Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/HsEwmthvrbFSoeOkagTGN-EC-bc.roa
File:                     HsEwmthvrbFSoeOkagTGN-EC-bc.roa (raw, json)
Hash identifier:          UYaRHOjExwWpeEUOYxUepynDkQMpQxoHSjpXi40VW1A=
Subject key identifier:   1E:C1:30:9A:D8:6F:AD:B1:52:A1:E3:A4:6A:04:C6:37:E1:02:F9:B7
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       0182255ACD7A391FED75068621EC70AB6541
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/HsEwmthvrbFSoeOkagTGN-EC-bc.roa
Signing time:             Fri 22 Jul 2022 10:01:24 +0000
ROA not before:           Fri 22 Jul 2022 10:01:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204950
IP address blocks:        80.72.78.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:5a:cd:7a:39:1f:ed:75:06:86:21:ec:70:ab:65:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jul 22 10:01:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ec1309ad86fadb152a1e3a46a04c637e102f9b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:79:a9:3f:f0:62:86:53:14:4c:9e:6d:35:fe:
                    8d:a2:5f:9b:84:17:33:64:4f:6a:5a:ca:12:19:76:
                    c4:63:56:71:95:ac:20:aa:de:c1:65:b2:ea:01:fe:
                    b0:00:2f:2a:bf:f2:f9:40:53:3a:d7:4a:f0:40:f3:
                    1d:5f:28:b1:d1:89:46:ad:e3:1b:50:7b:a1:9b:f3:
                    a4:1a:e1:f3:b3:61:74:d9:d1:af:40:8e:7e:6f:5e:
                    61:b3:74:08:4b:df:f2:63:1c:31:c9:ce:7d:d2:f9:
                    64:bb:31:41:ae:41:bf:6f:15:bb:53:24:cd:69:4b:
                    13:bb:1d:e5:fd:e3:bb:6d:7f:36:b5:1c:2a:6e:c1:
                    82:7e:4f:bc:05:9f:d8:8e:ca:27:58:11:87:5b:c0:
                    85:71:89:46:14:38:24:e9:c6:89:2b:6c:9b:4c:c9:
                    b1:76:72:74:18:e6:51:9c:2a:90:d1:88:bb:b7:13:
                    e0:dc:9e:3a:81:ae:63:0b:72:81:7b:cb:12:60:9c:
                    fc:81:4f:a3:33:d8:a7:e9:88:a1:c7:ad:9f:f4:ac:
                    0f:c5:5e:67:87:64:e0:a8:f1:83:3c:27:63:11:b7:
                    48:3e:0f:22:4b:fa:e9:16:fe:0d:e8:a4:be:b0:cc:
                    ee:c7:7f:fc:d5:a9:d8:3b:b0:f1:fc:9a:e3:54:57:
                    68:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C1:30:9A:D8:6F:AD:B1:52:A1:E3:A4:6A:04:C6:37:E1:02:F9:B7
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/HsEwmthvrbFSoeOkagTGN-EC-bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.72.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:02:01:a8:6d:72:7f:35:14:34:7d:99:57:5f:c4:7c:25:bc:
         27:bf:82:0c:d4:66:31:f0:3e:12:79:61:6f:d2:d1:6d:0b:f4:
         14:2d:67:2e:8e:95:19:5e:61:41:76:01:c9:c6:23:1b:22:b7:
         b4:f3:97:cb:72:ce:ae:71:0e:88:f4:21:21:f7:2d:85:ce:55:
         11:25:93:7b:64:bf:07:bf:1a:36:18:71:99:7e:8f:8f:f6:66:
         3c:ac:15:d8:9c:ea:cb:d6:f8:24:74:96:c0:3b:0d:8a:04:fd:
         d2:65:7b:43:57:45:87:d6:ae:ab:1d:75:7e:a0:d6:b0:7d:46:
         3f:be:e7:7d:8e:b8:3d:64:dc:f2:77:50:6d:2b:12:61:81:92:
         0f:c4:15:b1:eb:b1:69:e8:8b:09:ee:5b:ac:5a:dd:c4:30:bd:
         69:67:d3:d7:b3:c2:a9:1f:31:dc:81:3d:39:c0:e8:b6:15:d4:
         fa:59:aa:39:29:27:66:42:62:29:fb:e5:b6:a3:5d:66:7a:90:
         fd:09:2a:a3:f0:9a:39:ed:e1:2b:7e:a1:e4:0f:fd:e4:96:35:
         21:8a:6d:73:ce:70:69:59:94:d4:2b:f8:0c:43:17:f3:fd:ef:
         ef:4b:56:92:12:cc:2d:3e:82:e0:c2:fc:62:fb:cc:95:aa:f0:
         87:3c:8e:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlWs16OR/tdQaGIexwq2VBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjIwNzIyMTAwMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWMxMzA5YWQ4NmZhZGIxNTJhMWUzYTQ2YTA0YzYzN2UxMDJmOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3mpP/BihlMUTJ5tNf6Nol+bhBcz
ZE9qWsoSGXbEY1Zxlawgqt7BZbLqAf6wAC8qv/L5QFM610rwQPMdXyix0YlGreMb
UHuhm/OkGuHzs2F02dGvQI5+b15hs3QIS9/yYxwxyc590vlkuzFBrkG/bxW7UyTN
aUsTux3l/eO7bX82tRwqbsGCfk+8BZ/YjsonWBGHW8CFcYlGFDgk6caJK2ybTMmx
dnJ0GOZRnCqQ0Yi7txPg3J46ga5jC3KBe8sSYJz8gU+jM9in6Yihx62f9KwPxV5n
h2TgqPGDPCdjEbdIPg8iS/rpFv4N6KS+sMzux3/81anYO7Dx/JrjVFdo8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7BMJrYb62xUqHjpGoExjfhAvm3MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvSHNFd210aHZyYkZTb2VPa2FnVEdOLUVDLWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEhOMA0G
CSqGSIb3DQEBCwUAA4IBAQBJAgGobXJ/NRQ0fZlXX8R8Jbwnv4IM1GYx8D4SeWFv
0tFtC/QULWcujpUZXmFBdgHJxiMbIre085fLcs6ucQ6I9CEh9y2FzlURJZN7ZL8H
vxo2GHGZfo+P9mY8rBXYnOrL1vgkdJbAOw2KBP3SZXtDV0WH1q6rHXV+oNawfUY/
vud9jrg9ZNzyd1BtKxJhgZIPxBWx67Fp6IsJ7lusWt3EML1pZ9PXs8KpHzHcgT05
wOi2FdT6Wao5KSdmQmIp++W2o11mepD9CSqj8Jo57eErfqHkD/3kljUhim1zznBp
WZTUK/gMQxfz/e/vS1aSEswtPoLgwvxi+8yVqvCHPI6j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org