Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa
File:                     HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa (raw, json)
Hash identifier:          EO2Inr59GbQM7VixjI+Xikoj3TZqEA26ZGPiV1GDNQQ=
Subject key identifier:   1E:D2:46:72:81:EE:CA:48:39:2B:0B:C5:27:74:A5:11:5C:0C:B8:2C
Certificate issuer:       /CN=f68b2f4e668ef0a176a8bd0004e2777670833238
Certificate serial:       0F4D665A
Authority key identifier: F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa
Signing time:             Sat 01 Jan 2022 13:58:38 +0000
ROA not before:           Sat 01 Jan 2022 13:58:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43995
IP address blocks:        82.151.32.0/19 maxlen: 27
                          45.159.44.0/22 maxlen: 22
                          185.77.24.0/22 maxlen: 24
                          2a02:e040::/29 maxlen: 64
                          2a0f:7180::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 256730714 (0xf4d665a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f68b2f4e668ef0a176a8bd0004e2777670833238
        Validity
            Not Before: Jan  1 13:58:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ed2467281eeca48392b0bc52774a5115c0cb82c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b3:8a:6c:99:fa:9a:02:d9:d7:e8:45:0f:39:
                    d3:14:75:4a:d6:3d:7b:90:13:66:91:cc:37:53:d4:
                    a1:cd:05:ec:59:46:94:bd:10:ef:5b:87:48:e6:43:
                    67:01:48:c7:52:a0:24:77:48:c3:94:57:bc:40:02:
                    29:44:d3:af:f4:3e:5e:09:79:4e:36:8a:f2:51:b0:
                    f0:11:91:e7:83:14:17:aa:d4:1c:77:be:d4:66:27:
                    d5:4a:16:fb:fd:1c:f5:7d:5e:7a:4f:c1:c5:7b:8c:
                    20:e5:63:63:98:73:47:7b:6a:3d:b7:5d:0f:c9:1e:
                    7f:f3:da:1e:8e:68:83:85:f3:fb:16:7b:32:26:6a:
                    09:cf:00:21:48:8d:40:04:0d:ee:0a:3d:51:53:1e:
                    bc:86:29:ad:63:db:04:c9:f5:ee:c3:78:0d:a8:97:
                    05:c3:ee:32:8e:55:11:44:ad:ad:fa:3a:8a:2b:b1:
                    23:4f:36:b3:c9:b2:3c:bd:1f:5f:48:8c:71:d1:50:
                    95:e2:3d:37:32:b5:fa:11:3b:74:d0:ea:e3:92:2c:
                    fc:f9:c6:34:a6:e3:15:8c:58:a2:6c:61:1e:dc:d3:
                    d7:33:82:11:de:20:95:63:52:86:99:91:1f:b3:08:
                    20:0e:64:23:5f:de:c9:74:49:6b:34:17:10:e0:32:
                    53:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:D2:46:72:81:EE:CA:48:39:2B:0B:C5:27:74:A5:11:5C:0C:B8:2C
            X509v3 Authority Key Identifier:
                keyid:F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/9osvTmaO8KF2qL0ABOJ3dnCDMjg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.44.0/22
                  82.151.32.0/19
                  185.77.24.0/22
                IPv6:
                  2a02:e040::/29
                  2a0f:7180::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:23:f6:41:e5:ba:95:35:f4:3f:f1:0f:b3:9e:e0:87:8b:fa:
         47:55:f9:59:3a:b5:0d:24:f8:6b:1b:12:63:e9:dd:67:6d:a9:
         16:21:7d:c8:f7:e6:d2:2e:15:fc:94:fc:33:09:9e:85:85:eb:
         1b:5c:dc:57:43:4d:f2:b8:6e:f2:38:94:ed:73:6b:ea:8d:11:
         9e:cd:ca:1b:06:96:58:b9:fc:dc:60:31:94:0e:72:ae:94:0e:
         c7:f9:0f:2d:d6:01:df:72:7e:7c:29:42:b0:14:0a:94:aa:49:
         d6:08:22:d9:cb:19:60:f0:3a:4b:ba:f8:72:13:be:af:7b:f9:
         23:df:f6:aa:03:af:d1:a2:99:1f:67:b1:f6:43:ce:ca:87:9f:
         28:cf:53:6e:6c:d5:62:5a:a3:ef:e7:a5:c5:7b:09:cd:41:24:
         00:7f:95:27:df:7d:0f:a4:a9:31:66:b8:f8:27:bb:79:c4:68:
         19:d9:02:07:1b:79:48:3e:d6:63:78:77:41:cb:5f:37:f0:d1:
         76:43:84:9b:2b:30:1f:68:bc:58:8c:6f:07:1a:6e:8f:ae:d0:
         2b:bd:d3:47:db:aa:0a:74:8c:98:4f:2c:82:2d:be:da:8b:c1:
         16:61:73:49:ab:af:8f:d5:a0:f0:a1:ee:4c:84:cc:3e:5e:ee:
         c5:d9:cd:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIED01mWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjhiMmY0ZTY2OGVmMGExNzZhOGJkMDAwNGUyNzc3NjcwODMzMjM4MB4XDTIyMDEw
MTEzNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVkMjQ2NzI4MWVl
Y2E0ODM5MmIwYmM1Mjc3NGE1MTE1YzBjYjgyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6zimyZ+poC2dfoRQ850xR1StY9e5ATZpHMN1PUoc0F7FlG
lL0Q71uHSOZDZwFIx1KgJHdIw5RXvEACKUTTr/Q+Xgl5TjaK8lGw8BGR54MUF6rU
HHe+1GYn1UoW+/0c9X1eek/BxXuMIOVjY5hzR3tqPbddD8kef/PaHo5og4Xz+xZ7
MiZqCc8AIUiNQAQN7go9UVMevIYprWPbBMn17sN4DaiXBcPuMo5VEUStrfo6iiux
I082s8myPL0fX0iMcdFQleI9NzK1+hE7dNDq45Is/PnGNKbjFYxYomxhHtzT1zOC
Ed4glWNShpmRH7MIIA5kI1/eyXRJazQXEOAyU5sCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQe0kZyge7KSDkrC8UndKURXAy4LDAfBgNVHSMEGDAWgBT2iy9OZo7woXao
vQAE4nd2cIMyODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlvc3ZUbWFPOEtGMnFMMEFCT0ozZG5DRE1qZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZmRjNTk5LTc4MGItNDQxNC05ZTJhLTUyYjA3NzVjN2NiNC8x
L0h0Skdjb0h1eWtnNUt3dkZKM1NsRVZ3TXVDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZmRjNTk5LTc4MGItNDQxNC05ZTJhLTUyYjA3NzVjN2NiNC8xLzlvc3ZUbWFPOEtG
MnFMMEFCT0ozZG5DRE1qZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi2fLAMEBVKXIAMEArlNGDAUBAIA
AjAOAwUDKgLgQAMFAyoPcYAwDQYJKoZIhvcNAQELBQADggEBAJMj9kHlupU19D/x
D7Oe4IeL+kdV+Vk6tQ0k+GsbEmPp3WdtqRYhfcj35tIuFfyU/DMJnoWF6xtc3FdD
TfK4bvI4lO1za+qNEZ7NyhsGlli5/NxgMZQOcq6UDsf5Dy3WAd9yfnwpQrAUCpSq
SdYIItnLGWDwOku6+HITvq97+SPf9qoDr9GimR9nsfZDzsqHnyjPU25s1WJao+/n
pcV7Cc1BJAB/lSfffQ+kqTFmuPgnu3nEaBnZAgcbeUg+1mN4d0HLXzfw0XZDhJsr
MB9ovFiMbwcabo+u0Cu900fbqgp0jJhPLIItvtqLwRZhc0mrr4/VoPCh7kyEzD5e
7sXZzdg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:42 2024 by rpki-client on console-fra.rpki-client.org