Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/hyEV1N2GlzWCHQyz0aVQpbP95as.roa
File:                     hyEV1N2GlzWCHQyz0aVQpbP95as.roa (raw, json)
Hash identifier:          mutMVtmICMjF5RHn1yqSNgZNcPrPdsu3mWzrmSuojDU=
Subject key identifier:   87:21:15:D4:DD:86:97:35:82:1D:0C:B3:D1:A5:50:A5:B3:FD:E5:AB
Certificate issuer:       /CN=e87cc680c85983e7bf74498d0e6be800f86451c3
Certificate serial:       0231EFE4
Authority key identifier: E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/hyEV1N2GlzWCHQyz0aVQpbP95as.roa
Signing time:             Sat 01 Jan 2022 03:58:02 +0000
ROA not before:           Sat 01 Jan 2022 03:58:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43915
IP address blocks:        31.210.27.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36827108 (0x231efe4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e87cc680c85983e7bf74498d0e6be800f86451c3
        Validity
            Not Before: Jan  1 03:58:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=872115d4dd869735821d0cb3d1a550a5b3fde5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7b:9b:70:a1:fa:09:b8:73:f2:95:6a:54:0a:
                    11:e1:a1:15:55:cb:7f:38:4c:0a:1a:ef:ca:c9:35:
                    37:41:e7:3c:8c:03:f6:c8:ac:6d:88:b7:a1:33:8c:
                    ed:e2:9f:fc:76:5d:9b:66:e2:bc:b4:b7:b8:eb:91:
                    92:b1:84:7d:4d:b0:ec:83:8a:08:7f:90:e5:27:77:
                    a9:a3:e7:35:67:41:bb:c2:c3:0f:1a:6f:83:f1:bb:
                    df:55:69:ce:c8:76:9d:73:1a:90:3c:fd:be:e2:45:
                    f6:f0:72:96:12:67:61:3c:81:cf:47:67:07:58:97:
                    08:07:16:73:33:9a:e1:b4:09:85:d7:1d:6d:a3:41:
                    8c:15:7a:42:1d:ba:b5:79:84:14:aa:1b:ec:6b:82:
                    10:bd:72:6b:da:e9:73:6c:26:6f:ff:3d:f1:4a:b2:
                    8a:bb:96:c4:90:65:c3:46:6e:4a:b6:47:d3:2a:37:
                    d6:92:31:24:c2:cd:41:b9:89:cd:c6:00:7f:3e:20:
                    96:3d:82:f9:aa:25:b1:50:84:9b:1e:20:36:52:87:
                    68:00:9f:12:84:67:1c:58:ed:fe:15:a8:39:ac:a1:
                    ec:4e:0c:75:6a:87:c4:47:3c:5f:2a:67:fa:78:10:
                    5d:75:cd:bb:bb:d0:6d:cc:ea:4f:66:f7:58:25:2c:
                    b7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:21:15:D4:DD:86:97:35:82:1D:0C:B3:D1:A5:50:A5:B3:FD:E5:AB
            X509v3 Authority Key Identifier:
                keyid:E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/hyEV1N2GlzWCHQyz0aVQpbP95as.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/6HzGgMhZg-e_dEmNDmvoAPhkUcM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:8c:fa:53:75:83:40:11:a1:f2:0e:e9:d4:8d:86:2e:06:2d:
         2f:b9:a6:ed:4a:de:e3:ee:03:0a:4e:a1:a4:c9:e3:cd:c3:e4:
         3e:9f:77:fc:a2:73:cd:e7:79:9f:61:cb:1d:56:55:8c:08:46:
         0c:98:f0:9a:83:c6:74:b5:3e:4b:86:d3:68:36:47:d0:06:55:
         79:45:a5:49:d8:86:f8:70:b1:a2:c0:dc:59:63:51:f8:4f:fc:
         96:3b:ec:5a:4b:68:f6:bb:4a:f1:e5:81:b1:b4:b5:07:59:b5:
         c2:fe:d6:34:49:5d:32:53:4e:5f:1b:85:ed:11:3c:5f:56:c7:
         9d:1a:a8:52:a0:7e:a0:42:c4:5b:47:11:9b:42:8f:cf:71:00:
         ba:77:b3:89:c6:a8:1f:1a:b9:bf:bd:59:82:8c:2f:bc:96:b2:
         c2:5e:5e:e4:f4:98:10:08:2a:e0:37:6a:82:6b:46:45:c6:ee:
         8e:38:11:c1:b0:30:d8:a1:2d:b4:09:d1:95:91:7d:0f:71:90:
         aa:63:10:7d:db:b6:c6:66:14:a1:80:ac:77:c3:01:33:98:1c:
         e4:7f:11:0c:14:9f:d9:8b:09:91:d2:67:ac:9f:2d:41:5a:67:
         35:46:84:e9:cc:93:b8:2e:c2:ff:bc:2f:b8:94:b2:34:c0:42:
         19:74:cd:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAjHv5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODdjYzY4MGM4NTk4M2U3YmY3NDQ5OGQwZTZiZTgwMGY4NjQ1MWMzMB4XDTIyMDEw
MTAzNTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcyMTE1ZDRkZDg2
OTczNTgyMWQwY2IzZDFhNTUwYTViM2ZkZTVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMN7m3Ch+gm4c/KValQKEeGhFVXLfzhMChrvysk1N0HnPIwD
9sisbYi3oTOM7eKf/HZdm2bivLS3uOuRkrGEfU2w7IOKCH+Q5Sd3qaPnNWdBu8LD
Dxpvg/G731Vpzsh2nXMakDz9vuJF9vBylhJnYTyBz0dnB1iXCAcWczOa4bQJhdcd
baNBjBV6Qh26tXmEFKob7GuCEL1ya9rpc2wmb/898UqyiruWxJBlw0ZuSrZH0yo3
1pIxJMLNQbmJzcYAfz4glj2C+aolsVCEmx4gNlKHaACfEoRnHFjt/hWoOayh7E4M
dWqHxEc8Xypn+ngQXXXNu7vQbczqT2b3WCUst5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHIRXU3YaXNYIdDLPRpVCls/3lqzAfBgNVHSMEGDAWgBTofMaAyFmD5790
SY0Oa+gA+GRRwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZIekdnTWhaZy1lX2RFbU5EbXZvQVBoa1VjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvMjlhZjU5LTBiN2ItNGQ4MC04ZjlmLTE0ZDAyZTMwZDIyNy8x
L2h5RVYxTjJHbHpXQ0hReXowYVZRcGJQOTVhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
MjlhZjU5LTBiN2ItNGQ4MC04ZjlmLTE0ZDAyZTMwZDIyNy8xLzZIekdnTWhaZy1l
X2RFbU5EbXZvQVBoa1VjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/SGzANBgkqhkiG9w0BAQsFAAOC
AQEAcIz6U3WDQBGh8g7p1I2GLgYtL7mm7Ure4+4DCk6hpMnjzcPkPp93/KJzzed5
n2HLHVZVjAhGDJjwmoPGdLU+S4bTaDZH0AZVeUWlSdiG+HCxosDcWWNR+E/8ljvs
Wkto9rtK8eWBsbS1B1m1wv7WNEldMlNOXxuF7RE8X1bHnRqoUqB+oELEW0cRm0KP
z3EAunezicaoHxq5v71ZgowvvJaywl5e5PSYEAgq4DdqgmtGRcbujjgRwbAw2KEt
tAnRlZF9D3GQqmMQfdu2xmYUoYCsd8MBM5gc5H8RDBSf2YsJkdJnrJ8tQVpnNUaE
6cyTuC7C/7wvuJSyNMBCGXTNeA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:39 2024 by rpki-client on console-fra.rpki-client.org