Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/gTAqtpc5pPZpjzoRnN8ke7aNwYk.roa
File:                     gTAqtpc5pPZpjzoRnN8ke7aNwYk.roa (raw, json)
Hash identifier:          XRpQUdCH2hARWIdmKAxpXAUEAPWeLfeoJqMw3aCEysE=
Subject key identifier:   81:30:2A:B6:97:39:A4:F6:69:8F:3A:11:9C:DF:24:7B:B6:8D:C1:89
Certificate issuer:       /CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
Certificate serial:       0124A04B
Authority key identifier: A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/gTAqtpc5pPZpjzoRnN8ke7aNwYk.roa
Signing time:             Sat 01 Jan 2022 12:59:37 +0000
ROA not before:           Sat 01 Jan 2022 12:59:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31564
IP address blocks:        195.178.112.0/23 maxlen: 23
                          193.17.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19177547 (0x124a04b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a071571c8e10b419d7a3bf36e1085ffd5cd78a98
        Validity
            Not Before: Jan  1 12:59:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81302ab69739a4f6698f3a119cdf247bb68dc189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:0f:27:eb:f9:39:67:92:85:d0:f5:8f:8c:0f:
                    15:e7:0b:06:7b:30:a7:ce:15:6f:6e:92:82:e9:94:
                    a7:28:be:d7:9a:0d:8f:03:f6:a6:52:06:0e:29:a4:
                    f1:35:1a:63:26:96:df:e7:49:13:94:42:26:4f:6c:
                    7c:ad:70:e3:65:92:07:fa:d3:e0:d5:a7:5e:89:1f:
                    1a:33:3f:4d:fa:17:5d:ff:99:63:6a:a0:50:97:dd:
                    b3:3d:d6:9d:ab:f7:0b:07:58:d9:39:03:2b:67:46:
                    32:77:6c:a5:08:57:7b:22:ba:ed:ba:b5:c0:c1:ec:
                    46:c1:55:6c:73:08:59:4e:13:83:48:15:35:ef:51:
                    fc:76:29:3d:7d:24:d6:59:aa:24:bc:bb:bb:a5:57:
                    99:4f:1d:57:22:de:ae:e6:ff:4d:ec:85:bb:94:f1:
                    c5:1b:6c:c0:69:2d:af:a2:65:71:b7:c9:89:9e:11:
                    d0:91:a1:bb:05:b6:43:20:bb:77:12:8e:3f:fc:55:
                    c5:ff:c6:f2:00:34:c7:df:01:d7:20:0a:a6:d5:d3:
                    49:2a:c7:18:a9:d3:0a:9f:c1:4e:03:2c:db:3d:56:
                    9a:e9:b5:55:d3:06:3c:44:37:ff:26:55:fc:90:9b:
                    d4:c5:bf:7a:c3:46:c8:aa:dd:2e:90:9e:aa:c7:ed:
                    4d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:30:2A:B6:97:39:A4:F6:69:8F:3A:11:9C:DF:24:7B:B6:8D:C1:89
            X509v3 Authority Key Identifier:
                keyid:A0:71:57:1C:8E:10:B4:19:D7:A3:BF:36:E1:08:5F:FD:5C:D7:8A:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHFXHI4QtBnXo7824Qhf_VzXipg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/gTAqtpc5pPZpjzoRnN8ke7aNwYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c2829f-b3ed-44d3-a5cf-0c1f69b7aee7/1/oHFXHI4QtBnXo7824Qhf_VzXipg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.73.0/24
                  195.178.112.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:66:8a:39:ef:0a:f0:e8:3a:7b:5a:ba:5e:87:9d:4a:02:fd:
         8d:d9:af:0b:65:3f:43:b3:6f:4c:fd:39:83:a7:b2:e7:d6:b8:
         1d:ee:50:b8:c1:5d:39:3c:12:b2:f7:c2:1d:86:15:eb:d1:d1:
         18:a8:f0:a2:17:6a:b2:77:85:9d:e2:c4:69:28:a9:df:c3:66:
         59:db:9d:fb:4c:c7:d5:73:2a:9d:59:01:f3:c8:7d:13:5e:f1:
         0f:17:8f:90:da:d8:d9:1e:b6:11:85:5e:04:1c:b4:5a:c3:bc:
         f7:89:94:bd:d2:b7:07:a8:ba:89:e3:a1:1e:cf:a2:6a:96:72:
         d1:af:f7:c2:c1:36:8b:05:a9:92:bf:b1:b6:19:92:8d:3f:a5:
         8d:66:8f:28:d0:da:35:45:81:7f:b8:08:f8:74:1c:11:69:be:
         44:c7:9c:9e:a7:6f:2b:cf:dc:b9:c9:f8:47:8b:d1:e7:98:3b:
         5c:67:7f:63:5a:ce:2c:81:c0:be:c5:89:d7:de:e0:74:82:fa:
         8c:ef:00:4d:f4:09:99:67:2c:5b:72:a5:61:2e:16:85:5f:c7:
         c4:11:fb:27:df:3c:5f:56:f0:05:4e:d6:49:e2:c1:f0:82:05:
         f1:89:f1:ea:b9:05:20:59:55:3d:cf:80:f0:e6:a5:d1:32:99:
         df:cc:18:d2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEASSgSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDcxNTcxYzhlMTBiNDE5ZDdhM2JmMzZlMTA4NWZmZDVjZDc4YTk4MB4XDTIyMDEw
MTEyNTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODEzMDJhYjY5NzM5
YTRmNjY5OGYzYTExOWNkZjI0N2JiNjhkYzE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoPJ+v5OWeShdD1j4wPFecLBnswp84Vb26SgumUpyi+15oN
jwP2plIGDimk8TUaYyaW3+dJE5RCJk9sfK1w42WSB/rT4NWnXokfGjM/TfoXXf+Z
Y2qgUJfdsz3Wnav3CwdY2TkDK2dGMndspQhXeyK67bq1wMHsRsFVbHMIWU4Tg0gV
Ne9R/HYpPX0k1lmqJLy7u6VXmU8dVyLerub/TeyFu5TxxRtswGktr6JlcbfJiZ4R
0JGhuwW2QyC7dxKOP/xVxf/G8gA0x98B1yAKptXTSSrHGKnTCp/BTgMs2z1Wmum1
VdMGPEQ3/yZV/JCb1MW/esNGyKrdLpCeqsftTS0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSBMCq2lzmk9mmPOhGc3yR7to3BiTAfBgNVHSMEGDAWgBSgcVccjhC0Gdej
vzbhCF/9XNeKmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29IRlhISTRRdEJuWG83ODI0UWhmX1Z6WGlwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvYzI4MjlmLWIzZWQtNDRkMy1hNWNmLTBjMWY2OWI3YWVlNy8x
L2dUQXF0cGM1cFBacGp6b1JuTjhrZTdhTndZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
YzI4MjlmLWIzZWQtNDRkMy1hNWNmLTBjMWY2OWI3YWVlNy8xL29IRlhISTRRdEJu
WG83ODI0UWhmX1Z6WGlwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMERSQMEAcOycDANBgkqhkiG9w0B
AQsFAAOCAQEABWaKOe8K8Og6e1q6XoedSgL9jdmvC2U/Q7NvTP05g6ey59a4He5Q
uMFdOTwSsvfCHYYV69HRGKjwohdqsneFneLEaSip38NmWdud+0zH1XMqnVkB88h9
E17xDxePkNrY2R62EYVeBBy0WsO894mUvdK3B6i6ieOhHs+iapZy0a/3wsE2iwWp
kr+xthmSjT+ljWaPKNDaNUWBf7gI+HQcEWm+RMecnqdvK8/cucn4R4vR55g7XGd/
Y1rOLIHAvsWJ197gdIL6jO8ATfQJmWcsW3KlYS4WhV/HxBH7J988X1bwBU7WSeLB
8IIF8Ynx6rkFIFlVPc+A8Oal0TKZ38wY0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:15 2024 by rpki-client on console-ams.rpki-client.org