Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/GIxv3avJivDiSy-cv2_97wlq-yc.roa
File:                     GIxv3avJivDiSy-cv2_97wlq-yc.roa (raw, json)
Hash identifier:          Zu3l4jyflaK2w1y1/HeOMgWq8h2j8lRUpIH7JWQVonw=
Subject key identifier:   18:8C:6F:DD:AB:C9:8A:F0:E2:4B:2F:9C:BF:6F:FD:EF:09:6A:FB:27
Certificate issuer:       /CN=b14aaa9b084864f44bae18ba076b26067754fb62
Certificate serial:       0A2FA0E7
Authority key identifier: B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/GIxv3avJivDiSy-cv2_97wlq-yc.roa
Signing time:             Sat 01 Jan 2022 02:53:47 +0000
ROA not before:           Sat 01 Jan 2022 02:53:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60641
IP address blocks:        5.39.233.0/24 maxlen: 24
                          5.39.236.0/24 maxlen: 24
                          5.39.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170893543 (0xa2fa0e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b14aaa9b084864f44bae18ba076b26067754fb62
        Validity
            Not Before: Jan  1 02:53:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=188c6fddabc98af0e24b2f9cbf6ffdef096afb27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:07:a9:dc:3d:d6:ce:9e:65:65:cf:d8:48:08:
                    8b:4e:2d:b9:d9:e8:a4:73:06:b6:66:02:cb:97:09:
                    2a:52:02:7b:9b:1a:c0:a6:d2:a7:9c:43:63:bc:5e:
                    24:aa:e3:98:ec:70:ea:4d:a5:bf:ad:3c:0e:37:f6:
                    19:9f:ed:1e:d9:55:33:fc:c1:de:fb:df:23:7a:97:
                    d5:fa:b6:a6:f1:8e:06:01:29:47:e6:c7:55:8d:24:
                    fd:e5:68:f5:3c:7f:f3:56:b8:76:16:d3:24:f3:f8:
                    93:14:58:ed:80:78:87:d4:7c:20:9f:ff:7e:4a:f9:
                    a1:30:c4:ae:1e:d0:db:37:e9:63:a5:ef:24:c9:7a:
                    74:cd:cc:5f:6a:44:17:c3:fb:de:40:61:80:e4:7d:
                    fa:42:77:6e:de:41:e5:c1:60:80:bc:b8:cc:ce:86:
                    11:42:8f:37:94:51:8a:6b:b7:f8:ae:5f:65:ed:e5:
                    6a:7b:45:dc:22:43:44:36:08:8b:70:f6:1f:09:3b:
                    27:62:75:f7:33:dc:bb:0c:69:ea:d3:cc:5a:46:e2:
                    a4:bd:25:93:24:77:ba:d2:b8:34:e6:97:38:94:f2:
                    e3:bf:f9:23:b6:bc:2a:b2:d6:fa:80:13:e4:3c:25:
                    0b:61:bf:b3:b5:db:26:c3:6b:9c:86:57:4a:7e:bc:
                    0e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:8C:6F:DD:AB:C9:8A:F0:E2:4B:2F:9C:BF:6F:FD:EF:09:6A:FB:27
            X509v3 Authority Key Identifier:
                keyid:B1:4A:AA:9B:08:48:64:F4:4B:AE:18:BA:07:6B:26:06:77:54:FB:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUqqmwhIZPRLrhi6B2smBndU-2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/GIxv3avJivDiSy-cv2_97wlq-yc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/227afa-ddec-4644-982a-58faa27e5549/1/sUqqmwhIZPRLrhi6B2smBndU-2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.233.0-5.39.234.255
                  5.39.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:5f:51:cf:ca:eb:81:a4:72:2b:3f:87:30:5d:5a:af:57:02:
         33:37:a8:74:18:4f:0a:fa:0f:e4:40:3f:df:36:d5:0f:77:03:
         73:5e:23:a4:16:69:b4:09:5e:31:d5:e2:b3:88:0f:41:8a:d5:
         e9:40:cb:e8:59:6b:42:3d:09:05:75:16:f4:56:b6:76:ef:95:
         51:60:d5:7a:27:59:b0:f4:5b:9c:6b:ab:ac:d8:6f:61:d3:de:
         b5:9a:30:ab:d4:1b:ec:3e:5d:45:d3:e5:fd:1c:c6:19:8f:9c:
         c2:9d:63:90:2f:bc:59:2e:93:58:de:54:58:89:ce:e9:30:c1:
         b6:6d:6a:3b:9c:64:22:5e:0f:59:47:02:dc:4f:66:00:da:4a:
         0c:5e:b8:ea:6b:37:74:26:95:38:a9:ca:96:6d:74:13:4f:cd:
         fd:04:a8:02:82:3d:7b:37:4b:ff:d7:13:4b:b5:26:a9:2c:3d:
         0b:9a:62:07:ad:f7:f8:ea:72:1b:76:0d:1c:05:20:8a:aa:77:
         37:e7:e4:c9:28:d9:31:d2:9d:25:82:a1:61:10:3d:00:8e:c6:
         fb:e0:89:d1:24:60:a1:80:91:80:1e:5b:32:73:43:37:1c:ef:
         7b:66:03:d4:1d:4b:71:f0:16:ad:db:fa:f8:54:db:f7:e0:07:
         5f:7b:9c:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECi+g5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTRhYWE5YjA4NDg2NGY0NGJhZTE4YmEwNzZiMjYwNjc3NTRmYjYyMB4XDTIyMDEw
MTAyNTM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTg4YzZmZGRhYmM5
OGFmMGUyNGIyZjljYmY2ZmZkZWYwOTZhZmIyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4Hqdw91s6eZWXP2EgIi04tudnopHMGtmYCy5cJKlICe5sa
wKbSp5xDY7xeJKrjmOxw6k2lv608Djf2GZ/tHtlVM/zB3vvfI3qX1fq2pvGOBgEp
R+bHVY0k/eVo9Tx/81a4dhbTJPP4kxRY7YB4h9R8IJ//fkr5oTDErh7Q2zfpY6Xv
JMl6dM3MX2pEF8P73kBhgOR9+kJ3bt5B5cFggLy4zM6GEUKPN5RRimu3+K5fZe3l
antF3CJDRDYIi3D2Hwk7J2J19zPcuwxp6tPMWkbipL0lkyR3utK4NOaXOJTy47/5
I7a8KrLW+oAT5DwlC2G/s7XbJsNrnIZXSn68DvECAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQYjG/dq8mK8OJLL5y/b/3vCWr7JzAfBgNVHSMEGDAWgBSxSqqbCEhk9Euu
GLoHayYGd1T7YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NVcXFtd2hJWlBSTHJoaTZCMnNtQm5kVS0ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvMjI3YWZhLWRkZWMtNDY0NC05ODJhLTU4ZmFhMjdlNTU0OS8x
L0dJeHYzYXZKaXZEaVN5LWN2Ml85N3dscS15Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
MjI3YWZhLWRkZWMtNDY0NC05ODJhLTU4ZmFhMjdlNTU0OS8xL3NVcXFtd2hJWlBS
THJoaTZCMnNtQm5kVS0ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQABSfpAwQABSfqAwQABSfsMA0G
CSqGSIb3DQEBCwUAA4IBAQB1X1HPyuuBpHIrP4cwXVqvVwIzN6h0GE8K+g/kQD/f
NtUPdwNzXiOkFmm0CV4x1eKziA9BitXpQMvoWWtCPQkFdRb0VrZ275VRYNV6J1mw
9Fuca6us2G9h0961mjCr1BvsPl1F0+X9HMYZj5zCnWOQL7xZLpNY3lRYic7pMMG2
bWo7nGQiXg9ZRwLcT2YA2koMXrjqazd0JpU4qcqWbXQTT839BKgCgj17N0v/1xNL
tSapLD0LmmIHrff46nIbdg0cBSCKqnc35+TJKNkx0p0lgqFhED0Ajsb74InRJGCh
gJGAHlsyc0M3HO97ZgPUHUtx8Bat2/r4VNv34Adfe5xm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:33 2024 by rpki-client on console-fra.rpki-client.org