Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HCM5Ly1_Ht6NV2c6opXe9iYDS1M.roa
File:                     HCM5Ly1_Ht6NV2c6opXe9iYDS1M.roa (raw, json)
Hash identifier:          gqPdJpN/QeI/SHxlfSONf+3ezFR7nEHD1A48sAf1zXg=
Subject key identifier:   1C:23:39:2F:2D:7F:1E:DE:8D:57:67:3A:A2:95:DE:F6:26:03:4B:53
Certificate issuer:       /CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
Certificate serial:       0183228D8B1CE902DF738F601041D8AE13C1
Authority key identifier: 1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HCM5Ly1_Ht6NV2c6opXe9iYDS1M.roa
Signing time:             Fri 09 Sep 2022 14:00:45 +0000
ROA not before:           Fri 09 Sep 2022 14:00:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33387
IP address blocks:        91.207.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:22:8d:8b:1c:e9:02:df:73:8f:60:10:41:d8:ae:13:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c5196ded5ba5d686e7095c6d5c638c6b8f8bada
        Validity
            Not Before: Sep  9 14:00:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c23392f2d7f1ede8d57673aa295def626034b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:60:24:fe:98:9a:6d:33:42:55:46:33:d7:b3:
                    02:3d:e0:0e:76:97:e6:74:b6:fb:82:78:89:ee:95:
                    f0:95:c6:9e:e8:d9:e3:03:3a:22:6e:aa:b0:f6:87:
                    27:8b:36:63:d1:8a:d3:32:c8:e2:b0:ac:cf:c5:67:
                    e3:60:08:7a:2e:4c:bc:83:74:02:69:6d:72:6d:ed:
                    34:d5:72:57:3a:fc:ff:56:fa:9c:60:07:db:a4:77:
                    d5:41:01:c4:d3:77:06:24:c2:4e:d6:fe:9c:55:90:
                    20:8f:22:c0:28:36:43:f9:ee:90:d7:b9:91:7a:ef:
                    be:63:77:6e:4b:a6:47:12:05:fd:fa:9f:3c:c0:bb:
                    9b:42:25:45:ad:c5:49:3f:e3:a4:54:6c:c8:b3:21:
                    4c:5a:26:d8:16:c2:d0:a5:f2:61:24:26:16:7a:6d:
                    df:6f:d4:a1:4e:cb:fb:28:00:58:e0:00:bd:0d:3c:
                    c2:a7:c9:47:09:1e:16:d9:31:24:d3:00:e2:b9:43:
                    7d:ea:15:ce:59:d2:44:ed:08:4e:58:2c:40:63:25:
                    a4:22:f0:6e:9b:f1:f9:2b:68:8a:ac:c5:ec:12:46:
                    2a:f0:70:0f:89:69:71:58:24:5a:7a:23:7f:51:31:
                    18:9d:2a:f2:2a:3f:a1:0f:18:1b:65:69:74:34:ca:
                    87:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:23:39:2F:2D:7F:1E:DE:8D:57:67:3A:A2:95:DE:F6:26:03:4B:53
            X509v3 Authority Key Identifier:
                keyid:1C:51:96:DE:D5:BA:5D:68:6E:70:95:C6:D5:C6:38:C6:B8:F8:BA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFGW3tW6XWhucJXG1cY4xrj4uto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HCM5Ly1_Ht6NV2c6opXe9iYDS1M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/159fa3-316e-4f5e-8b61-20bf275fd0e7/1/HFGW3tW6XWhucJXG1cY4xrj4uto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.207.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:34:86:1c:4f:13:c5:43:88:72:6a:03:42:81:1a:11:f6:62:
         67:32:d6:23:f9:58:70:e3:0d:b5:ab:bd:57:35:0d:16:90:58:
         9b:49:ce:5d:6a:4e:b6:d2:7f:a6:83:db:8d:79:a2:24:c4:bb:
         01:c4:48:2c:8d:42:95:72:a7:ea:4e:54:a3:4d:9c:2b:0d:0b:
         0e:cf:ce:1c:a1:6b:8a:f7:f7:c3:26:26:df:54:c6:25:0e:57:
         95:09:40:8c:77:96:88:43:6f:fd:4e:c3:8a:bd:45:2e:35:e7:
         c6:b4:b2:b0:32:29:bd:bb:92:d6:12:1d:8b:69:52:f9:e9:5a:
         0d:7e:5a:17:6b:10:4c:66:01:48:99:f1:1c:1d:6f:3e:81:70:
         47:ac:a1:83:fe:e8:cd:5c:f8:34:68:49:2c:a5:f0:69:97:97:
         07:c1:ff:95:bf:ae:62:e7:20:f5:76:01:d4:33:14:ad:98:5d:
         e9:8b:23:7e:aa:50:e7:30:66:5f:25:5c:42:54:2d:81:62:a7:
         3c:a0:a8:dd:a5:f7:1d:8f:f0:7d:8d:0c:2e:ec:f1:03:e6:12:
         e5:a0:a0:61:b7:ee:90:c0:89:e6:c2:37:f5:f7:d1:1a:33:e1:
         74:be:c6:7a:b0:22:92:22:f1:84:01:6a:66:14:ee:26:e0:21:
         ea:92:a9:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMijYsc6QLfc49gEEHYrhPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNTE5NmRlZDViYTVkNjg2ZTcwOTVjNmQ1YzYzOGM2Yjhm
OGJhZGEwHhcNMjIwOTA5MTQwMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIzMzkyZjJkN2YxZWRlOGQ1NzY3M2FhMjk1ZGVmNjI2MDM0YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWAk/piabTNCVUYz17MCPeAOdpfm
dLb7gniJ7pXwlcae6NnjAzoibqqw9ocnizZj0YrTMsjisKzPxWfjYAh6Lky8g3QC
aW1ybe001XJXOvz/VvqcYAfbpHfVQQHE03cGJMJO1v6cVZAgjyLAKDZD+e6Q17mR
eu++Y3duS6ZHEgX9+p88wLubQiVFrcVJP+OkVGzIsyFMWibYFsLQpfJhJCYWem3f
b9ShTsv7KABY4AC9DTzCp8lHCR4W2TEk0wDiuUN96hXOWdJE7QhOWCxAYyWkIvBu
m/H5K2iKrMXsEkYq8HAPiWlxWCRaeiN/UTEYnSryKj+hDxgbZWl0NMqHHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwjOS8tfx7ejVdnOqKV3vYmA0tTMB8GA1UdIwQY
MBaAFBxRlt7Vul1obnCVxtXGOMa4+LraMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEt
MjBiZjI3NWZkMGU3LzEvSENNNUx5MV9IdDZOVjJjNm9wWGU5aVlEUzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNTlmYTMtMzE2ZS00ZjVlLThiNjEtMjBiZjI3NWZkMGU3
LzEvSEZHVzN0VzZYV2h1Y0pYRzFjWTR4cmo0dXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW88AMA0G
CSqGSIb3DQEBCwUAA4IBAQBlNIYcTxPFQ4hyagNCgRoR9mJnMtYj+Vhw4w21q71X
NQ0WkFibSc5dak620n+mg9uNeaIkxLsBxEgsjUKVcqfqTlSjTZwrDQsOz84coWuK
9/fDJibfVMYlDleVCUCMd5aIQ2/9TsOKvUUuNefGtLKwMim9u5LWEh2LaVL56VoN
floXaxBMZgFImfEcHW8+gXBHrKGD/ujNXPg0aEkspfBpl5cHwf+Vv65i5yD1dgHU
MxStmF3piyN+qlDnMGZfJVxCVC2BYqc8oKjdpfcdj/B9jQwu7PED5hLloKBht+6Q
wInmwjf199EaM+F0vsZ6sCKSIvGEAWpmFO4m4CHqkqmz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:22 2024 by rpki-client on console-ams.rpki-client.org