Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/7hubEpXOlG7bFQ84C2EkHVyb-lE.roa
File:                     7hubEpXOlG7bFQ84C2EkHVyb-lE.roa (raw, json)
Hash identifier:          vve/3ftobCSAsYlsnVO6v2TGiV70rG+D2we7Qlaosf4=
Subject key identifier:   EE:1B:9B:12:95:CE:94:6E:DB:15:0F:38:0B:61:24:1D:5C:9B:FA:51
Certificate issuer:       /CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Certificate serial:       0184BEC965D7C40DD6ECDAA043116EDD5F4D
Authority key identifier: 5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/7hubEpXOlG7bFQ84C2EkHVyb-lE.roa
Signing time:             Mon 28 Nov 2022 15:09:40 +0000
ROA not before:           Mon 28 Nov 2022 15:09:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        185.173.8.0/22 maxlen: 24
                          5.133.40.0/21 maxlen: 24
                          2a04:ed00::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:be:c9:65:d7:c4:0d:d6:ec:da:a0:43:11:6e:dd:5f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
        Validity
            Not Before: Nov 28 15:09:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ee1b9b1295ce946edb150f380b61241d5c9bfa51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3a:99:70:df:a4:09:1a:8c:a4:35:c3:75:62:
                    46:de:a4:43:1c:d1:a9:0a:17:db:e5:14:ed:d8:4e:
                    a5:a2:f0:78:50:97:d3:e4:32:3c:8f:2a:7d:75:24:
                    e6:ac:75:1f:5e:9a:14:69:85:48:21:19:b7:1b:1b:
                    31:aa:64:14:32:e2:52:d6:eb:97:55:e2:5b:10:5c:
                    80:b4:21:f9:e0:4f:1b:1f:b0:1f:71:58:a1:21:12:
                    d2:c3:c7:2c:b3:b2:64:92:dd:18:2d:af:e4:4a:6d:
                    2e:ae:bc:a1:ef:54:9c:e8:7b:ec:23:fd:8f:48:e2:
                    6e:cb:52:ef:bf:13:0d:7f:f4:3d:90:9a:2b:e1:5c:
                    d3:a2:5d:1a:fe:39:f8:ab:36:cc:fb:7f:01:25:f0:
                    8a:14:9e:bd:c0:47:fe:08:71:35:98:b1:02:e0:68:
                    e7:21:4e:f3:bb:12:c6:11:2f:ad:2f:10:67:47:6e:
                    cc:59:87:ad:65:7b:a9:36:f2:6c:91:b7:38:58:64:
                    96:90:f9:31:c0:1a:97:d4:b5:7a:0d:1d:a8:f4:da:
                    b7:f5:b2:9c:ef:37:04:72:8a:8c:32:4f:0e:85:2c:
                    ab:05:f0:a4:88:09:f7:b1:d2:0f:e9:25:62:27:1d:
                    99:41:72:9d:e7:d6:05:71:a4:63:c5:36:09:b6:dc:
                    00:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:1B:9B:12:95:CE:94:6E:DB:15:0F:38:0B:61:24:1D:5C:9B:FA:51
            X509v3 Authority Key Identifier:
                keyid:5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/7hubEpXOlG7bFQ84C2EkHVyb-lE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.40.0/21
                  185.173.8.0/22
                IPv6:
                  2a04:ed00::/29

    Signature Algorithm: sha256WithRSAEncryption
         7a:2b:6a:5f:33:78:bc:a3:9b:af:60:b3:26:f4:44:8b:eb:56:
         8f:fd:bd:c1:0e:43:48:15:54:32:aa:c1:9d:5e:4b:cc:92:d0:
         4d:01:bc:05:7b:ef:f4:69:b0:71:8c:be:75:5d:4f:17:26:42:
         ae:96:6a:5c:61:a7:43:48:97:98:ba:1c:5e:a4:fa:56:7f:74:
         fd:d5:17:44:44:2c:89:b5:f0:1a:66:c6:6f:4e:df:fb:34:b8:
         ab:36:24:07:40:61:71:10:88:47:75:05:f2:2e:ce:51:64:1b:
         e1:e6:d0:a1:06:26:f7:03:b2:46:6d:b4:b4:21:29:f3:f6:dc:
         de:a1:bb:10:62:de:91:da:a5:a0:cd:68:d8:53:f7:00:f2:b8:
         62:15:80:48:2f:12:e4:b8:89:2b:6a:18:ae:92:2e:fe:ff:62:
         94:aa:37:0d:14:31:f5:fb:d3:ea:1b:63:4c:37:5e:fb:90:3d:
         8a:a0:80:d0:42:5e:67:a3:59:09:9b:46:93:59:37:a0:3d:3d:
         81:7d:95:c7:21:1c:8b:1b:93:bd:32:34:29:6c:cd:44:64:04:
         56:b8:9b:e2:24:d4:ce:42:d1:6b:33:97:90:78:05:82:39:1d:
         a9:a8:17:e2:b7:e3:05:a8:68:66:e9:8f:60:e3:9f:fd:fc:b2:
         50:e4:81:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS+yWXXxA3W7NqgQxFu3V9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdjOGY4ZDllZTVlMmNlNzA0M2UxZWMyNmJiMTY5M2Y3
ZjEyMWYwHhcNMjIxMTI4MTUwOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTFiOWIxMjk1Y2U5NDZlZGIxNTBmMzgwYjYxMjQxZDVjOWJmYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDqZcN+kCRqMpDXDdWJG3qRDHNGp
Chfb5RTt2E6lovB4UJfT5DI8jyp9dSTmrHUfXpoUaYVIIRm3GxsxqmQUMuJS1uuX
VeJbEFyAtCH54E8bH7AfcVihIRLSw8css7Jkkt0YLa/kSm0urryh71Sc6HvsI/2P
SOJuy1LvvxMNf/Q9kJor4VzTol0a/jn4qzbM+38BJfCKFJ69wEf+CHE1mLEC4Gjn
IU7zuxLGES+tLxBnR27MWYetZXupNvJskbc4WGSWkPkxwBqX1LV6DR2o9Nq39bKc
7zcEcoqMMk8OhSyrBfCkiAn3sdIP6SViJx2ZQXKd59YFcaRjxTYJttwAgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO4bmxKVzpRu2xUPOAthJB1cm/pRMB8GA1UdIwQY
MBaAFFxXyPjZ7l4s5wQ+HsJrsWk/fxIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQt
MWY2YjJkMTRmNGY5LzEvN2h1YkVwWE9sRzdiRlE4NEMyRWtIVnliLWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQtMWY2YjJkMTRmNGY5
LzEvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBYUoAwQC
ua0IMA0EAgACMAcDBQMqBO0AMA0GCSqGSIb3DQEBCwUAA4IBAQB6K2pfM3i8o5uv
YLMm9ESL61aP/b3BDkNIFVQyqsGdXkvMktBNAbwFe+/0abBxjL51XU8XJkKulmpc
YadDSJeYuhxepPpWf3T91RdERCyJtfAaZsZvTt/7NLirNiQHQGFxEIhHdQXyLs5R
ZBvh5tChBib3A7JGbbS0ISnz9tzeobsQYt6R2qWgzWjYU/cA8rhiFYBILxLkuIkr
ahiuki7+/2KUqjcNFDH1+9PqG2NMN177kD2KoIDQQl5no1kJm0aTWTegPT2BfZXH
IRyLG5O9MjQpbM1EZARWuJviJNTOQtFrM5eQeAWCOR2pqBfit+MFqGhm6Y9g45/9
/LJQ5IG1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org