Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/04b923-66f1-4ecd-9c80-1d024eb358a5/1/gnW1nby_rD4lo5Q1FBsOD4G3ab4.roa
File:                     gnW1nby_rD4lo5Q1FBsOD4G3ab4.roa (raw, json)
Hash identifier:          dwDmfhx7Ga011i8l4Pntg3X5ZPK0N7eM9BwlKm2PLWI=
Subject key identifier:   82:75:B5:9D:BC:BF:AC:3E:25:A3:94:35:14:1B:0E:0F:81:B7:69:BE
Certificate issuer:       /CN=b71db0625b4ae88ac6a584b369ccff70d98436ad
Certificate serial:       01066F40
Authority key identifier: B7:1D:B0:62:5B:4A:E8:8A:C6:A5:84:B3:69:CC:FF:70:D9:84:36:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tx2wYltK6IrGpYSzacz_cNmENq0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/04b923-66f1-4ecd-9c80-1d024eb358a5/1/gnW1nby_rD4lo5Q1FBsOD4G3ab4.roa
Signing time:             Sat 01 Jan 2022 00:57:31 +0000
ROA not before:           Sat 01 Jan 2022 00:57:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        178.212.79.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17198912 (0x1066f40)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b71db0625b4ae88ac6a584b369ccff70d98436ad
        Validity
            Not Before: Jan  1 00:57:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8275b59dbcbfac3e25a39435141b0e0f81b769be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e0:d0:fe:d2:a0:9b:81:ac:1c:5d:57:c0:fc:
                    68:e1:56:d0:0f:1e:81:3d:3d:42:ab:5e:5d:a0:ad:
                    53:8c:ce:c0:53:5b:ac:a9:35:1a:85:8e:2c:e9:d7:
                    e4:5d:74:60:86:8d:ba:b2:13:77:6e:e5:53:19:d5:
                    c3:bb:4f:e7:00:fe:8e:cc:2d:1c:f1:4e:2d:69:86:
                    6a:7c:7a:60:6f:26:70:bb:90:a3:0b:df:0d:5f:04:
                    04:f1:c4:44:79:6f:ee:98:9d:80:db:8e:5d:7d:d3:
                    37:76:e1:d2:6c:64:b5:2e:c6:17:4c:9d:c9:f8:91:
                    04:1c:75:bf:8f:8b:e7:31:db:0a:ee:13:12:c2:ab:
                    e5:28:fd:46:63:5f:a3:66:ec:69:fa:bc:af:07:f8:
                    87:c8:12:c4:cb:9c:6d:16:93:9a:71:35:4b:85:73:
                    27:b3:b4:00:fe:a2:49:2b:d8:0c:88:cf:dc:8c:fc:
                    d1:45:51:f2:13:20:c7:5c:23:55:0e:5d:74:49:cf:
                    3f:f8:31:b5:87:e1:60:94:7a:be:5b:b7:8f:69:a0:
                    1d:e2:e8:b5:7f:4f:4b:72:d2:ad:6a:49:99:e2:0e:
                    36:1a:f9:1b:c6:94:df:cd:31:c7:da:32:b7:6f:2b:
                    10:46:be:27:8b:9d:9a:8d:3a:bc:aa:8b:bc:8b:59:
                    87:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:75:B5:9D:BC:BF:AC:3E:25:A3:94:35:14:1B:0E:0F:81:B7:69:BE
            X509v3 Authority Key Identifier:
                keyid:B7:1D:B0:62:5B:4A:E8:8A:C6:A5:84:B3:69:CC:FF:70:D9:84:36:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tx2wYltK6IrGpYSzacz_cNmENq0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/04b923-66f1-4ecd-9c80-1d024eb358a5/1/gnW1nby_rD4lo5Q1FBsOD4G3ab4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/04b923-66f1-4ecd-9c80-1d024eb358a5/1/tx2wYltK6IrGpYSzacz_cNmENq0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.212.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:90:cb:3c:e8:1a:42:24:3e:90:3b:9c:8f:5f:3f:0f:c1:65:
         4d:19:53:94:5f:67:99:5f:c7:85:b4:f1:99:cb:8a:4f:2f:1b:
         5d:31:0b:36:5d:b1:e3:95:83:43:ea:56:f1:76:ca:ad:16:e4:
         96:6a:33:60:1f:b1:f8:0f:3b:d6:71:d5:c6:02:4f:56:79:5e:
         64:72:4b:86:af:7f:3d:3f:7c:0f:bd:bc:12:69:4a:52:60:e8:
         d9:0b:87:86:03:b4:5f:34:2e:c9:1e:08:a1:5d:cc:d9:84:df:
         94:dc:1e:4f:5b:ed:3a:d7:16:8c:18:1e:d1:af:d0:68:b0:ef:
         97:70:77:e3:86:83:5c:51:01:6d:44:23:3d:85:78:c1:46:77:
         f8:6c:88:6c:9c:17:a7:69:81:c1:7a:84:bb:84:d6:6d:3e:ec:
         89:00:63:4c:d5:a1:b9:c8:5f:96:03:c7:1d:ed:77:ca:53:4b:
         80:02:60:0b:98:ae:b4:5a:0e:03:fa:4a:05:48:0c:0b:09:74:
         31:ae:24:e3:fe:34:80:5d:07:c1:44:91:d0:45:25:73:d0:21:
         fd:1c:d4:94:81:1b:5e:f4:e7:f6:b1:91:d8:54:5b:90:99:db:
         44:d7:0d:08:b6:d9:1e:0c:b3:6b:8c:6e:ef:44:27:74:8d:f0:
         c9:75:04:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQZvQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzFkYjA2MjViNGFlODhhYzZhNTg0YjM2OWNjZmY3MGQ5ODQzNmFkMB4XDTIyMDEw
MTAwNTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI3NWI1OWRiY2Jm
YWMzZTI1YTM5NDM1MTQxYjBlMGY4MWI3NjliZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbg0P7SoJuBrBxdV8D8aOFW0A8egT09QqteXaCtU4zOwFNb
rKk1GoWOLOnX5F10YIaNurITd27lUxnVw7tP5wD+jswtHPFOLWmGanx6YG8mcLuQ
owvfDV8EBPHERHlv7pidgNuOXX3TN3bh0mxktS7GF0ydyfiRBBx1v4+L5zHbCu4T
EsKr5Sj9RmNfo2bsafq8rwf4h8gSxMucbRaTmnE1S4VzJ7O0AP6iSSvYDIjP3Iz8
0UVR8hMgx1wjVQ5ddEnPP/gxtYfhYJR6vlu3j2mgHeLotX9PS3LSrWpJmeIONhr5
G8aU380xx9oyt28rEEa+J4udmo06vKqLvItZh4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCdbWdvL+sPiWjlDUUGw4PgbdpvjAfBgNVHSMEGDAWgBS3HbBiW0roisal
hLNpzP9w2YQ2rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R4MndZbHRLNklyR3BZU3phY3pfY05tRU5xMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvMDRiOTIzLTY2ZjEtNGVjZC05YzgwLTFkMDI0ZWIzNThhNS8x
L2duVzFuYnlfckQ0bG81UTFGQnNPRDRHM2FiNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
MDRiOTIzLTY2ZjEtNGVjZC05YzgwLTFkMDI0ZWIzNThhNS8xL3R4MndZbHRLNkly
R3BZU3phY3pfY05tRU5xMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLUTzANBgkqhkiG9w0BAQsFAAOC
AQEAEpDLPOgaQiQ+kDucj18/D8FlTRlTlF9nmV/HhbTxmcuKTy8bXTELNl2x45WD
Q+pW8XbKrRbklmozYB+x+A871nHVxgJPVnleZHJLhq9/PT98D728EmlKUmDo2QuH
hgO0XzQuyR4IoV3M2YTflNweT1vtOtcWjBge0a/QaLDvl3B344aDXFEBbUQjPYV4
wUZ3+GyIbJwXp2mBwXqEu4TWbT7siQBjTNWhuchflgPHHe13ylNLgAJgC5iutFoO
A/pKBUgMCwl0Ma4k4/40gF0HwUSR0EUlc9Ah/RzUlIEbXvTn9rGR2FRbkJnbRNcN
CLbZHgyza4xu70QndI3wyXUE2w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:08 2023 by rpki-client on console-fra.rpki-client.org