.95.202.0/24 maxlen: 24
                          185.102.139.0/24 maxlen: 24
                          45.95.203.0/24 maxlen: 24
                          45.90.216.0/24 maxlen: 24
                          45.90.218.0/24 maxlen: 24
                          45.90.217.0/24 maxlen: 24
                          45.90.219.0/24 maxlen: 24
                          84.252.73.0/24 maxlen: 24
                          84.252.75.0/24 maxlen: 24
                          84.252.74.0/24 maxlen: 24
                          185.233.200.0/24 maxlen: 24
                          185.232.169.0/24 maxlen: 24
                          185.128.105.0/24 maxlen: 24
                          45.89.65.0/24 maxlen: 24
                          85.209.2.0/24 maxlen: 24
                          185.103.109.0/24 maxlen: 24
                          185.128.107.0/24 maxlen: 24
                          185.128.106.0/24 maxlen: 24
                          193.168.227.0/24 maxlen: 24
                          185.217.198.0/24 maxlen: 24
                          185.217.199.0/24 maxlen: 24
                          185.104.251.0/24 maxlen: 24
                          2a0e:d603::/32 maxlen: 32
                          2a09:5302::/32 maxlen: 32
                          2a0d:2dc0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:08:0c:40:4b:c0:c5:85:e1:76:04:00:50:23:53:8d:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep  4 10:29:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c6c9cfcbe866b899e26fe214a2cbdf758110bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7e:70:53:ea:45:c5:aa:bf:9d:6b:84:ec:8c:
                    55:8b:5d:aa:35:2e:3c:c6:65:4d:cf:e9:a9:85:0b:
                    11:d9:8f:f8:60:be:77:c0:ed:e7:f5:17:7a:2e:dc:
                    b7:bf:08:da:65:71:82:be:75:a1:1b:6e:ed:da:13:
                    e6:78:82:2c:6b:51:bc:22:5d:cf:f5:fa:1e:19:fa:
                    70:26:0c:cf:54:3c:a8:c9:9b:b4:30:b5:a1:d3:5f:
                    92:a0:db:62:3d:f4:d0:e5:fb:fa:3f:6d:b1:35:46:
                    6c:b4:b9:58:fc:91:f5:00:26:34:b1:d1:49:d2:76:
                    07:dc:93:97:10:a9:5d:8e:56:a6:1f:6c:36:2b:01:
                    1a:69:7d:01:94:8c:16:97:8b:32:b9:ab:a0:27:b0:
                    be:8f:7e:a6:54:fd:8e:76:b3:ba:8c:bf:92:a4:05:
                    c7:60:0c:5c:19:db:52:f1:b2:9d:cc:5e:91:7b:26:
                    53:97:49:3f:7c:80:1d:11:1b:37:c4:83:31:db:40:
                    d1:5d:17:c8:a1:3a:98:8d:e1:6f:6c:a3:a1:fb:8e:
                    56:8d:13:27:74:61:d8:ba:83:74:96:bc:fd:01:83:
                    f9:aa:e2:70:9a:55:65:e4:32:6e:ae:b0:e2:c5:bf:
                    b4:ca:71:6d:c8:77:7a:5b:18:58:01:be:95:16:85:
                    68:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:6C:9C:FC:BE:86:6B:89:9E:26:FE:21:4A:2C:BD:F7:58:11:0B:BA
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HGyc_L6Ga4meJv4hSiy991gRC7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.73.0/24
                  45.9.75.0/24
                  45.89.65.0/24
                  45.90.216.0/22
                  45.95.202.0/23
                  84.252.73.0-84.252.75.255
                  85.209.2.0/24
                  185.102.139.0/24
                  185.103.109.0/24
                  185.104.251.0/24
                  185.105.88.0/22
                  185.112.101.0-185.112.103.255
                  185.117.117.0/24
                  185.128.105.0-185.128.107.255
                  185.217.198.0/23
                  185.221.162.0/24
                  185.232.169.0/24
                  185.233.83.0/24
                  185.233.200.0/24
                  193.162.143.0/24
                  193.168.227.0/24
                IPv6:
                  2a09:5302::/32
                  2a0d:2dc0::/29
                  2a0e:d603::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:5b:8e:eb:56:4a:fb:6c:71:89:03:21:ff:b0:ea:d4:53:34:
         bc:c8:5e:25:43:91:5c:bd:c4:e1:72:4a:fc:df:8a:d7:8f:3a:
         1a:5f:61:31:7b:40:e0:db:47:bc:7d:35:3f:0e:94:5f:e9:c2:
         9f:5d:3d:d6:88:a8:78:d0:db:90:c7:12:5d:2a:10:51:0a:fb:
         37:7b:74:5d:ca:7d:c6:ac:81:f7:b6:96:be:ca:2d:0e:93:af:
         0a:d7:45:50:ac:b5:a5:68:5e:31:94:15:ea:62:d5:b7:9e:ff:
         a8:3b:ef:9a:00:60:24:e6:cd:d5:04:90:81:95:27:4f:2f:78:
         2e:76:79:c3:e3:ee:53:61:99:0c:3a:31:ca:d0:63:fd:e3:a9:
         80:29:3d:26:5b:ef:4f:39:02:49:22:fd:83:6e:98:8f:20:e3:
         9c:fb:ff:d3:65:fd:a3:55:93:d8:3e:b9:8a:26:8a:f1:a2:89:
         88:15:ed:be:a0:82:e0:fb:57:98:9d:67:9c:28:33:d5:4a:b2:
         5a:ae:b6:4c:f0:50:15:77:70:3b:51:32:6e:af:9a:ed:67:89:
         29:f5:88:e8:42:71:b3:23:ac:65:45:7d:44:c8:48:e2:66:5d:
         b6:3b:40:d5:ba:7c:15:9f:6e:39:f5:a7:06:fa:f6:23:bc:5e:
         9a:2d:61:e5
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYMIDEBLwMWF4XYEAFAjU41BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTA0MTAyOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZjOWNmY2JlODY2Yjg5OWUyNmZlMjE0YTJjYmRmNzU4MTEwYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX5wU+pFxaq/nWuE7IxVi12qNS48
xmVNz+mphQsR2Y/4YL53wO3n9Rd6Lty3vwjaZXGCvnWhG27t2hPmeIIsa1G8Il3P
9foeGfpwJgzPVDyoyZu0MLWh01+SoNtiPfTQ5fv6P22xNUZstLlY/JH1ACY0sdFJ
0nYH3JOXEKldjlamH2w2KwEaaX0BlIwWl4syuaugJ7C+j36mVP2OdrO6jL+SpAXH
YAxcGdtS8bKdzF6ReyZTl0k/fIAdERs3xIMx20DRXRfIoTqYjeFvbKOh+45WjRMn
dGHYuoN0lrz9AYP5quJwmlVl5DJurrDixb+0ynFtyHd6WxhYAb6VFoVovQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFBxsnPy+hmuJnib+IUosvfdYEQu6MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSEd5Y19MNkdhNG1lSnY0aFNpeTk5MWdSQzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBnQQCAAEwgZYDBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8owDAMEAFT8SQMEAlT8SAMEAFXRAgME
ALlmiwMEALlnbQMEALlo+wMEArlpWDAMAwQAuXBlAwQDuXBgAwQAuXV1MAwDBAC5
gGkDBAK5gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADB
qOMwGwQCAAIwFQMFACoJUwIDBQMqDS3AAwUAKg7WAzANBgkqhkiG9w0BAQsFAAOC
AQEArVuO61ZK+2xxiQMh/7Dq1FM0vMheJUORXL3E4XJK/N+K1486Gl9hMXtA4NtH
vH01Pw6UX+nCn1091oioeNDbkMcSXSoQUQr7N3t0Xcp9xqyB97aWvsotDpOvCtdF
UKy1pWheMZQV6mLVt57/qDvvmgBgJObN1QSQgZUnTy94LnZ5w+PuU2GZDDoxytBj
/eOpgCk9JlvvTzkCSSL9g26YjyDjnPv/02X9o1WT2D65iiaK8aKJiBXtvqCC4PtX
mJ1nnCgz1UqyWq62TPBQFXdwO1Eybq+a7WeJKfWI6EJxsyOsZUV9RMhI4mZdtjtA
1bp8FZ9uOfWnBvr2I7xemi1h5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org