Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gka_2XzSexKHohyAjr2hVNFY-Cg.roa
File:                     gka_2XzSexKHohyAjr2hVNFY-Cg.roa (raw, json)
Hash identifier:          9eE8d6IfWqbI1tl348/QmYVAeZ/83ztGuzeydweGsuU=
Subject key identifier:   82:46:BF:D9:7C:D2:7B:12:87:A2:1C:80:8E:BD:A1:54:D1:58:F8:28
Certificate issuer:       /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial:       35F0607F
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gka_2XzSexKHohyAjr2hVNFY-Cg.roa
Signing time:             Sat 01 Jan 2022 03:02:14 +0000
ROA not before:           Sat 01 Jan 2022 03:02:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31477
IP address blocks:        82.150.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 904945791 (0x35f0607f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
        Validity
            Not Before: Jan  1 03:02:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8246bfd97cd27b1287a21c808ebda154d158f828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:87:1c:f6:39:27:0b:ea:8d:50:a5:46:94:41:
                    e5:1f:df:c8:3b:ab:37:74:d9:f6:bd:e5:f2:d1:54:
                    10:32:e7:b6:5e:92:e6:39:46:d5:44:9f:74:1e:08:
                    be:ff:81:fc:2b:a2:69:ba:5c:bf:de:b8:47:e3:13:
                    d8:4d:6f:45:47:12:97:d6:0c:ea:f6:1b:d9:d1:aa:
                    9c:17:12:e2:8a:04:5d:e5:b5:37:e0:82:c4:0a:d0:
                    3d:44:a0:82:dc:96:2e:fd:45:88:ec:01:3e:24:fd:
                    72:14:ca:e0:3a:3c:b3:c9:e5:bd:64:56:6d:4c:59:
                    3c:d4:d1:f9:48:d5:9f:8b:08:71:f9:e2:b7:a3:cc:
                    a1:01:3e:e2:01:c2:74:dc:c6:b6:1f:28:bd:2b:29:
                    03:ac:c6:e5:c5:25:3b:b8:6e:ef:98:b0:5f:c8:16:
                    d4:ad:f9:c4:b6:ef:a6:69:47:c8:83:a4:48:b8:22:
                    8f:61:98:5f:11:30:e0:d4:12:24:15:a5:f0:04:b2:
                    78:d1:82:c2:aa:7e:86:b4:53:6e:3b:f0:f7:11:2e:
                    48:b6:fe:d2:1c:d5:57:30:6a:3d:cc:34:f9:65:2b:
                    6e:28:0d:df:fd:66:bb:26:30:de:46:67:bc:69:a8:
                    c2:26:b4:cd:01:81:ff:e5:db:4b:e7:37:48:0f:2b:
                    75:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:46:BF:D9:7C:D2:7B:12:87:A2:1C:80:8E:BD:A1:54:D1:58:F8:28
            X509v3 Authority Key Identifier:
                keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gka_2XzSexKHohyAjr2hVNFY-Cg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.150.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:c7:4e:da:fd:cf:8d:e9:a3:a9:fe:21:c7:ed:06:49:19:c9:
         9c:45:a9:9e:b9:1a:07:31:81:e2:33:34:07:46:18:1a:62:40:
         01:3c:f3:50:19:07:a1:79:ab:a4:13:7f:db:4c:ee:f0:34:48:
         59:bc:65:14:1c:4a:b7:d7:93:c1:20:86:15:b6:64:e1:8b:3e:
         f7:31:f5:fb:0c:3d:62:35:ea:a5:d1:af:6c:a6:5f:2e:f0:64:
         ff:57:59:47:f3:6b:38:5c:a3:a6:46:5f:06:9e:93:3a:f8:d2:
         ff:39:62:7e:79:c6:7f:ec:dc:f8:30:d4:98:59:33:a9:67:f1:
         b5:b5:39:1e:75:d2:2e:06:f5:42:48:97:d9:ba:29:b7:e9:0a:
         1d:e9:fc:aa:b0:ac:46:d4:d2:68:a8:b9:26:c7:0b:ed:57:5c:
         b5:5d:e2:60:30:ff:5f:f1:c7:7b:37:5b:0a:53:f8:14:df:0e:
         70:d1:cb:00:db:84:6a:9e:73:96:83:de:8f:99:61:11:ad:74:
         52:ee:25:25:f2:65:bb:94:a6:02:4b:11:49:36:70:bd:c3:71:
         a7:39:be:00:b6:d4:c3:47:bd:4f:6a:17:96:8a:5e:79:e3:07:
         f6:f8:93:72:04:33:c1:6c:d5:e5:52:84:30:2c:03:87:50:6d:
         e9:cc:b8:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENfBgfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDEw
MTAzMDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI0NmJmZDk3Y2Qy
N2IxMjg3YTIxYzgwOGViZGExNTRkMTU4ZjgyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaHHPY5JwvqjVClRpRB5R/fyDurN3TZ9r3l8tFUEDLntl6S
5jlG1USfdB4Ivv+B/Cuiabpcv964R+MT2E1vRUcSl9YM6vYb2dGqnBcS4ooEXeW1
N+CCxArQPUSggtyWLv1FiOwBPiT9chTK4Do8s8nlvWRWbUxZPNTR+UjVn4sIcfni
t6PMoQE+4gHCdNzGth8ovSspA6zG5cUlO7hu75iwX8gW1K35xLbvpmlHyIOkSLgi
j2GYXxEw4NQSJBWl8ASyeNGCwqp+hrRTbjvw9xEuSLb+0hzVVzBqPcw0+WUrbigN
3/1muyYw3kZnvGmowia0zQGB/+XbS+c3SA8rdYsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCRr/ZfNJ7EoeiHICOvaFU0Vj4KDAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
L2drYV8yWHpTZXhLSG9oeUFqcjJoVk5GWS1DZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8xL0lCX2pEOGEwc05E
MjIwNGItNzFRR1YzS1Yxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFKWizANBgkqhkiG9w0BAQsFAAOC
AQEAKsdO2v3Pjemjqf4hx+0GSRnJnEWpnrkaBzGB4jM0B0YYGmJAATzzUBkHoXmr
pBN/20zu8DRIWbxlFBxKt9eTwSCGFbZk4Ys+9zH1+ww9YjXqpdGvbKZfLvBk/1dZ
R/NrOFyjpkZfBp6TOvjS/zlifnnGf+zc+DDUmFkzqWfxtbU5HnXSLgb1QkiX2bop
t+kKHen8qrCsRtTSaKi5JscL7VdctV3iYDD/X/HHezdbClP4FN8OcNHLANuEap5z
loPej5lhEa10Uu4lJfJlu5SmAksRSTZwvcNxpzm+ALbUw0e9T2oXlopeeeMH9viT
cgQzwWzV5VKEMCwDh1Bt6cy4Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org