Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/GxGMELKmuulp69vVVAcOh3u4V9w.roa
File:                     GxGMELKmuulp69vVVAcOh3u4V9w.roa (raw, json)
Hash identifier:          0HvaRKuaF1nqPxIJaJrG72s/WgztcZIm+4C2UevdQes=
Subject key identifier:   1B:11:8C:10:B2:A6:BA:E9:69:EB:DB:D5:54:07:0E:87:7B:B8:57:DC
Certificate issuer:       /CN=3e8c1897624f57be34e0f760b97f110ad5b5da3a
Certificate serial:       0184C3090C52C886C06A777391BF583780EE
Authority key identifier: 3E:8C:18:97:62:4F:57:BE:34:E0:F7:60:B9:7F:11:0A:D5:B5:DA:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PowYl2JPV7404PdguX8RCtW12jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/GxGMELKmuulp69vVVAcOh3u4V9w.roa
Signing time:             Tue 29 Nov 2022 10:57:40 +0000
ROA not before:           Tue 29 Nov 2022 10:57:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206031
IP address blocks:        89.207.124.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c3:09:0c:52:c8:86:c0:6a:77:73:91:bf:58:37:80:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e8c1897624f57be34e0f760b97f110ad5b5da3a
        Validity
            Not Before: Nov 29 10:57:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b118c10b2a6bae969ebdbd554070e877bb857dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:88:5e:32:79:0a:59:db:93:4c:c6:7a:5a:3b:
                    c5:d1:95:48:bd:fa:33:a4:09:a2:d8:08:23:8a:60:
                    7f:11:16:1a:ba:23:67:4b:1d:bf:df:b7:51:10:a0:
                    02:0c:71:4f:7a:bf:ef:33:9b:4d:99:f4:81:1b:ca:
                    12:81:5c:67:af:bb:6c:97:d3:0e:41:d2:b4:c3:98:
                    f2:d5:8e:99:f2:e4:a2:94:60:47:00:29:0a:ab:72:
                    7a:3b:5c:f3:0c:2f:f0:ba:3f:70:35:06:4e:e5:50:
                    5f:45:9d:5a:f7:76:54:a8:b8:aa:ab:eb:96:85:ea:
                    36:4a:51:69:b2:7d:e1:79:5e:15:04:4f:8e:0f:fc:
                    5f:58:d5:0c:89:c7:7f:ea:ba:52:df:00:d0:5f:8e:
                    57:fc:96:ab:e8:8a:b7:6d:2d:19:fd:9c:6d:c8:d2:
                    3f:dc:48:08:77:9a:89:28:2a:09:7e:9c:70:65:38:
                    74:91:f2:4e:59:e1:77:84:3f:02:08:88:61:20:68:
                    d2:81:b1:4b:5c:b1:62:3c:12:92:01:12:19:49:cd:
                    8f:cc:9f:ae:ed:55:3b:bb:68:ca:94:45:0f:5e:61:
                    cd:50:c1:b6:11:6a:c9:bb:79:fe:55:6a:a4:9a:07:
                    cd:98:6c:da:59:3a:5a:ea:01:5f:6c:2e:ac:9c:94:
                    ae:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:11:8C:10:B2:A6:BA:E9:69:EB:DB:D5:54:07:0E:87:7B:B8:57:DC
            X509v3 Authority Key Identifier:
                keyid:3E:8C:18:97:62:4F:57:BE:34:E0:F7:60:B9:7F:11:0A:D5:B5:DA:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PowYl2JPV7404PdguX8RCtW12jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/GxGMELKmuulp69vVVAcOh3u4V9w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/57ea8d-c680-40a7-8a29-f076a08e6003/1/PowYl2JPV7404PdguX8RCtW12jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.207.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:95:2d:7d:56:bd:1b:55:46:3f:18:cc:da:1e:fa:54:7b:a8:
         3e:48:b0:e9:03:b4:da:3e:4a:05:11:8c:e7:e6:2b:f4:3f:cf:
         23:06:4e:7e:6c:ef:b6:77:e9:f2:a6:d4:78:ec:a0:0c:c2:55:
         77:11:6f:6b:4a:42:6b:24:db:ba:1c:9f:45:fd:30:e6:33:9a:
         41:da:ec:63:ea:98:7e:95:8a:9f:1a:af:bb:18:6d:2f:06:59:
         54:0e:7b:6d:aa:b1:91:d7:2b:46:99:82:49:da:01:34:60:9e:
         1d:c8:61:7d:ba:b1:a1:ff:19:79:89:be:3d:46:f0:b1:5b:fc:
         64:af:14:c6:6d:65:1a:5f:e5:6b:55:ab:1a:45:6a:67:d2:c8:
         7e:77:04:1c:2c:92:55:ad:4b:d3:ed:ee:18:a4:54:b4:18:9c:
         b7:11:24:41:e9:17:a9:43:4e:ce:7c:2d:e2:19:34:41:0a:da:
         95:82:0e:05:00:93:2c:40:4f:d4:d2:a2:4f:5f:5f:f2:41:31:
         f5:a9:08:a0:f0:cb:26:78:58:9d:7d:ab:18:fc:6b:98:a2:30:
         8d:b5:7d:52:a9:ca:38:17:dc:98:2b:9a:34:be:c9:98:d8:23:
         eb:8b:4e:9d:90:c7:62:2c:d4:1b:d0:b7:9f:b7:80:ad:8a:13:
         90:c8:bb:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTDCQxSyIbAandzkb9YN4DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlOGMxODk3NjI0ZjU3YmUzNGUwZjc2MGI5N2YxMTBhZDVi
NWRhM2EwHhcNMjIxMTI5MTA1NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjExOGMxMGIyYTZiYWU5NjllYmRiZDU1NDA3MGU4NzdiYjg1N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoheMnkKWduTTMZ6WjvF0ZVIvfoz
pAmi2AgjimB/ERYauiNnSx2/37dREKACDHFPer/vM5tNmfSBG8oSgVxnr7tsl9MO
QdK0w5jy1Y6Z8uSilGBHACkKq3J6O1zzDC/wuj9wNQZO5VBfRZ1a93ZUqLiqq+uW
heo2SlFpsn3heV4VBE+OD/xfWNUMicd/6rpS3wDQX45X/Jar6Iq3bS0Z/ZxtyNI/
3EgId5qJKCoJfpxwZTh0kfJOWeF3hD8CCIhhIGjSgbFLXLFiPBKSARIZSc2PzJ+u
7VU7u2jKlEUPXmHNUMG2EWrJu3n+VWqkmgfNmGzaWTpa6gFfbC6snJSu2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsRjBCyprrpaevb1VQHDod7uFfcMB8GA1UdIwQY
MBaAFD6MGJdiT1e+NOD3YLl/EQrVtdo6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG93WWwySlBWNzQwNFBkZ3VYOFJDdFcxMmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy81N2VhOGQtYzY4MC00MGE3LThhMjkt
ZjA3NmEwOGU2MDAzLzEvR3hHTUVMS211dWxwNjl2VlZBY09oM3U0Vjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy81N2VhOGQtYzY4MC00MGE3LThhMjktZjA3NmEwOGU2MDAz
LzEvUG93WWwySlBWNzQwNFBkZ3VYOFJDdFcxMmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWc98MA0G
CSqGSIb3DQEBCwUAA4IBAQA7lS19Vr0bVUY/GMzaHvpUe6g+SLDpA7TaPkoFEYzn
5iv0P88jBk5+bO+2d+nyptR47KAMwlV3EW9rSkJrJNu6HJ9F/TDmM5pB2uxj6ph+
lYqfGq+7GG0vBllUDnttqrGR1ytGmYJJ2gE0YJ4dyGF9urGh/xl5ib49RvCxW/xk
rxTGbWUaX+VrVasaRWpn0sh+dwQcLJJVrUvT7e4YpFS0GJy3ESRB6RepQ07OfC3i
GTRBCtqVgg4FAJMsQE/U0qJPX1/yQTH1qQig8MsmeFidfasY/GuYojCNtX1Sqco4
F9yYK5o0vsmY2CPri06dkMdiLNQb0Left4CtihOQyLtB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:29 2024 by rpki-client on console-ams.rpki-client.org