Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/gDM1YYMBbucGgBOtAbOZCfj-9DE.roa
File:                     gDM1YYMBbucGgBOtAbOZCfj-9DE.roa (raw, json)
Hash identifier:          Ct6We3h3f5x0Wh6jiquAiErsGXgd2a0xr12GEX3gL9s=
Subject key identifier:   80:33:35:61:83:01:6E:E7:06:80:13:AD:01:B3:99:09:F8:FE:F4:31
Certificate issuer:       /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial:       A395CC
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/gDM1YYMBbucGgBOtAbOZCfj-9DE.roa
Signing time:             Fri 06 May 2022 01:14:14 +0000
ROA not before:           Fri 06 May 2022 01:14:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35280
IP address blocks:        159.60.128.0/18 maxlen: 24
                          159.60.32.0/19 maxlen: 24
                          159.60.64.0/19 maxlen: 24
                          159.60.96.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10720716 (0xa395cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
        Validity
            Not Before: May  6 01:14:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8033356183016ee7068013ad01b39909f8fef431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3a:0b:0f:33:26:0f:06:75:5f:e1:c5:b4:04:
                    0c:45:6a:3d:8e:68:3c:ad:24:6d:91:63:47:95:7f:
                    87:58:27:15:ec:6f:84:f5:73:e6:b7:66:bc:42:5d:
                    e1:6d:c9:e1:3b:4f:2c:bc:48:90:82:f5:bb:49:9b:
                    1e:8f:c2:30:68:65:7d:93:69:5d:b3:da:e6:a0:bb:
                    e8:9d:c9:b7:dc:62:d0:7b:70:31:9e:2b:d3:4f:f8:
                    35:d3:16:fb:1d:9c:00:56:92:7a:3a:28:fa:ad:a8:
                    26:9b:e2:44:99:e4:be:ea:98:2b:08:df:b0:db:8e:
                    27:af:d0:90:5e:05:cb:d9:09:ce:39:29:33:93:e2:
                    6c:f4:ec:09:d4:f1:4b:72:c0:f7:dc:02:00:e7:93:
                    88:a2:79:3d:a2:95:71:bd:67:6b:0a:ca:eb:5a:c3:
                    87:ab:ac:b0:7e:46:e8:0b:56:20:e9:55:bc:e1:35:
                    71:c4:78:63:2c:6e:a6:c1:d7:e7:bd:b3:65:a6:5e:
                    11:52:54:ab:1a:c3:83:83:98:b5:d1:d8:84:42:3c:
                    cb:1f:db:83:07:50:d3:ca:d8:bd:6e:64:18:88:6f:
                    8b:86:51:3b:b5:6e:b6:81:ca:93:17:14:32:10:ba:
                    37:08:ba:9e:16:ad:0c:2f:d7:ff:cb:b4:b0:3c:60:
                    91:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:33:35:61:83:01:6E:E7:06:80:13:AD:01:B3:99:09:F8:FE:F4:31
            X509v3 Authority Key Identifier:
                keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/gDM1YYMBbucGgBOtAbOZCfj-9DE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.60.32.0-159.60.191.255

    Signature Algorithm: sha256WithRSAEncryption
         78:24:13:39:c9:0a:61:b1:eb:c6:bc:bd:48:c0:a5:26:91:5b:
         ef:e2:04:f7:cd:c0:16:99:9a:7d:f5:59:21:64:59:71:fe:43:
         2c:10:c9:c7:73:51:97:5d:b6:70:c3:df:8c:c5:dc:05:d6:e4:
         37:51:c4:bf:8a:db:fb:d4:53:86:2e:dc:9a:3f:fa:99:ca:3c:
         80:b8:f0:36:e0:dd:58:50:98:9f:dd:40:83:17:2c:1c:0b:19:
         96:0e:ab:96:bf:21:4b:35:23:70:5b:7d:70:06:c0:90:a8:4a:
         e6:98:e8:9a:0a:f3:19:47:13:cb:c2:80:eb:dd:48:e1:69:aa:
         70:26:f8:9c:8a:0e:6d:b4:e0:d9:16:ae:19:e6:7f:6c:e2:f4:
         fd:b6:eb:9f:59:fe:8e:61:b0:1e:b1:f4:66:d9:e3:b5:86:42:
         69:76:c0:e6:cf:86:35:39:67:8a:53:f4:7f:9c:14:1e:66:dd:
         3c:ba:01:a6:69:f1:95:3e:79:ee:49:f0:b9:6c:26:93:de:db:
         be:4d:f1:65:a5:c8:fe:f5:17:07:32:71:e3:f2:42:b8:b8:10:
         dd:48:0f:fc:1d:38:cd:72:8a:de:1f:c6:93:f7:a9:ff:0f:00:
         42:71:8c:17:ed:97:87:09:4a:ca:57:28:65:e2:3e:ab:77:58:
         56:a7:72:e7
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAKOVzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWIzZTFjYWI4Y2JmNWIzYzZlMGZiYmUxNDkxZjQ4ZGE2MGNhZTZjMB4XDTIyMDUw
NjAxMTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAzMzM1NjE4MzAx
NmVlNzA2ODAxM2FkMDFiMzk5MDlmOGZlZjQzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo6Cw8zJg8GdV/hxbQEDEVqPY5oPK0kbZFjR5V/h1gnFexv
hPVz5rdmvEJd4W3J4TtPLLxIkIL1u0mbHo/CMGhlfZNpXbPa5qC76J3Jt9xi0Htw
MZ4r00/4NdMW+x2cAFaSejoo+q2oJpviRJnkvuqYKwjfsNuOJ6/QkF4Fy9kJzjkp
M5PibPTsCdTxS3LA99wCAOeTiKJ5PaKVcb1nawrK61rDh6ussH5G6AtWIOlVvOE1
ccR4YyxupsHX572zZaZeEVJUqxrDg4OYtdHYhEI8yx/bgwdQ08rYvW5kGIhvi4ZR
O7VutoHKkxcUMhC6Nwi6nhatDC/X/8u0sDxgkekCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSAMzVhgwFu5waAE60Bs5kJ+P70MTAfBgNVHSMEGDAWgBRhs+HKuMv1s8bg
+74UkfSNpgyubDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1liUGh5cmpMOWJQRzRQdS1GSkgwamFZTXJtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvOWRlZjg2LWIxYWMtNDBlNi04M2JkLTk0N2NjNTRlYmUwMi8x
L2dETTFZWU1CYnVjR2dCT3RBYk9aQ2ZqLTlERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
OWRlZjg2LWIxYWMtNDBlNi04M2JkLTk0N2NjNTRlYmUwMi8xL1liUGh5cmpMOWJQ
RzRQdS1GSkgwamFZTXJtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQFnzwgAwQGnzyAMA0GCSqGSIb3
DQEBCwUAA4IBAQB4JBM5yQphsevGvL1IwKUmkVvv4gT3zcAWmZp99VkhZFlx/kMs
EMnHc1GXXbZww9+MxdwF1uQ3UcS/itv71FOGLtyaP/qZyjyAuPA24N1YUJif3UCD
FywcCxmWDquWvyFLNSNwW31wBsCQqErmmOiaCvMZRxPLwoDr3UjhaapwJvicig5t
tODZFq4Z5n9s4vT9tuufWf6OYbAesfRm2eO1hkJpdsDmz4Y1OWeKU/R/nBQeZt08
ugGmafGVPnnuSfC5bCaT3tu+TfFlpcj+9RcHMnHj8kK4uBDdSA/8HTjNcoreH8aT
96n/DwBCcYwX7ZeHCUrKVyhl4j6rd1hWp3Ln
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:15 2024 by rpki-client on console-ams.rpki-client.org