Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/GvmonnToI6qW_W7qb_njwq7917Y.roa
File:                     GvmonnToI6qW_W7qb_njwq7917Y.roa (raw, json)
Hash identifier:          5zyM7Br6t2pyvpRjIEXIsT09ka8N42jnrdKmm+agJII=
Subject key identifier:   1A:F9:A8:9E:74:E8:23:AA:96:FD:6E:EA:6F:F9:E3:C2:AE:FD:D7:B6
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01849306A2809C45FD2C993F9D334B65602B
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/GvmonnToI6qW_W7qb_njwq7917Y.roa
Signing time:             Sun 20 Nov 2022 03:13:16 +0000
ROA not before:           Sun 20 Nov 2022 03:13:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48029
IP address blocks:        87.248.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:93:06:a2:80:9c:45:fd:2c:99:3f:9d:33:4b:65:60:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Nov 20 03:13:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1af9a89e74e823aa96fd6eea6ff9e3c2aefdd7b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:7e:76:ed:f7:0a:b6:1b:cf:f4:9a:86:46:85:
                    bf:9f:61:e2:b6:04:b5:77:d6:e8:ad:16:5a:26:b6:
                    a3:fb:b1:c7:56:0f:38:2f:b4:f3:a1:a6:b2:99:68:
                    76:f4:08:de:8a:b4:a9:35:04:32:51:d6:55:7a:fa:
                    39:43:4f:c2:5a:47:89:dc:32:4c:64:6d:73:82:c0:
                    43:40:26:f3:f3:c7:5e:02:e5:ae:a0:65:37:05:81:
                    4f:62:20:dc:ae:0a:75:d6:f3:a0:b4:a7:a3:05:04:
                    25:5d:a0:fa:4a:cd:d0:a9:d8:17:1e:9f:05:74:14:
                    fb:4a:a9:bd:49:54:b5:d3:6d:53:42:00:ef:ee:d6:
                    c5:4d:bb:45:56:d4:df:fa:46:8b:26:44:4a:02:56:
                    48:f7:0c:3c:fc:b0:06:de:b6:4b:9c:02:ad:aa:6a:
                    08:53:79:1f:99:f9:60:4f:9f:51:23:b1:ca:98:d9:
                    9f:92:35:11:86:a1:3a:66:7e:9f:08:60:4f:f3:9c:
                    63:ec:af:7c:11:80:28:8c:46:76:86:52:24:95:ef:
                    30:35:4b:d0:63:14:72:38:c9:b0:e9:3b:1b:57:a7:
                    39:ae:14:2f:bd:6d:85:1c:02:90:65:51:ad:f3:67:
                    54:aa:22:16:f6:a2:fc:07:bb:b9:8f:b6:d8:52:30:
                    86:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:F9:A8:9E:74:E8:23:AA:96:FD:6E:EA:6F:F9:E3:C2:AE:FD:D7:B6
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/GvmonnToI6qW_W7qb_njwq7917Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:c8:df:1e:5b:b1:f1:e4:de:07:a2:b8:32:de:f8:f7:68:36:
         1e:c8:75:60:ed:3e:8f:b4:ad:e1:e0:90:37:8a:e2:be:aa:58:
         39:b6:1d:62:a6:94:42:8f:a8:24:fd:d6:82:04:3a:b5:1d:1a:
         6a:11:b0:2e:f3:a1:0c:4d:39:5f:46:20:50:45:f0:3c:17:6d:
         39:d4:7e:92:7d:e6:bf:81:a6:07:cf:31:0d:f6:64:0d:7b:ad:
         a2:bc:f8:18:3b:7b:bb:82:e0:fa:50:6a:43:02:b7:4a:2c:18:
         f8:44:d5:60:e1:18:f4:98:7b:46:d6:9a:23:ff:d5:ff:04:5f:
         4a:9c:0a:8b:23:68:a1:33:60:9b:3f:98:b5:f9:9c:05:58:8c:
         dd:dc:5b:ed:ee:12:4d:ea:fc:30:7e:1e:0e:1d:f0:7a:20:c9:
         67:37:0b:2f:91:37:c2:98:0f:35:0c:e8:f2:bd:2a:48:1d:f2:
         21:fb:28:cb:18:f3:07:93:c8:a1:34:7f:5b:78:6b:44:90:9b:
         8b:f8:01:2b:ca:df:4e:ab:e3:07:01:64:7b:68:7b:db:2f:8d:
         45:a6:35:8c:af:24:bd:66:8a:ea:09:bd:e6:dc:cc:3f:a9:b2:
         64:4c:f0:4d:9c:af:55:40:f6:26:ef:9e:db:f1:4b:6f:c8:c1:
         cd:04:4f:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSTBqKAnEX9LJk/nTNLZWArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMTIwMDMxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY5YTg5ZTc0ZTgyM2FhOTZmZDZlZWE2ZmY5ZTNjMmFlZmRkN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H527fcKthvP9JqGRoW/n2HitgS1
d9borRZaJraj+7HHVg84L7TzoaaymWh29AjeirSpNQQyUdZVevo5Q0/CWkeJ3DJM
ZG1zgsBDQCbz88deAuWuoGU3BYFPYiDcrgp11vOgtKejBQQlXaD6Ss3QqdgXHp8F
dBT7Sqm9SVS1021TQgDv7tbFTbtFVtTf+kaLJkRKAlZI9ww8/LAG3rZLnAKtqmoI
U3kfmflgT59RI7HKmNmfkjURhqE6Zn6fCGBP85xj7K98EYAojEZ2hlIkle8wNUvQ
YxRyOMmw6TsbV6c5rhQvvW2FHAKQZVGt82dUqiIW9qL8B7u5j7bYUjCG8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBr5qJ506COqlv1u6m/548Ku/de2MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvR3Ztb25uVG9JNnFXX1c3cWJfbmp3cTc5MTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/ifMA0G
CSqGSIb3DQEBCwUAA4IBAQAFyN8eW7Hx5N4Horgy3vj3aDYeyHVg7T6PtK3h4JA3
iuK+qlg5th1ippRCj6gk/daCBDq1HRpqEbAu86EMTTlfRiBQRfA8F2051H6Sfea/
gaYHzzEN9mQNe62ivPgYO3u7guD6UGpDArdKLBj4RNVg4Rj0mHtG1poj/9X/BF9K
nAqLI2ihM2CbP5i1+ZwFWIzd3Fvt7hJN6vwwfh4OHfB6IMlnNwsvkTfCmA81DOjy
vSpIHfIh+yjLGPMHk8ihNH9beGtEkJuL+AEryt9Oq+MHAWR7aHvbL41FpjWMryS9
ZorqCb3m3Mw/qbJkTPBNnK9VQPYm757b8UtvyMHNBE+u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org