Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GaT6qHvuidbM9O24vcGP_mtcP-I.roa
File:                     GaT6qHvuidbM9O24vcGP_mtcP-I.roa (raw, json)
Hash identifier:          B6/olu9K5+eeU8eiUJQgXL5Nc8L1nkl2MrIgwRrUEec=
Subject key identifier:   19:A4:FA:A8:7B:EE:89:D6:CC:F4:ED:B8:BD:C1:8F:FE:6B:5C:3F:E2
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C6C763A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GaT6qHvuidbM9O24vcGP_mtcP-I.roa
Signing time:             Sat 01 Jan 2022 01:02:34 +0000
ROA not before:           Sat 01 Jan 2022 01:02:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48011
IP address blocks:        81.161.236.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 476870202 (0x1c6c763a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19a4faa87bee89d6ccf4edb8bdc18ffe6b5c3fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:01:99:dc:ee:63:fc:40:62:bf:31:4b:24:95:
                    8c:91:97:47:be:93:52:8d:6c:88:7b:ec:a1:09:ad:
                    08:51:4c:36:6f:6c:3c:69:6d:5f:01:46:da:29:62:
                    0f:3d:3e:bd:da:4d:1b:dd:d6:f2:25:46:17:c1:5d:
                    9a:bf:c2:ba:25:fd:a7:5b:87:09:22:72:a5:14:62:
                    df:94:cb:d2:36:7b:b4:b7:26:02:28:1a:c1:8b:7b:
                    5e:91:af:f4:09:c0:72:2d:b7:9e:51:9c:1d:79:21:
                    c5:53:fc:96:01:ea:1e:8b:d2:34:ab:5a:1c:b6:c8:
                    6a:6d:b4:90:67:d0:59:4d:b5:b9:5c:24:bc:af:a2:
                    fc:a5:cc:0f:61:26:77:83:4e:79:d9:f8:3b:58:9c:
                    c7:11:cd:75:4a:4c:cc:4a:ee:39:46:f0:6e:c4:4e:
                    af:7e:ef:ea:be:0d:fa:a1:df:77:d1:5e:fb:d3:16:
                    00:18:33:66:e9:a3:0a:fe:15:9a:03:1d:ad:64:23:
                    f6:64:f8:52:01:1b:a4:ed:0f:67:c0:49:3e:96:fa:
                    b8:8f:51:b2:39:0e:89:e1:ad:07:a9:bc:6b:5b:19:
                    d8:04:4a:07:90:b2:1b:52:44:5c:a6:1a:f7:59:c1:
                    ea:47:a3:37:d5:51:ce:9f:83:c2:f3:ec:0a:34:fa:
                    21:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:A4:FA:A8:7B:EE:89:D6:CC:F4:ED:B8:BD:C1:8F:FE:6B:5C:3F:E2
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GaT6qHvuidbM9O24vcGP_mtcP-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:71:6b:37:56:7a:84:6e:a7:6f:b7:74:45:36:58:f4:60:7d:
         42:13:27:ee:be:3a:cb:95:62:44:24:25:6e:0d:88:10:41:8f:
         92:98:cd:35:29:be:40:ad:c7:e0:c1:75:73:76:d9:44:11:8f:
         62:d0:2b:c3:49:4e:f7:dd:b1:df:2b:9d:57:4e:c3:9d:b6:a6:
         1e:be:ae:13:6c:bd:e8:a3:8e:78:3c:4e:13:c1:5f:55:66:15:
         f2:e3:12:8c:ef:84:2e:9b:0a:5f:e6:88:79:59:64:ed:7a:d2:
         f5:6f:06:5f:71:91:0b:70:62:c7:f8:9d:ed:1e:5c:92:30:70:
         eb:36:94:5a:f7:c1:9f:71:d4:d3:fe:fe:45:2b:50:cd:e6:0f:
         c1:cb:32:30:21:29:b2:1a:41:6d:41:fa:88:d1:e8:14:92:d1:
         0e:cd:0a:55:7f:48:24:db:07:88:37:85:0a:23:08:57:f2:1b:
         19:7f:11:69:e0:12:80:e1:42:72:f4:4a:22:f0:68:64:88:0f:
         b5:0d:1d:5a:72:1e:3a:63:17:72:90:c7:53:28:63:f4:0a:d2:
         f4:4a:fd:d3:86:00:dd:c1:87:9e:d7:5f:bd:d5:ea:75:e3:61:
         be:6f:f6:8d:b3:21:af:9c:63:7c:7d:4b:01:86:26:50:7a:34:
         c1:b9:b9:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHGx2OjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlhNGZhYTg3YmVl
ODlkNmNjZjRlZGI4YmRjMThmZmU2YjVjM2ZlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMBmdzuY/xAYr8xSySVjJGXR76TUo1siHvsoQmtCFFMNm9s
PGltXwFG2iliDz0+vdpNG93W8iVGF8Fdmr/CuiX9p1uHCSJypRRi35TL0jZ7tLcm
AigawYt7XpGv9AnAci23nlGcHXkhxVP8lgHqHovSNKtaHLbIam20kGfQWU21uVwk
vK+i/KXMD2Emd4NOedn4O1icxxHNdUpMzEruOUbwbsROr37v6r4N+qHfd9Fe+9MW
ABgzZumjCv4VmgMdrWQj9mT4UgEbpO0PZ8BJPpb6uI9RsjkOieGtB6m8a1sZ2ARK
B5CyG1JEXKYa91nB6kejN9VRzp+DwvPsCjT6IfECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQZpPqoe+6J1sz07bi9wY/+a1w/4jAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0dhVDZxSHZ1aWRiTTlPMjR2Y0dQX210Y1AtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFGh7DANBgkqhkiG9w0BAQsFAAOC
AQEAFHFrN1Z6hG6nb7d0RTZY9GB9QhMn7r46y5ViRCQlbg2IEEGPkpjNNSm+QK3H
4MF1c3bZRBGPYtArw0lO992x3yudV07DnbamHr6uE2y96KOOeDxOE8FfVWYV8uMS
jO+ELpsKX+aIeVlk7XrS9W8GX3GRC3Bix/id7R5ckjBw6zaUWvfBn3HU0/7+RStQ
zeYPwcsyMCEpshpBbUH6iNHoFJLRDs0KVX9IJNsHiDeFCiMIV/IbGX8RaeASgOFC
cvRKIvBoZIgPtQ0dWnIeOmMXcpDHUyhj9ArS9Er904YA3cGHntdfvdXqdeNhvm/2
jbMhr5xjfH1LAYYmUHo0wbm5PQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org