Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/HuuiREMQpWuvgBiCnu_1wjaSS_A.roa
File:                     HuuiREMQpWuvgBiCnu_1wjaSS_A.roa (raw, json)
Hash identifier:          +JjbQGNAXQ1Uwon+rjgCO7GcK9zxcLd9t94FCabqylU=
Subject key identifier:   1E:EB:A2:44:43:10:A5:6B:AF:80:18:82:9E:EF:F5:C2:36:92:4B:F0
Certificate issuer:       /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial:       1A7C5466
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/HuuiREMQpWuvgBiCnu_1wjaSS_A.roa
Signing time:             Fri 01 Jul 2022 20:50:25 +0000
ROA not before:           Fri 01 Jul 2022 20:50:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8075
IP address blocks:        94.245.64.0/18 maxlen: 24
                          51.124.0.0/16 maxlen: 16
                          192.100.112.0/21 maxlen: 21
                          192.100.120.0/21 maxlen: 21
                          192.100.128.0/22 maxlen: 22
                          192.100.132.0/23 maxlen: 23
                          51.144.0.0/15 maxlen: 15
                          51.107.0.0/16 maxlen: 16
                          193.149.64.0/19 maxlen: 24
                          192.100.104.0/21 maxlen: 21
                          51.116.0.0/16 maxlen: 16
                          51.138.0.0/16 maxlen: 16
                          51.10.0.0/15 maxlen: 15
                          194.110.197.0/24 maxlen: 24
                          51.104.0.0/15 maxlen: 15
                          51.136.0.0/15 maxlen: 15
                          51.12.0.0/15 maxlen: 15
                          51.103.0.0/16 maxlen: 16
                          51.140.0.0/14 maxlen: 14
                          159.128.0.0/16 maxlen: 16
                          194.41.16.0/20 maxlen: 20
                          194.41.18.0/24 maxlen: 24
                          194.41.22.0/24 maxlen: 24
                          194.41.23.0/24 maxlen: 24
                          194.41.20.0/24 maxlen: 24
                          194.41.21.0/24 maxlen: 24
                          194.41.19.0/24 maxlen: 24
                          51.132.0.0/16 maxlen: 16
                          157.31.0.0/16 maxlen: 16
                          213.199.128.0/18 maxlen: 24
                          193.221.113.0/24 maxlen: 24
                          51.53.0.0/16 maxlen: 16
                          51.120.0.0/16 maxlen: 16
                          147.243.0.0/16 maxlen: 24
                          51.51.0.0/16 maxlen: 16
                          138.105.0.0/16 maxlen: 16
                          2a00:1c68::/29 maxlen: 29
                          2a01:111::/32 maxlen: 32
                          2a01:111:4000::/36 maxlen: 36
                          2a01:111:2000::/36 maxlen: 36
                          2a01:111:f000::/36 maxlen: 36
                          2a01:111:4004::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 444355686 (0x1a7c5466)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
        Validity
            Not Before: Jul  1 20:50:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1eeba2444310a56baf8018829eeff5c236924bf0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:13:ec:4c:20:d9:c2:16:d8:7c:f8:ef:23:8c:
                    a9:02:40:ce:82:63:bf:95:5d:cf:13:49:6e:bf:15:
                    21:41:86:96:ac:aa:77:14:79:8a:e4:c4:1a:0b:d1:
                    c0:6d:ff:b5:5e:6c:c0:4e:f6:2f:0c:df:e2:64:2b:
                    1a:1a:2e:74:23:90:50:23:b7:19:b6:7c:bd:89:de:
                    75:e2:ca:9e:3b:d7:ef:24:cf:33:eb:33:07:87:b8:
                    d6:60:13:ce:bc:7b:21:45:e9:77:b3:59:d4:b6:43:
                    93:6c:c4:e2:3c:cc:96:ac:39:e3:6a:98:28:8f:02:
                    26:4d:7b:d5:9e:75:ab:36:1d:2b:79:51:e7:b2:21:
                    2f:3f:4e:2b:47:5c:92:da:a0:37:fc:ec:0f:10:37:
                    e5:ea:97:92:e6:8c:2e:26:7e:59:1a:7f:ab:bd:8b:
                    fe:d7:bb:92:15:f0:ff:ee:85:b8:0f:13:6b:f3:95:
                    bb:24:b8:5d:04:06:cd:43:e4:b1:33:87:0a:b8:22:
                    40:07:31:6d:95:bb:c8:1c:9b:04:fc:36:fe:95:8a:
                    8c:40:2a:87:6c:f9:cd:dc:84:85:2b:b6:5a:c4:6c:
                    ce:09:63:0c:8e:58:d6:28:c1:3c:01:e2:fb:f8:8c:
                    99:3b:3b:af:e5:97:07:4d:96:47:65:30:33:f0:48:
                    2a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:EB:A2:44:43:10:A5:6B:AF:80:18:82:9E:EF:F5:C2:36:92:4B:F0
            X509v3 Authority Key Identifier:
                keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/HuuiREMQpWuvgBiCnu_1wjaSS_A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.10.0.0-51.13.255.255
                  51.51.0.0/16
                  51.53.0.0/16
                  51.103.0.0-51.105.255.255
                  51.107.0.0/16
                  51.116.0.0/16
                  51.120.0.0/16
                  51.124.0.0/16
                  51.132.0.0/16
                  51.136.0.0-51.138.255.255
                  51.140.0.0-51.145.255.255
                  94.245.64.0/18
                  138.105.0.0/16
                  147.243.0.0/16
                  157.31.0.0/16
                  159.128.0.0/16
                  192.100.104.0-192.100.133.255
                  193.149.64.0/19
                  193.221.113.0/24
                  194.41.16.0/20
                  194.110.197.0/24
                  213.199.128.0/18
                IPv6:
                  2a00:1c68::/29
                  2a01:111::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:7a:5c:6e:1c:f2:57:c4:b8:7b:b0:cb:6e:05:33:40:ca:9b:
         8a:3e:8c:61:3d:16:88:de:f0:9a:bc:ca:c1:6c:ad:71:87:71:
         e5:04:c3:23:9b:e6:4f:30:da:27:bf:51:b4:92:d9:32:82:2c:
         96:51:c8:a2:6d:de:3b:77:e6:d9:9b:e4:4f:3a:b9:ba:53:2d:
         fd:6f:92:36:a9:c9:0b:c7:f6:39:13:e3:d7:24:f0:0e:b7:4a:
         c8:0e:6b:b8:2f:6e:1a:5e:39:26:ba:75:99:73:1f:db:1c:7a:
         99:68:02:fe:c8:66:7b:00:fb:21:47:6f:6f:96:a4:3f:9f:eb:
         9a:41:80:0c:af:58:6f:6f:3e:77:08:26:30:6c:c0:84:ad:98:
         e9:4e:64:e1:30:73:93:b3:09:a5:26:91:b4:f6:c1:42:59:fe:
         54:e0:f5:fa:2c:e9:de:b3:f2:d3:b8:da:bb:e4:8b:0e:92:45:
         b8:2a:6b:cc:7d:5a:ef:b7:98:78:0c:36:78:c6:cc:18:31:58:
         cd:47:fe:47:48:a0:21:dc:02:9d:72:dc:07:48:00:0a:ac:44:
         1c:96:b2:93:00:a3:8d:8f:6e:38:2f:e6:9f:f1:2d:32:e9:3c:
         1e:d0:8c:81:34:79:b1:24:35:e5:31:5f:99:8c:6d:d0:60:12:
         0f:5a:cb:2d
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIEGnxUZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2U2OGRhZjVmMDg5NDU2YzBlMWQwMjI0NTM5MzUzMWFjNWI4ZmNiMB4XDTIyMDcw
MTIwNTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVlYmEyNDQ0MzEw
YTU2YmFmODAxODgyOWVlZmY1YzIzNjkyNGJmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJET7Ewg2cIW2Hz47yOMqQJAzoJjv5VdzxNJbr8VIUGGlqyq
dxR5iuTEGgvRwG3/tV5swE72Lwzf4mQrGhoudCOQUCO3GbZ8vYnedeLKnjvX7yTP
M+szB4e41mATzrx7IUXpd7NZ1LZDk2zE4jzMlqw542qYKI8CJk171Z51qzYdK3lR
57IhLz9OK0dcktqgN/zsDxA35eqXkuaMLiZ+WRp/q72L/te7khXw/+6FuA8Ta/OV
uyS4XQQGzUPksTOHCrgiQAcxbZW7yBybBPw2/pWKjEAqh2z5zdyEhSu2WsRszglj
DI5Y1ijBPAHi+/iMmTs7r+WXB02WR2UwM/BIKscCAwEAAaOCArcwggKzMB0GA1Ud
DgQWBBQe66JEQxCla6+AGIKe7/XCNpJL8DAfBgNVHSMEGDAWgBR85o2vXwiUVsDh
0CJFOTUxrFuPyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZPYU5yMThJbEZiQTRkQWlSVGsxTWF4Ymo4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8x
L0h1dWlSRU1RcFd1dmdCaUNudV8xd2phU1NfQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWMwYjg5LTFlNjgtNDVhMC04YjkzLTEzYTA2YTI2OWFhOC8xL2ZPYU5yMThJbEZi
QTRkQWlSVGsxTWF4Ymo4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zAYIKwYBBQUHAQcBAf8EgbwwgbkwgaAEAgABMIGZMAoDAwEzCgMDATMMAwMAMzMD
AwAzNTAKAwMAM2cDAwEzaAMDADNrAwMAM3QDAwAzeAMDADN8AwMAM4QwCgMDAzOI
AwMAM4owCgMDAjOMAwMBM5ADBAZe9UADAwCKaQMDAJPzAwMAnR8DAwCfgDAMAwQD
wGRoAwQBwGSEAwQFwZVAAwQAwd1xAwQEwikQAwQAwm7FAwQG1ceAMBQEAgACMA4D
BQMqABxoAwUAKgEBETANBgkqhkiG9w0BAQsFAAOCAQEAa3pcbhzyV8S4e7DLbgUz
QMqbij6MYT0WiN7wmrzKwWytcYdx5QTDI5vmTzDaJ79RtJLZMoIsllHIom3eO3fm
2ZvkTzq5ulMt/W+SNqnJC8f2ORPj1yTwDrdKyA5ruC9uGl45Jrp1mXMf2xx6mWgC
/shmewD7IUdvb5akP5/rmkGADK9Yb28+dwgmMGzAhK2Y6U5k4TBzk7MJpSaRtPbB
Qln+VOD1+izp3rPy07jau+SLDpJFuCprzH1a77eYeAw2eMbMGDFYzUf+R0igIdwC
nXLcB0gACqxEHJaykwCjjY9uOC/mn/EtMuk8HtCMgTR5sSQ15TFfmYxt0GASD1rL
LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org