Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/HkHNmdR9Ax_ln5GHSInUPOpbRYM.roa
File:                     HkHNmdR9Ax_ln5GHSInUPOpbRYM.roa (raw, json)
Hash identifier:          g9nncqWTviF0xhCZzgvFwTdNtmONbtpzUjrrZ8rUBW0=
Subject key identifier:   1E:41:CD:99:D4:7D:03:1F:E5:9F:91:87:48:89:D4:3C:EA:5B:45:83
Certificate issuer:       /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial:       02022F
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/HkHNmdR9Ax_ln5GHSInUPOpbRYM.roa
Signing time:             Sun 06 Mar 2022 18:10:17 +0000
ROA not before:           Sun 06 Mar 2022 18:10:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21430
IP address blocks:        185.33.136.0/22 maxlen: 22
                          80.250.0.0/19 maxlen: 19
                          31.7.240.0/21 maxlen: 21
                          2a01:6400::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131631 (0x2022f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
        Validity
            Not Before: Mar  6 18:10:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e41cd99d47d031fe59f91874889d43cea5b4583
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6c:ff:b6:51:0e:68:a3:0c:75:70:45:fa:9f:
                    e5:c6:79:8e:b1:bc:cd:b9:55:cb:5e:68:65:3b:a5:
                    d8:09:82:cc:7b:45:c3:47:72:de:8c:5f:20:c6:8f:
                    f3:d5:e9:a7:0d:37:46:90:f8:b1:07:44:8d:06:db:
                    29:96:49:17:7d:50:46:4a:f8:bf:d1:dd:35:03:d0:
                    e1:72:03:1e:7d:6b:3b:20:f2:ee:4f:b8:4f:01:a5:
                    4f:72:0a:50:63:b3:5f:76:07:f6:47:cb:d2:1c:8d:
                    6e:6d:21:06:67:4e:d4:19:34:82:d1:86:89:6a:3d:
                    6b:6e:b2:41:c9:fb:85:63:e2:c4:0e:53:09:27:42:
                    de:0e:57:28:ae:35:4c:cf:2e:54:f0:f1:5c:13:51:
                    bb:7f:54:90:61:39:04:b4:7f:d9:b2:3b:bb:d8:8c:
                    7c:01:dd:b5:eb:c5:bb:be:e9:a6:eb:e7:d8:59:5a:
                    05:48:84:1f:b1:92:9f:b6:96:3c:fd:6b:77:52:61:
                    06:be:68:57:3e:d4:4c:15:76:0e:83:20:ae:1b:58:
                    42:4f:a9:e0:3c:6e:fc:f0:6f:ef:e6:84:9a:6d:26:
                    9f:4b:b8:86:ff:36:28:b9:af:d0:1c:e9:57:a9:88:
                    03:f8:5b:9c:67:3c:85:65:7d:7b:fb:d0:9f:81:f5:
                    44:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:41:CD:99:D4:7D:03:1F:E5:9F:91:87:48:89:D4:3C:EA:5B:45:83
            X509v3 Authority Key Identifier:
                keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/HkHNmdR9Ax_ln5GHSInUPOpbRYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.240.0/21
                  80.250.0.0/19
                  185.33.136.0/22
                IPv6:
                  2a01:6400::/32

    Signature Algorithm: sha256WithRSAEncryption
         0b:26:61:1c:2d:bd:e5:4d:91:29:2a:1a:3d:fe:74:6c:d7:17:
         76:87:c5:7d:76:b2:6d:23:e1:d7:75:16:1b:d8:73:82:56:42:
         c4:57:f3:e9:3e:88:5e:1a:ac:e9:92:ee:c2:fd:2f:3a:1c:33:
         e1:ce:64:39:af:ad:87:51:78:40:5d:b7:ab:b6:c3:4a:04:5d:
         d3:ab:00:37:f1:0a:81:06:8f:cc:f7:9c:9f:64:47:89:b9:92:
         d6:7f:44:06:b4:e5:aa:ee:a5:a0:3a:a0:c8:da:5d:96:39:6d:
         e3:1d:1c:21:c3:6b:7e:7c:37:a3:f2:cc:88:88:4f:9e:f0:e8:
         b5:ac:3a:2f:fb:eb:b1:ae:e3:9e:af:65:71:cd:3a:c2:7c:74:
         6a:f7:1c:0a:d8:be:cb:fa:0a:b3:b3:ea:8c:60:9c:f3:8f:ff:
         ec:0a:b8:31:ac:f2:34:68:10:38:fe:ee:5d:7f:d5:28:f3:dc:
         06:40:ab:ce:f7:5f:9a:28:21:12:c3:d8:6b:3b:b8:a4:19:e6:
         30:78:2b:fc:c9:f0:3c:b3:ce:6b:34:43:ba:cf:e8:28:83:1c:
         95:65:22:23:dd:f9:30:78:a8:b4:e6:b1:b7:75:44:96:0c:1b:
         50:4b:70:17:5e:e7:1e:5f:d9:b3:73:c0:c1:41:06:50:dd:e9:
         ea:91:35:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDAgIvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgx
ODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNlYjhmZmQwHhcNMjIwMzA2
MTgxMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZTQxY2Q5OWQ0N2Qw
MzFmZTU5ZjkxODc0ODg5ZDQzY2VhNWI0NTgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwmz/tlEOaKMMdXBF+p/lxnmOsbzNuVXLXmhlO6XYCYLMe0XD
R3LejF8gxo/z1emnDTdGkPixB0SNBtsplkkXfVBGSvi/0d01A9DhcgMefWs7IPLu
T7hPAaVPcgpQY7Nfdgf2R8vSHI1ubSEGZ07UGTSC0YaJaj1rbrJByfuFY+LEDlMJ
J0LeDlcorjVMzy5U8PFcE1G7f1SQYTkEtH/Zsju72Ix8Ad2168W7vumm6+fYWVoF
SIQfsZKftpY8/Wt3UmEGvmhXPtRMFXYOgyCuG1hCT6ngPG788G/v5oSabSafS7iG
/zYoua/QHOlXqYgD+FucZzyFZX17+9CfgfVEowIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFB5BzZnUfQMf5Z+Rh0iJ1DzqW0WDMB8GA1UdIwQYMBaAFIGBI4W4LdoP1IJq
u3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Z1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4LzEv
SGtITm1kUjlBeF9sbjVHSFNJblVQT3BiUllNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8w
MDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4LzEvZ1lFamhiZ3QyZ19V
Z21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHwfwAwQFUPoAAwQCuSGIMA0EAgAC
MAcDBQAqAWQAMA0GCSqGSIb3DQEBCwUAA4IBAQALJmEcLb3lTZEpKho9/nRs1xd2
h8V9drJtI+HXdRYb2HOCVkLEV/PpPoheGqzpku7C/S86HDPhzmQ5r62HUXhAXber
tsNKBF3TqwA38QqBBo/M95yfZEeJuZLWf0QGtOWq7qWgOqDI2l2WOW3jHRwhw2t+
fDej8syIiE+e8Oi1rDov++uxruOer2VxzTrCfHRq9xwK2L7L+gqzs+qMYJzzj//s
CrgxrPI0aBA4/u5df9Uo89wGQKvO91+aKCESw9hrO7ikGeYweCv8yfA8s85rNEO6
z+gogxyVZSIj3fkweKi05rG3dUSWDBtQS3AXXuceX9mzc8DBQQZQ3enqkTUv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org