Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/GbmVv9-u7X7fZPt3CxZphEgdg24.roa
File:                     GbmVv9-u7X7fZPt3CxZphEgdg24.roa (raw, json)
Hash identifier:          hv3Ki5AivtvnsaRBsRKjDbmpkJdpAl9nLjWEtyruOBA=
Subject key identifier:   19:B9:95:BF:DF:AE:ED:7E:DF:64:FB:77:0B:16:69:84:48:1D:83:6E
Certificate issuer:       /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial:       6E8C33
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/GbmVv9-u7X7fZPt3CxZphEgdg24.roa
Signing time:             Sat 01 Jan 2022 03:01:01 +0000
ROA not before:           Sat 01 Jan 2022 03:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397218
IP address blocks:        37.209.192.0/24 maxlen: 24
                          37.209.198.0/24 maxlen: 24
                          37.209.194.0/24 maxlen: 24
                          37.209.196.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7244851 (0x6e8c33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
        Validity
            Not Before: Jan  1 03:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19b995bfdfaeed7edf64fb770b166984481d836e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d1:ab:ab:e6:76:39:45:19:1c:9a:df:fa:6b:
                    bc:1a:57:c3:ee:9d:4d:5f:05:f4:42:72:5a:8a:35:
                    3b:0b:a5:ff:0a:c7:06:8e:5c:6c:80:90:e5:ed:b7:
                    22:ec:ed:64:a6:f1:82:25:be:8a:df:d4:0b:ee:c7:
                    bd:5a:12:3b:e0:b3:1f:ee:51:c6:6b:d0:5e:44:34:
                    28:0d:51:05:e1:55:93:e2:8f:93:16:65:e6:8a:63:
                    12:0f:a0:0b:95:1d:7c:27:29:c2:e5:81:d5:f0:15:
                    c4:de:74:a3:8e:25:cd:42:d8:90:90:12:96:d5:cf:
                    a2:2d:70:d0:da:69:3c:a9:94:e3:20:19:91:47:f7:
                    2b:c5:1e:fa:ec:f0:6c:8c:f4:9d:ca:53:69:3f:04:
                    2a:08:65:ba:93:c4:aa:95:39:d3:ae:99:d3:7e:af:
                    1d:02:ab:c4:14:2d:f7:c0:ff:19:bb:2c:bb:da:2d:
                    ab:17:ca:eb:07:1d:9b:0a:17:72:8a:4f:23:48:1d:
                    49:ea:c4:7c:12:67:7e:1a:9e:89:75:e3:78:f3:be:
                    26:65:f8:5b:f8:7b:43:16:5d:94:4f:27:19:4d:ad:
                    7e:23:a3:0b:53:e2:be:ec:1c:99:ab:71:fa:75:b9:
                    fd:11:43:6d:bf:e4:95:49:6d:dd:a0:70:02:7a:0f:
                    da:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:B9:95:BF:DF:AE:ED:7E:DF:64:FB:77:0B:16:69:84:48:1D:83:6E
            X509v3 Authority Key Identifier:
                keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/GbmVv9-u7X7fZPt3CxZphEgdg24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.209.192.0/24
                  37.209.194.0/24
                  37.209.196.0/24
                  37.209.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:59:ef:3f:4d:c9:6c:99:0c:99:50:4e:fb:5a:69:88:d9:23:
         99:63:e3:1f:9f:0f:90:ea:f6:dd:c5:80:3a:4a:7f:82:83:ef:
         b4:12:23:e6:54:6b:41:6b:ba:e3:0d:94:6f:85:f1:9e:f0:dd:
         e5:ac:e2:dd:10:cb:f6:38:79:d6:c3:9d:f0:e7:1c:11:d4:32:
         a2:55:83:24:90:c6:69:da:00:31:4b:93:b1:67:fd:9d:2b:4e:
         ac:12:b3:e0:44:b3:d0:39:1f:05:0e:82:a9:f2:de:0c:90:86:
         18:52:ae:77:f6:b6:cf:a2:32:53:18:7c:f3:e6:1c:d7:d4:c1:
         80:ee:d3:0b:d6:08:fd:14:34:fc:6f:d0:4b:50:67:73:6b:76:
         e2:54:1c:15:45:b3:49:6a:4a:c8:86:3b:26:eb:3c:09:a5:14:
         25:84:d9:22:ca:f4:af:4c:89:be:30:27:04:7e:a5:a0:1d:c7:
         42:e6:04:56:87:0f:66:07:20:02:10:08:0c:a5:43:f2:76:43:
         b6:c5:2c:90:0b:d5:e9:b3:2b:49:dc:fd:7b:ec:02:40:ae:30:
         69:b0:ee:13:eb:f8:9f:1d:9b:f9:d7:44:14:8e:e7:17:5b:02:
         18:9e:74:1f:94:30:5b:d8:c7:ac:88:a1:c6:89:b0:6d:a3:5f:
         37:cc:cc:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDbowzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxOWI5OTViZmRmYWVl
ZDdlZGY2NGZiNzcwYjE2Njk4NDQ4MWQ4MzZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAttGrq+Z2OUUZHJrf+mu8GlfD7p1NXwX0QnJaijU7C6X/CscG
jlxsgJDl7bci7O1kpvGCJb6K39QL7se9WhI74LMf7lHGa9BeRDQoDVEF4VWT4o+T
FmXmimMSD6ALlR18JynC5YHV8BXE3nSjjiXNQtiQkBKW1c+iLXDQ2mk8qZTjIBmR
R/crxR767PBsjPSdylNpPwQqCGW6k8SqlTnTrpnTfq8dAqvEFC33wP8Zuyy72i2r
F8rrBx2bChdyik8jSB1J6sR8Emd+Gp6JdeN4874mZfhb+HtDFl2UTycZTa1+I6ML
U+K+7ByZq3H6dbn9EUNtv+SVSW3doHACeg/aowIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFBm5lb/fru1+32T7dwsWaYRIHYNuMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
R2JtVnY5LXU3WDdmWlB0M0N4WnBoRWdkZzI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBZWe8/TclsmQyZUE77WmmI2SOZY+Mfnw+Q6vbd
xYA6Sn+Cg++0EiPmVGtBa7rjDZRvhfGe8N3lrOLdEMv2OHnWw53w5xwR1DKiVYMk
kMZp2gAxS5OxZ/2dK06sErPgRLPQOR8FDoKp8t4MkIYYUq539rbPojJTGHzz5hzX
1MGA7tML1gj9FDT8b9BLUGdza3biVBwVRbNJakrIhjsm6zwJpRQlhNkiyvSvTIm+
MCcEfqWgHcdC5gRWhw9mByACEAgMpUPydkO2xSyQC9XpsytJ3P177AJArjBpsO4T
6/ifHZv510QUjucXWwIYnnQflDBb2MesiKHGibBto183zMzM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:37 2024 by rpki-client on console-ams.rpki-client.org