Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/GPYddU2NQjEQdCIUx_9610nsayM.roa
File:                     GPYddU2NQjEQdCIUx_9610nsayM.roa (raw, json)
Hash identifier:          m25W3lNAQfHSdA5yNpwK9Yxf/QMcIW+w2rQY7u/4yqs=
Subject key identifier:   18:F6:1D:75:4D:8D:42:31:10:74:22:14:C7:FF:7A:D7:49:EC:6B:23
Certificate issuer:       /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial:       01855DAE4B0B590ABB0BEBE74171FA57FEAB
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/GPYddU2NQjEQdCIUx_9610nsayM.roa
Signing time:             Thu 29 Dec 2022 11:39:41 +0000
ROA not before:           Thu 29 Dec 2022 11:39:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35624
IP address blocks:        185.46.84.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:5d:ae:4b:0b:59:0a:bb:0b:eb:e7:41:71:fa:57:fe:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
        Validity
            Not Before: Dec 29 11:39:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18f61d754d8d423110742214c7ff7ad749ec6b23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:e8:8e:a7:73:a2:bd:d7:f2:9f:a8:32:f8:4d:
                    4e:1c:c9:df:9c:d7:89:bd:c8:62:92:d2:3c:7c:ff:
                    92:3d:94:4d:b8:26:85:72:e5:8d:71:13:98:70:25:
                    a5:a3:ce:3c:96:42:46:c3:f2:0d:00:2c:d0:83:7a:
                    85:8a:a1:6c:da:53:5f:85:f0:be:ec:72:99:04:c9:
                    27:1c:88:21:db:4c:d9:a3:eb:35:5e:16:f2:d4:3f:
                    7a:65:4e:34:c2:44:d3:97:76:ff:a0:02:6c:b2:5c:
                    56:e9:69:44:e9:72:8a:d4:cb:1a:18:d5:b9:e6:43:
                    4f:dc:32:2d:65:28:6f:9d:73:75:10:34:98:a5:ab:
                    ea:82:ba:75:07:28:20:18:04:bb:d2:57:91:30:de:
                    e0:35:46:e3:73:c1:7a:e6:94:4d:b4:c5:4d:ba:2a:
                    2d:df:dd:d2:47:f7:99:81:9b:e3:0f:e9:39:2e:d7:
                    62:eb:15:34:ad:dc:a2:d5:20:f1:47:6e:85:5e:3a:
                    be:4c:90:96:2f:66:0a:b4:25:b6:ed:cc:7a:ea:c8:
                    00:4f:9b:38:02:b1:cd:57:6b:db:bc:1c:ac:85:83:
                    28:cc:62:3c:d7:82:82:4b:74:48:9a:b3:7a:39:c4:
                    34:20:4f:20:f4:4d:88:67:57:06:3a:f6:db:b0:01:
                    84:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F6:1D:75:4D:8D:42:31:10:74:22:14:C7:FF:7A:D7:49:EC:6B:23
            X509v3 Authority Key Identifier:
                keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/GPYddU2NQjEQdCIUx_9610nsayM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:4a:a3:51:f8:74:33:dc:d1:07:c2:aa:5b:c5:12:94:05:5e:
         ee:ca:d6:fe:ce:bb:82:31:16:f8:58:e0:60:dc:50:65:b2:60:
         97:8a:b3:b6:de:54:f9:67:58:f1:57:7d:1b:3c:e2:56:f5:42:
         1e:75:d9:04:cf:02:50:e0:28:d9:b9:5b:1e:f5:d9:6b:53:d2:
         d5:4c:2a:d0:12:e2:b6:eb:a4:f0:7a:d7:2f:b9:19:15:1a:a9:
         53:a0:1f:59:47:f7:51:f1:c7:b1:73:ca:5d:3e:a7:de:3f:6b:
         aa:07:16:4a:eb:b3:cf:6a:17:52:bf:99:38:f6:85:8d:08:90:
         4a:97:89:e1:9c:85:88:59:dd:fd:f7:c1:e6:c4:4c:d0:92:ca:
         db:7d:87:9c:0d:3f:a9:3d:79:9b:39:79:a9:9e:18:fb:0a:43:
         ee:ff:af:c6:9b:81:1c:ef:3a:84:31:c1:d9:cc:94:d6:b7:a0:
         a4:d7:97:53:c8:2a:01:46:ba:69:52:13:57:35:e0:88:88:cb:
         94:97:0f:31:26:b0:f7:50:c3:d7:bd:df:91:be:16:9e:be:b3:
         7f:03:c5:24:20:83:20:28:d1:cf:d7:30:d6:bb:ec:6e:f3:2b:
         83:89:30:ff:aa:3f:bc:7d:63:d6:c5:fa:4e:41:03:0f:95:50:
         0e:c7:36:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVdrksLWQq7C+vnQXH6V/6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjIxMjI5MTEzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY2MWQ3NTRkOGQ0MjMxMTA3NDIyMTRjN2ZmN2FkNzQ5ZWM2YjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+iOp3Oivdfyn6gy+E1OHMnfnNeJ
vchiktI8fP+SPZRNuCaFcuWNcROYcCWlo848lkJGw/INACzQg3qFiqFs2lNfhfC+
7HKZBMknHIgh20zZo+s1Xhby1D96ZU40wkTTl3b/oAJsslxW6WlE6XKK1MsaGNW5
5kNP3DItZShvnXN1EDSYpavqgrp1ByggGAS70leRMN7gNUbjc8F65pRNtMVNuiot
393SR/eZgZvjD+k5Ltdi6xU0rdyi1SDxR26FXjq+TJCWL2YKtCW27cx66sgAT5s4
ArHNV2vbvByshYMozGI814KCS3RImrN6OcQ0IE8g9E2IZ1cGOvbbsAGEvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBj2HXVNjUIxEHQiFMf/etdJ7GsjMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvR1BZZGRVMk5RakVRZENJVXhfOTYxMG5zYXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS5UMA0G
CSqGSIb3DQEBCwUAA4IBAQCRSqNR+HQz3NEHwqpbxRKUBV7uytb+zruCMRb4WOBg
3FBlsmCXirO23lT5Z1jxV30bPOJW9UIeddkEzwJQ4CjZuVse9dlrU9LVTCrQEuK2
66TwetcvuRkVGqlToB9ZR/dR8cexc8pdPqfeP2uqBxZK67PPahdSv5k49oWNCJBK
l4nhnIWIWd3998HmxEzQksrbfYecDT+pPXmbOXmpnhj7CkPu/6/Gm4Ec7zqEMcHZ
zJTWt6Ck15dTyCoBRrppUhNXNeCIiMuUlw8xJrD3UMPXvd+RvhaevrN/A8UkIIMg
KNHP1zDWu+xu8yuDiTD/qj+8fWPWxfpOQQMPlVAOxzZO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:30 2024 by rpki-client on console-fra.rpki-client.org