Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/GMpxEz5AGs8flTeFS9qWpP-231g.roa
File:                     GMpxEz5AGs8flTeFS9qWpP-231g.roa (raw, json)
Hash identifier:          YAZzCeBBxg7m9vn0oTe4zPEXP9h1CiB9DIyb8Vwnu28=
Subject key identifier:   18:CA:71:13:3E:40:1A:CF:1F:95:37:85:4B:DA:96:A4:FF:B6:DF:58
Certificate issuer:       /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial:       01E6F989
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/GMpxEz5AGs8flTeFS9qWpP-231g.roa
Signing time:             Sat 01 Jan 2022 03:53:41 +0000
ROA not before:           Sat 01 Jan 2022 03:53:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8613
IP address blocks:        185.8.204.0/22 maxlen: 24
                          212.102.192.0/19 maxlen: 24
                          195.200.128.0/19 maxlen: 24
                          2a00:b300::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31914377 (0x1e6f989)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
        Validity
            Not Before: Jan  1 03:53:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18ca71133e401acf1f9537854bda96a4ffb6df58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b3:06:15:27:68:61:4f:46:dd:10:30:04:03:
                    23:d2:9e:ca:32:a8:2a:51:43:6f:64:f9:a8:2b:48:
                    a5:99:70:0f:89:26:84:d6:87:81:8b:f8:4d:97:ec:
                    eb:25:d6:ff:56:d3:b2:af:5d:59:a8:4c:5c:a3:21:
                    86:50:5d:76:23:90:18:d7:7e:99:a8:f6:6e:63:66:
                    bc:9e:27:28:be:a9:98:30:2d:6e:06:58:63:75:31:
                    6b:10:d0:2b:27:b4:fd:98:d8:64:ba:d7:8b:10:77:
                    84:75:f4:63:de:de:6c:7c:ea:a9:24:82:67:0b:14:
                    aa:4c:c8:68:6a:3c:e4:5c:9d:f2:6b:3f:74:b9:f7:
                    f9:da:1d:a5:19:de:b0:54:e5:ee:ca:11:f0:8a:3a:
                    0e:80:9e:0d:f3:79:ef:43:a4:c4:87:46:46:76:ec:
                    44:80:a8:dd:99:2f:bb:3f:4a:f9:38:b3:da:42:d5:
                    41:08:fe:f5:af:41:10:f0:08:bc:46:6e:54:6b:0c:
                    8f:be:9b:3d:bc:e0:d9:b7:51:e1:8e:8f:3c:7a:de:
                    fc:11:18:e1:b2:f4:f0:dc:bd:6b:3d:07:03:a6:a2:
                    0f:be:19:c5:0d:5f:27:3c:98:6c:38:c2:0c:1d:a9:
                    ae:66:99:9c:ed:82:ff:2a:f7:0f:32:61:47:df:9b:
                    23:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:CA:71:13:3E:40:1A:CF:1F:95:37:85:4B:DA:96:A4:FF:B6:DF:58
            X509v3 Authority Key Identifier:
                keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/GMpxEz5AGs8flTeFS9qWpP-231g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.8.204.0/22
                  195.200.128.0/19
                  212.102.192.0/19
                IPv6:
                  2a00:b300::/32

    Signature Algorithm: sha256WithRSAEncryption
         e2:88:b1:49:bd:a6:ad:eb:95:a6:23:67:21:6b:2f:a3:da:24:
         a6:13:69:11:ee:76:e2:d5:45:88:8f:e9:17:9e:a0:72:1e:10:
         3f:47:c6:44:63:de:c6:53:dc:1b:f5:ee:57:d4:0d:69:57:ac:
         53:35:66:c9:28:25:3f:55:30:e0:22:8a:8f:2b:71:da:f8:19:
         20:e4:61:d2:77:80:73:d3:c7:68:dd:05:dd:56:12:6b:b8:ec:
         6b:4a:ca:3c:4f:68:75:12:63:ea:c0:2b:43:bd:90:d6:e9:f5:
         c9:d3:8e:dc:33:df:54:8a:c7:60:06:e6:65:dc:48:43:d6:6e:
         74:eb:ba:95:f5:f4:b5:a9:9f:d9:98:bc:5c:81:66:8f:51:4e:
         3e:d3:81:42:79:53:2c:c1:fe:ae:d4:67:1e:6b:c7:60:e5:db:
         23:d5:b2:1f:2c:48:76:62:d1:d4:66:31:8b:17:fb:cb:ba:c6:
         50:b4:1a:93:75:5b:97:e6:17:53:f1:74:39:26:85:96:26:87:
         ae:7b:9b:2e:b0:50:fc:49:47:f2:a7:b2:c0:3e:ab:e7:f8:4c:
         66:86:80:0d:16:52:23:f7:08:77:10:f4:cd:50:92:55:ef:ea:
         74:1d:e7:7a:c4:d3:d9:b8:aa:49:dd:0b:58:49:84:11:a3:fe:
         cb:80:43:c2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAeb5iTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NWE1YWRmNmFmMWZjYzA1NzBhZGY4NThmZDViZmJlMjg3OTFhMTg2MB4XDTIyMDEw
MTAzNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThjYTcxMTMzZTQw
MWFjZjFmOTUzNzg1NGJkYTk2YTRmZmI2ZGY1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqzBhUnaGFPRt0QMAQDI9KeyjKoKlFDb2T5qCtIpZlwD4km
hNaHgYv4TZfs6yXW/1bTsq9dWahMXKMhhlBddiOQGNd+maj2bmNmvJ4nKL6pmDAt
bgZYY3UxaxDQKye0/ZjYZLrXixB3hHX0Y97ebHzqqSSCZwsUqkzIaGo85Fyd8ms/
dLn3+dodpRnesFTl7soR8Io6DoCeDfN570OkxIdGRnbsRICo3Zkvuz9K+Tiz2kLV
QQj+9a9BEPAIvEZuVGsMj76bPbzg2bdR4Y6PPHre/BEY4bL08Ny9az0HA6aiD74Z
xQ1fJzyYbDjCDB2prmaZnO2C/yr3DzJhR9+bI0kCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQYynETPkAazx+VN4VL2pak/7bfWDAfBgNVHSMEGDAWgBSVpa32rx/MBXCt
+Fj9W/vih5GhhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xhV3Q5cThmekFWd3JmaFlfVnY3NG9lUm9ZWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZDNmMWJhLWQ5ZTUtNDVjNS1iY2EyLTE2MTlkMDhjNjk2NS8x
L0dNcHhFejVBR3M4ZmxUZUZTOXFXcFAtMjMxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZDNmMWJhLWQ5ZTUtNDVjNS1iY2EyLTE2MTlkMDhjNjk2NS8xL2xhV3Q5cThmekFW
d3JmaFlfVnY3NG9lUm9ZWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArkIzAMEBcPIgAMEBdRmwDANBAIA
AjAHAwUAKgCzADANBgkqhkiG9w0BAQsFAAOCAQEA4oixSb2mreuVpiNnIWsvo9ok
phNpEe524tVFiI/pF56gch4QP0fGRGPexlPcG/XuV9QNaVesUzVmySglP1Uw4CKK
jytx2vgZIORh0neAc9PHaN0F3VYSa7jsa0rKPE9odRJj6sArQ72Q1un1ydOO3DPf
VIrHYAbmZdxIQ9ZudOu6lfX0tamf2Zi8XIFmj1FOPtOBQnlTLMH+rtRnHmvHYOXb
I9WyHyxIdmLR1GYxixf7y7rGULQak3Vbl+YXU/F0OSaFliaHrnubLrBQ/ElH8qey
wD6r5/hMZoaADRZSI/cIdxD0zVCSVe/qdB3nesTT2biqSd0LWEmEEaP+y4BDwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:34 2024 by rpki-client on console-ams.rpki-client.org