Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/gChNlQfuieRB8cTOSXIVsQweCYE.roa
File:                     gChNlQfuieRB8cTOSXIVsQweCYE.roa (raw, json)
Hash identifier:          9RbSaEZrrhlYrIGIYhxv2WFci+bxANDtHN52G731s1I=
Subject key identifier:   80:28:4D:95:07:EE:89:E4:41:F1:C4:CE:49:72:15:B1:0C:1E:09:81
Certificate issuer:       /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial:       35B82FB2
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/gChNlQfuieRB8cTOSXIVsQweCYE.roa
Signing time:             Sat 01 Jan 2022 16:06:29 +0000
ROA not before:           Sat 01 Jan 2022 16:06:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204320
IP address blocks:        188.74.39.0/24 maxlen: 24
                          2a03:4b27:f000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 901263282 (0x35b82fb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
        Validity
            Not Before: Jan  1 16:06:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80284d9507ee89e441f1c4ce497215b10c1e0981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:70:49:d3:8f:bb:a8:c9:02:ad:0b:c9:1d:ce:
                    a4:2c:12:70:24:38:b9:56:7f:dc:de:52:dc:cb:76:
                    a0:1e:2c:0d:ae:0e:2b:8a:b5:d8:80:a9:f2:57:bd:
                    91:e1:2c:e7:2c:2c:35:b1:c2:0e:69:97:0e:89:2b:
                    39:6a:0e:ca:76:47:9a:eb:87:00:87:37:af:8b:e3:
                    e6:9a:a7:86:43:19:67:d8:0b:6e:3d:2d:cc:9b:c3:
                    c5:3e:77:d6:dc:8c:b0:56:f8:3b:a3:67:fb:01:7d:
                    ee:b7:79:21:ff:8d:d1:bc:c8:87:bf:1f:d2:60:f2:
                    0e:c8:8b:f6:9c:9d:de:97:9c:ef:ea:6b:0f:a5:94:
                    8a:a1:fe:58:c3:2e:fe:20:3e:14:c3:a3:89:8e:22:
                    a8:50:47:10:43:8e:9a:d5:86:f5:34:4e:f7:14:6a:
                    ff:8f:29:50:09:de:ea:63:03:52:65:f4:61:32:b2:
                    cf:58:57:22:71:34:e9:98:90:30:33:71:a3:3d:9c:
                    c5:ff:62:42:d0:c6:68:6a:d1:c4:7d:cf:5c:14:3a:
                    08:79:88:14:63:ef:46:85:67:fd:02:65:61:f8:9a:
                    c4:3f:08:72:21:5f:fc:03:1e:0a:4d:86:89:ed:61:
                    9c:20:ba:dc:41:50:a9:a7:af:19:7b:0d:ae:3e:37:
                    58:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:28:4D:95:07:EE:89:E4:41:F1:C4:CE:49:72:15:B1:0C:1E:09:81
            X509v3 Authority Key Identifier:
                keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/gChNlQfuieRB8cTOSXIVsQweCYE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.74.39.0/24
                IPv6:
                  2a03:4b27:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         10:6c:a1:cc:78:99:c1:0e:b7:f4:66:fd:9a:f8:0c:26:99:5a:
         ad:d7:48:fb:c3:12:a8:62:c2:4a:e0:23:06:d7:fd:ca:62:8d:
         c0:6c:11:44:49:05:fd:28:4c:00:7d:70:56:65:36:72:0c:a9:
         b9:77:12:c4:11:d0:8d:3e:ad:02:c8:80:c6:f9:71:30:e0:e1:
         f9:35:7a:16:03:80:de:4d:c1:f4:73:54:1e:b4:76:3c:23:2f:
         ff:bf:2c:ec:15:25:50:7a:9a:cb:6c:1b:92:65:bb:3d:13:de:
         7f:10:b5:bf:5f:d9:bb:30:40:fc:04:7b:84:01:81:48:70:80:
         b1:04:e4:34:f5:da:78:75:8d:5e:f9:0e:8c:55:41:71:94:02:
         00:aa:9f:a6:55:92:e3:8c:af:47:2e:52:76:1c:5d:27:7b:3f:
         b8:22:b9:71:06:11:d2:04:ce:80:2e:07:bd:22:c9:fe:8c:32:
         76:87:8e:7b:07:d9:29:17:c9:04:0c:b5:f4:61:4e:97:de:70:
         ea:06:77:a5:23:e4:fc:c6:38:8d:68:55:85:72:1c:ca:3d:dd:
         b5:04:db:14:64:55:74:3b:3c:3d:da:da:c0:67:17:9f:14:c5:
         9c:13:6c:16:3e:e3:43:b6:51:11:27:04:75:c8:dd:44:ce:a1:
         e4:f4:1c:20
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIENbgvsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzlmMWE2ZTg0YzAyNzdlZmNiNTZkOTQyYjBlYjVlNDU2NDcxMTI5MB4XDTIyMDEw
MTE2MDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAyODRkOTUwN2Vl
ODllNDQxZjFjNGNlNDk3MjE1YjEwYzFlMDk4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJwSdOPu6jJAq0LyR3OpCwScCQ4uVZ/3N5S3Mt2oB4sDa4O
K4q12ICp8le9keEs5ywsNbHCDmmXDokrOWoOynZHmuuHAIc3r4vj5pqnhkMZZ9gL
bj0tzJvDxT531tyMsFb4O6Nn+wF97rd5If+N0bzIh78f0mDyDsiL9pyd3pec7+pr
D6WUiqH+WMMu/iA+FMOjiY4iqFBHEEOOmtWG9TRO9xRq/48pUAne6mMDUmX0YTKy
z1hXInE06ZiQMDNxoz2cxf9iQtDGaGrRxH3PXBQ6CHmIFGPvRoVn/QJlYfiaxD8I
ciFf/AMeCk2Gie1hnCC63EFQqaevGXsNrj43WEMCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSAKE2VB+6J5EHxxM5JchWxDB4JgTAfBgNVHSMEGDAWgBTjnxpuhMAnfvy1
bZQrDrXkVkcRKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ1OGFib1RBSjM3OHRXMlVLdzYxNUZaSEVTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvMTYwYTc3LTc1NmQtNDQxYS04NmMzLTBlNTM5Mjc1N2Y4Mi8x
L2dDaE5sUWZ1aWVSQjhjVE9TWElWc1F3ZUNZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
MTYwYTc3LTc1NmQtNDQxYS04NmMzLTBlNTM5Mjc1N2Y4Mi8xLzQ1OGFib1RBSjM3
OHRXMlVLdzYxNUZaSEVTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEALxKJzAOBAIAAjAIAwYEKgNLJ/Aw
DQYJKoZIhvcNAQELBQADggEBABBsocx4mcEOt/Rm/Zr4DCaZWq3XSPvDEqhiwkrg
IwbX/cpijcBsEURJBf0oTAB9cFZlNnIMqbl3EsQR0I0+rQLIgMb5cTDg4fk1ehYD
gN5NwfRzVB60djwjL/+/LOwVJVB6mstsG5Jluz0T3n8Qtb9f2bswQPwEe4QBgUhw
gLEE5DT12nh1jV75DoxVQXGUAgCqn6ZVkuOMr0cuUnYcXSd7P7giuXEGEdIEzoAu
B70iyf6MMnaHjnsH2SkXyQQMtfRhTpfecOoGd6Uj5PzGOI1oVYVyHMo93bUE2xRk
VXQ7PD3a2sBnF58UxZwTbBY+40O2UREnBHXI3UTOoeT0HCA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org