Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GODYTGflRszZRM38-HPXONI6TZU.roa
File:                     GODYTGflRszZRM38-HPXONI6TZU.roa (raw, json)
Hash identifier:          /YJWIkGFo97rpa6D6yNYgrR/k611rYiW+tm9CoLOx+w=
Subject key identifier:   18:E0:D8:4C:67:E5:46:CC:D9:44:CD:FC:F8:73:D7:38:D2:3A:4D:95
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       01841DF649AFB72CCF47FC6E3870B8412964
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GODYTGflRszZRM38-HPXONI6TZU.roa
Signing time:             Fri 28 Oct 2022 09:39:50 +0000
ROA not before:           Fri 28 Oct 2022 09:39:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        45.94.168.0/22 maxlen: 24
                          195.211.188.0/22 maxlen: 24
                          2.56.108.0/22 maxlen: 24
                          45.138.180.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1d:f6:49:af:b7:2c:cf:47:fc:6e:38:70:b8:41:29:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct 28 09:39:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18e0d84c67e546ccd944cdfcf873d738d23a4d95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:59:88:13:90:11:f4:12:0b:54:b2:cd:cf:
                    00:f1:a3:40:f8:ab:e3:20:df:eb:92:13:5b:a5:6f:
                    79:f0:bd:2b:fb:18:f0:41:2a:3d:c6:2e:2e:f8:e7:
                    e2:f3:59:f2:4b:77:cc:8e:aa:2e:ec:e4:d4:f0:52:
                    66:b4:8e:09:61:4a:b5:74:b1:96:2e:c6:f2:02:22:
                    c6:5d:0d:d5:ba:00:42:58:79:e5:06:45:33:7b:75:
                    71:ed:0a:ca:61:33:25:8e:bf:12:5f:ca:2c:47:5b:
                    87:ec:46:d8:7c:71:7a:01:15:82:fe:f0:18:73:21:
                    40:bc:ec:c2:df:e5:5d:ea:92:64:5e:7e:d8:65:f5:
                    e5:8a:90:e1:7e:38:da:33:d4:1d:07:6f:ba:84:56:
                    8b:1b:97:f1:d7:88:3d:4f:06:3e:a5:ec:6d:bb:ea:
                    cb:3a:7e:5e:f7:e4:08:85:27:31:e6:88:a3:98:fb:
                    25:f7:3f:68:04:f0:c7:89:b3:2d:9f:cf:3d:e7:20:
                    ee:ad:95:3e:8d:ec:99:70:b9:6f:64:0e:dc:63:ec:
                    2e:81:59:0f:81:92:47:56:ee:67:f5:66:f0:03:28:
                    bc:35:48:69:21:43:10:d9:88:2d:1f:85:46:ff:c3:
                    e2:01:22:e2:70:8b:be:c1:37:2a:0b:e8:38:52:dd:
                    34:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E0:D8:4C:67:E5:46:CC:D9:44:CD:FC:F8:73:D7:38:D2:3A:4D:95
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/GODYTGflRszZRM38-HPXONI6TZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.108.0/22
                  45.94.168.0/22
                  45.138.180.0/22
                  195.211.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:3a:00:73:ca:92:e8:fd:6a:f4:71:3f:26:46:31:d4:bf:bb:
         9d:83:e8:1d:02:17:24:e4:3b:a9:e1:fd:1c:2f:b3:37:a9:ce:
         01:15:c8:10:34:f5:48:5f:8a:5f:c5:ab:f5:45:bf:59:c4:4f:
         ac:3a:65:57:e1:3c:3d:9c:2b:82:1f:07:6f:6e:c7:61:1e:b5:
         6e:00:5d:01:6f:dd:da:7f:e6:43:f4:0a:b3:87:e1:6e:7f:f6:
         b5:f1:87:76:b3:58:8b:58:33:ac:b3:ca:ae:52:a8:32:53:65:
         76:19:81:14:1b:45:ca:48:14:4e:5f:4c:b1:67:ec:d0:a3:42:
         61:26:01:bb:55:4d:c3:95:5b:2c:3b:b0:51:5e:ae:6b:47:80:
         11:5d:4b:e5:fa:33:5b:f1:dd:02:c4:ce:0c:7e:71:03:d4:5d:
         7e:a5:00:f3:d1:7c:8b:9e:dc:60:94:ae:01:e0:01:c3:c2:d7:
         11:8a:f5:d2:2c:3d:a5:bc:5c:98:b7:36:51:22:cb:f7:c2:48:
         35:5e:7a:42:da:cd:2b:dd:a6:da:3a:d9:73:15:37:26:9e:ad:
         62:f0:13:0d:98:0e:03:ac:69:82:5d:e1:85:a8:68:06:c0:00:
         89:77:5d:ff:65:64:83:13:37:b7:67:be:61:87:aa:f4:35:a8:
         93:89:e7:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQd9kmvtyzPR/xuOHC4QSlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDI4MDkzOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGUwZDg0YzY3ZTU0NmNjZDk0NGNkZmNmODczZDczOGQyM2E0ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1dZiBOQEfQSC1Syzc8A8aNA+Kvj
IN/rkhNbpW958L0r+xjwQSo9xi4u+Ofi81nyS3fMjqou7OTU8FJmtI4JYUq1dLGW
LsbyAiLGXQ3VugBCWHnlBkUze3Vx7QrKYTMljr8SX8osR1uH7EbYfHF6ARWC/vAY
cyFAvOzC3+Vd6pJkXn7YZfXlipDhfjjaM9QdB2+6hFaLG5fx14g9TwY+pextu+rL
On5e9+QIhScx5oijmPsl9z9oBPDHibMtn8895yDurZU+jeyZcLlvZA7cY+wugVkP
gZJHVu5n9WbwAyi8NUhpIUMQ2YgtH4VG/8PiASLicIu+wTcqC+g4Ut00sQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBjg2Exn5UbM2UTN/Phz1zjSOk2VMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvR09EWVRHZmxSc3paUk0zOC1IUFhPTkk2VFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjhsAwQC
LV6oAwQCLYq0AwQCw9O8MA0GCSqGSIb3DQEBCwUAA4IBAQCIOgBzypLo/Wr0cT8m
RjHUv7udg+gdAhck5Dup4f0cL7M3qc4BFcgQNPVIX4pfxav1Rb9ZxE+sOmVX4Tw9
nCuCHwdvbsdhHrVuAF0Bb93af+ZD9Aqzh+Fuf/a18Yd2s1iLWDOss8quUqgyU2V2
GYEUG0XKSBROX0yxZ+zQo0JhJgG7VU3DlVssO7BRXq5rR4ARXUvl+jNb8d0CxM4M
fnED1F1+pQDz0XyLntxglK4B4AHDwtcRivXSLD2lvFyYtzZRIsv3wkg1XnpC2s0r
3abaOtlzFTcmnq1i8BMNmA4DrGmCXeGFqGgGwACJd13/ZWSDEze3Z75hh6r0NaiT
iefS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org