Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/HMSj8HkAHbo1kTi7y9-ad2O96rw.roa
File:                     HMSj8HkAHbo1kTi7y9-ad2O96rw.roa (raw, json)
Hash identifier:          gE5mSFbRGKq7OspQE4ZLr0/FktQvI3XBB0T/kWOtSRU=
Subject key identifier:   1C:C4:A3:F0:79:00:1D:BA:35:91:38:BB:CB:DF:9A:77:63:BD:EA:BC
Certificate issuer:       /CN=96329aae02b366ed1a01b52ac33abe760593a806
Certificate serial:       0183804D3A9975F79D228B13DE5F96941B9C
Authority key identifier: 96:32:9A:AE:02:B3:66:ED:1A:01:B5:2A:C3:3A:BE:76:05:93:A8:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ljKargKzZu0aAbUqwzq-dgWTqAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/HMSj8HkAHbo1kTi7y9-ad2O96rw.roa
Signing time:             Tue 27 Sep 2022 18:54:48 +0000
ROA not before:           Tue 27 Sep 2022 18:54:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202796
IP address blocks:        185.134.56.0/22 maxlen: 22
                          185.18.236.0/22 maxlen: 22
                          2a05:1e80::/29 maxlen: 29
                          2a03:fb40::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:80:4d:3a:99:75:f7:9d:22:8b:13:de:5f:96:94:1b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96329aae02b366ed1a01b52ac33abe760593a806
        Validity
            Not Before: Sep 27 18:54:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1cc4a3f079001dba359138bbcbdf9a7763bdeabc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e5:fd:12:bd:bc:b9:3c:d3:74:4e:a1:c8:92:
                    4e:ee:99:ac:ce:24:5d:58:8d:c5:a6:30:d1:57:2c:
                    82:be:c3:ef:fa:27:dd:b1:4e:02:dd:a2:93:eb:25:
                    6b:3f:8a:3d:78:12:ca:f7:90:10:be:f6:64:6e:58:
                    29:87:82:bb:8d:1a:a3:79:d1:90:cc:aa:8a:c3:56:
                    a4:3d:e5:aa:fa:75:d6:6d:c0:7c:2a:8b:d4:5f:53:
                    bd:5e:bd:79:1c:97:6e:77:da:4e:e3:0e:06:1f:0e:
                    ba:56:22:40:cd:7a:13:6f:41:ed:b4:d6:ab:7a:a1:
                    39:69:36:1b:d7:b0:99:ad:30:d0:12:91:da:eb:f0:
                    de:a3:d5:e5:ed:97:c6:21:92:ef:f9:71:59:e4:30:
                    7e:4f:e8:cd:0a:b1:a4:33:50:8d:02:de:17:95:bf:
                    6f:74:66:3d:ef:32:72:40:6f:3e:1f:3d:09:f8:5b:
                    63:2d:7d:28:23:c8:7f:15:9d:3a:5e:f5:dd:12:ab:
                    73:16:76:3c:59:06:a5:05:8a:c8:48:ca:f8:b0:f9:
                    20:ed:47:71:d1:ae:c8:26:26:ca:b8:1e:84:dd:f1:
                    82:fb:9f:56:5b:60:f9:9d:30:99:63:75:6b:79:18:
                    73:24:bb:3d:7a:1f:0c:5d:08:1a:af:f7:35:3c:20:
                    fe:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C4:A3:F0:79:00:1D:BA:35:91:38:BB:CB:DF:9A:77:63:BD:EA:BC
            X509v3 Authority Key Identifier:
                keyid:96:32:9A:AE:02:B3:66:ED:1A:01:B5:2A:C3:3A:BE:76:05:93:A8:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljKargKzZu0aAbUqwzq-dgWTqAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/HMSj8HkAHbo1kTi7y9-ad2O96rw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/14bca5-9046-4876-8283-ae93def510c2/1/ljKargKzZu0aAbUqwzq-dgWTqAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.236.0/22
                  185.134.56.0/22
                IPv6:
                  2a03:fb40::/29
                  2a05:1e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         33:95:68:0c:20:a9:a1:90:a0:68:88:30:dd:26:44:85:0c:ed:
         8e:9c:56:26:c3:2a:8f:de:37:eb:f6:bb:1d:f5:68:f8:8b:d2:
         1c:f2:89:81:fd:36:1c:37:c6:e4:cf:97:d3:38:5f:92:37:f7:
         6b:1d:ca:cb:56:3f:0d:b3:24:49:7b:11:49:d9:79:80:d1:43:
         6e:15:3d:66:87:6e:2b:f7:d1:02:d0:53:88:a0:34:de:ba:9e:
         94:ef:ad:c5:ba:c5:47:25:b5:ed:14:a3:0a:f9:d2:67:6a:12:
         7d:f7:63:93:15:5c:9d:e0:6b:72:47:b1:9f:d9:72:80:fc:b8:
         37:57:35:16:bd:1b:7d:d7:58:9c:ed:63:4e:73:43:28:c5:71:
         cd:43:b0:36:e3:87:eb:85:ca:13:53:06:62:42:0b:95:f6:d9:
         36:36:6d:e8:46:7b:9a:2f:0f:ad:4c:5f:7c:c7:ae:58:04:82:
         a2:78:41:f8:cb:78:9f:d8:c4:c0:b0:3a:b0:a2:12:72:f5:2b:
         1b:d8:9f:22:1a:78:96:3d:92:67:92:5f:15:88:90:df:58:84:
         e6:43:ae:9a:8a:92:14:d7:a8:c5:4b:9d:a6:72:a2:8c:56:3e:
         85:d5:90:b4:9f:83:0e:d9:60:36:f3:76:d2:9f:ad:24:8e:d0:
         10:48:d9:d5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYOATTqZdfedIosT3l+WlBucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzI5YWFlMDJiMzY2ZWQxYTAxYjUyYWMzM2FiZTc2MDU5
M2E4MDYwHhcNMjIwOTI3MTg1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M0YTNmMDc5MDAxZGJhMzU5MTM4YmJjYmRmOWE3NzYzYmRlYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruX9Er28uTzTdE6hyJJO7pmsziRd
WI3FpjDRVyyCvsPv+ifdsU4C3aKT6yVrP4o9eBLK95AQvvZkblgph4K7jRqjedGQ
zKqKw1akPeWq+nXWbcB8KovUX1O9Xr15HJdud9pO4w4GHw66ViJAzXoTb0HttNar
eqE5aTYb17CZrTDQEpHa6/Deo9Xl7ZfGIZLv+XFZ5DB+T+jNCrGkM1CNAt4Xlb9v
dGY97zJyQG8+Hz0J+FtjLX0oI8h/FZ06XvXdEqtzFnY8WQalBYrISMr4sPkg7Udx
0a7IJibKuB6E3fGC+59WW2D5nTCZY3VreRhzJLs9eh8MXQgar/c1PCD+swIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBzEo/B5AB26NZE4u8vfmndjveq8MB8GA1UdIwQY
MBaAFJYymq4Cs2btGgG1KsM6vnYFk6gGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpLYXJnS3padTBhQWJVcXd6cS1kZ1dUcUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xNGJjYTUtOTA0Ni00ODc2LTgyODMt
YWU5M2RlZjUxMGMyLzEvSE1TajhIa0FIYm8xa1RpN3k5LWFkMk85NnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xNGJjYTUtOTA0Ni00ODc2LTgyODMtYWU5M2RlZjUxMGMy
LzEvbGpLYXJnS3padTBhQWJVcXd6cS1kZ1dUcUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRLsAwQC
uYY4MBQEAgACMA4DBQMqA/tAAwUDKgUegDANBgkqhkiG9w0BAQsFAAOCAQEAM5Vo
DCCpoZCgaIgw3SZEhQztjpxWJsMqj9436/a7HfVo+IvSHPKJgf02HDfG5M+X0zhf
kjf3ax3Ky1Y/DbMkSXsRSdl5gNFDbhU9ZoduK/fRAtBTiKA03rqelO+txbrFRyW1
7RSjCvnSZ2oSffdjkxVcneBrckexn9lygPy4N1c1Fr0bfddYnO1jTnNDKMVxzUOw
NuOH64XKE1MGYkILlfbZNjZt6EZ7mi8PrUxffMeuWASConhB+Mt4n9jEwLA6sKIS
cvUrG9ifIhp4lj2SZ5JfFYiQ31iE5kOumoqSFNeoxUudpnKijFY+hdWQtJ+DDtlg
NvN20p+tJI7QEEjZ1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:26 2024 by rpki-client on console-ams.rpki-client.org