Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GblLGL4_OwqY30MVgO6u-iU-mio.roa
File:                     GblLGL4_OwqY30MVgO6u-iU-mio.roa (raw, json)
Hash identifier:          b+jkrRZEpfAFgPKlUtKHAtRQM12O2tmMPa4UIglucg4=
Subject key identifier:   19:B9:4B:18:BE:3F:3B:0A:98:DF:43:15:80:EE:AE:FA:25:3E:9A:2A
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       018499367EF98F5D8705305B417C20E46ADD
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GblLGL4_OwqY30MVgO6u-iU-mio.roa
Signing time:             Mon 21 Nov 2022 08:03:16 +0000
ROA not before:           Mon 21 Nov 2022 08:03:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201733
IP address blocks:        2a0e:8f02:f051::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:99:36:7e:f9:8f:5d:87:05:30:5b:41:7c:20:e4:6a:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Nov 21 08:03:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19b94b18be3f3b0a98df431580eeaefa253e9a2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:6b:ae:13:52:60:5a:66:42:95:d2:86:57:83:
                    48:75:65:43:07:ba:73:b9:e5:4b:ff:91:d6:e4:97:
                    a7:07:f9:30:3a:2b:9c:89:37:2c:d4:1b:ad:d4:dc:
                    2e:58:89:5f:e5:8f:5a:7f:ff:0f:52:96:13:cc:35:
                    94:7b:1b:69:29:26:53:ad:15:ed:22:05:b6:b3:dc:
                    c5:14:54:07:be:c8:48:48:9b:4c:d4:99:bc:90:41:
                    a9:8e:89:bb:2d:63:e8:f5:b8:91:bd:8f:01:cd:65:
                    80:0d:53:f6:07:7e:f5:8d:ff:7a:72:5c:8a:e2:28:
                    bf:4e:86:eb:ea:c8:a0:dd:7c:2b:00:9c:aa:1f:27:
                    b6:73:b3:68:ff:30:40:6e:3a:af:19:7b:54:93:48:
                    74:97:64:45:e5:5c:fd:e4:53:37:d6:a3:ca:31:c7:
                    3d:fd:03:b0:bb:98:f4:eb:36:19:36:29:8a:38:c5:
                    7e:a4:7b:6a:ec:d6:99:d6:74:39:56:1a:ad:50:06:
                    50:30:a4:b7:7e:9e:ef:f0:b9:ae:49:a1:3a:2b:54:
                    29:74:2f:a1:4c:df:bd:13:d7:66:48:cf:40:41:ac:
                    93:35:39:e3:81:86:50:80:bc:0b:da:40:cd:a5:32:
                    db:4d:90:d6:65:75:87:1c:aa:33:54:98:0d:d8:99:
                    52:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:B9:4B:18:BE:3F:3B:0A:98:DF:43:15:80:EE:AE:FA:25:3E:9A:2A
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GblLGL4_OwqY30MVgO6u-iU-mio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:f051::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:a8:e1:6c:9e:a5:7a:da:4f:85:40:e5:4f:cd:cd:f9:e8:d7:
         51:36:49:7b:5d:0c:a8:89:57:96:4c:02:b8:d6:c4:c4:b0:4f:
         39:d3:1d:11:1c:04:b7:bd:fd:e7:f6:78:14:7b:e4:1b:b7:6a:
         66:ed:55:32:d0:fc:cb:5d:08:f8:36:98:00:89:cb:91:58:61:
         a0:26:b8:df:92:ae:87:f4:46:6f:8f:42:0f:0e:57:a9:56:ae:
         8f:d1:20:ff:af:f2:3a:16:2f:8d:d2:07:45:99:37:3a:b8:f0:
         b9:e1:8b:ea:0c:9b:6b:8e:32:9e:41:24:c9:55:b0:16:d4:29:
         2f:c3:56:cb:21:09:54:05:ce:1c:81:44:59:f6:14:34:f9:bd:
         62:5f:20:35:cf:5c:4b:38:8d:cf:e1:d8:2c:ce:68:6a:04:7f:
         6d:99:e5:28:ec:47:b0:28:37:42:80:8d:79:f4:8e:83:4f:d4:
         bc:af:9e:be:5e:b5:3f:1b:a5:7e:2c:8c:d8:4e:e0:85:f1:5e:
         a9:4d:c5:18:1e:62:cb:9f:2b:96:d3:aa:22:28:e2:bc:90:96:
         5a:a8:6a:ca:d8:6c:0b:6a:2d:18:91:d4:ff:a5:e2:61:c5:7f:
         ba:04:36:32:c7:62:67:9b:c4:0d:5c:c7:4c:cd:c0:23:95:b7:
         99:30:81:dc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYSZNn75j12HBTBbQXwg5GrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjIxMTIxMDgwMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI5NGIxOGJlM2YzYjBhOThkZjQzMTU4MGVlYWVmYTI1M2U5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52uuE1JgWmZCldKGV4NIdWVDB7pz
ueVL/5HW5JenB/kwOiuciTcs1But1NwuWIlf5Y9af/8PUpYTzDWUextpKSZTrRXt
IgW2s9zFFFQHvshISJtM1Jm8kEGpjom7LWPo9biRvY8BzWWADVP2B371jf96clyK
4ii/Tobr6sig3XwrAJyqHye2c7No/zBAbjqvGXtUk0h0l2RF5Vz95FM31qPKMcc9
/QOwu5j06zYZNimKOMV+pHtq7NaZ1nQ5VhqtUAZQMKS3fp7v8LmuSaE6K1QpdC+h
TN+9E9dmSM9AQayTNTnjgYZQgLwL2kDNpTLbTZDWZXWHHKozVJgN2JlSLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBm5Sxi+PzsKmN9DFYDurvolPpoqMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvR2JsTEdMNF9Pd3FZMzBNVmdPNnUtaVUtbWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBR
MA0GCSqGSIb3DQEBCwUAA4IBAQADqOFsnqV62k+FQOVPzc356NdRNkl7XQyoiVeW
TAK41sTEsE850x0RHAS3vf3n9ngUe+Qbt2pm7VUy0PzLXQj4NpgAicuRWGGgJrjf
kq6H9EZvj0IPDlepVq6P0SD/r/I6Fi+N0gdFmTc6uPC54YvqDJtrjjKeQSTJVbAW
1Ckvw1bLIQlUBc4cgURZ9hQ0+b1iXyA1z1xLOI3P4dgszmhqBH9tmeUo7EewKDdC
gI159I6DT9S8r56+XrU/G6V+LIzYTuCF8V6pTcUYHmLLnyuW06oiKOK8kJZaqGrK
2GwLai0YkdT/peJhxX+6BDYyx2Jnm8QNXMdMzcAjlbeZMIHc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:35 2024 by rpki-client on console-ams.rpki-client.org