Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/geC-C61OmPQ71GNC4-WAfjtGgCw.roa
File:                     geC-C61OmPQ71GNC4-WAfjtGgCw.roa (raw, json)
Hash identifier:          1k1otzFJ3c6GwgGI2TSlub8MWQiJa6CtuQPshLqyfFQ=
Subject key identifier:   81:E0:BE:0B:AD:4E:98:F4:3B:D4:63:42:E3:E5:80:7E:3B:46:80:2C
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0185246371F496A8BCB9F489B5A8F44A9561
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/geC-C61OmPQ71GNC4-WAfjtGgCw.roa
Signing time:             Sun 18 Dec 2022 08:39:35 +0000
ROA not before:           Sun 18 Dec 2022 08:39:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        62.72.176.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:24:63:71:f4:96:a8:bc:b9:f4:89:b5:a8:f4:4a:95:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: Dec 18 08:39:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81e0be0bad4e98f43bd46342e3e5807e3b46802c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:db:d8:94:aa:51:d4:5d:c3:75:f4:4f:13:fc:
                    32:46:0a:4a:32:fa:e5:ac:56:15:56:6a:20:97:1d:
                    e1:66:84:d8:55:54:06:90:7b:3f:7e:b2:79:eb:db:
                    a4:90:cf:6b:74:4b:21:b2:17:a0:7e:24:6f:3b:01:
                    35:40:1a:df:80:5c:46:07:94:38:d6:bf:62:b8:c7:
                    41:0b:8e:27:61:c6:fc:32:1a:76:d8:7e:14:c6:d7:
                    f2:c7:4a:26:10:88:4d:0d:9d:93:3a:df:31:fb:6e:
                    10:21:77:b2:56:bf:84:21:dd:03:a1:12:7e:f5:6b:
                    f0:5d:b7:e0:bf:60:86:ae:f3:16:c3:f1:97:bd:3d:
                    7f:f9:43:d5:db:7b:f6:59:6a:03:75:f5:68:b5:a4:
                    7f:f4:79:9e:61:ee:02:6c:2b:5d:e7:4e:b9:e0:e4:
                    90:56:bb:ee:80:12:9d:4a:76:07:1c:51:f0:d6:4e:
                    0c:7f:68:68:1e:5a:7c:c8:fe:84:ec:e7:7b:db:0b:
                    14:d6:bf:fb:3d:0d:95:c4:8b:c0:5c:74:d2:17:63:
                    d9:24:f2:cf:8b:59:f7:b2:00:6f:4f:c2:75:7f:60:
                    a7:9d:d2:40:18:98:28:2a:6f:b4:c4:11:59:36:eb:
                    83:0e:09:4a:4c:1b:28:05:21:1a:c1:31:ec:0b:39:
                    35:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:E0:BE:0B:AD:4E:98:F4:3B:D4:63:42:E3:E5:80:7E:3B:46:80:2C
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/geC-C61OmPQ71GNC4-WAfjtGgCw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:2b:7b:e0:3c:14:8c:1b:b2:45:78:24:2b:78:7f:3d:50:56:
         99:40:7b:54:03:d0:40:a5:8f:1a:c5:16:2f:16:75:e1:b9:df:
         bf:3d:61:fc:2a:8a:4e:48:99:1f:b5:16:98:e1:cd:7c:3d:ca:
         ce:ba:43:5e:8f:a5:6c:5c:15:41:71:c6:50:74:3f:eb:fd:85:
         93:a3:6f:be:b1:9e:53:d6:07:d1:f1:6a:21:43:25:ce:a2:04:
         6f:07:bb:3d:a5:cf:56:b4:50:3f:5d:bd:03:ee:46:45:b4:de:
         b9:1f:05:80:38:dc:f7:38:ab:50:0d:53:d4:55:6c:1f:b4:55:
         ec:5a:38:56:32:dc:06:2e:0c:83:bb:84:cf:f3:7a:9a:23:ad:
         bf:d4:5e:e8:1f:af:ad:4c:bd:ac:94:0c:83:29:fb:67:5c:e6:
         ba:f1:19:4c:bc:f7:02:8c:68:f9:12:e9:3a:b2:84:1a:8b:f7:
         56:1b:51:57:a5:de:d8:ff:11:e5:66:e9:de:0d:11:d5:6c:be:
         1c:5f:9f:38:1c:cf:47:57:7e:e8:7b:7e:cb:ac:d5:4d:c0:4f:
         94:a1:94:a8:84:36:c1:44:d3:16:dd:b9:1f:b5:7c:90:55:ba:
         1a:f6:07:cf:9e:31:06:04:d0:42:29:9d:32:ef:c7:9f:38:85:
         c3:69:77:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUkY3H0lqi8ufSJtaj0SpVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjIxMjE4MDgzOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUwYmUwYmFkNGU5OGY0M2JkNDYzNDJlM2U1ODA3ZTNiNDY4MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNvYlKpR1F3DdfRPE/wyRgpKMvrl
rFYVVmoglx3hZoTYVVQGkHs/frJ569ukkM9rdEshshegfiRvOwE1QBrfgFxGB5Q4
1r9iuMdBC44nYcb8Mhp22H4Uxtfyx0omEIhNDZ2TOt8x+24QIXeyVr+EId0DoRJ+
9WvwXbfgv2CGrvMWw/GXvT1/+UPV23v2WWoDdfVotaR/9HmeYe4CbCtd50654OSQ
VrvugBKdSnYHHFHw1k4Mf2hoHlp8yP6E7Od72wsU1r/7PQ2VxIvAXHTSF2PZJPLP
i1n3sgBvT8J1f2CnndJAGJgoKm+0xBFZNuuDDglKTBsoBSEawTHsCzk1wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHgvgutTpj0O9RjQuPlgH47RoAsMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvZ2VDLUM2MU9tUFE3MUdOQzQtV0FmanRHZ0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPkiwMA0G
CSqGSIb3DQEBCwUAA4IBAQBmK3vgPBSMG7JFeCQreH89UFaZQHtUA9BApY8axRYv
FnXhud+/PWH8KopOSJkftRaY4c18PcrOukNej6VsXBVBccZQdD/r/YWTo2++sZ5T
1gfR8WohQyXOogRvB7s9pc9WtFA/Xb0D7kZFtN65HwWAONz3OKtQDVPUVWwftFXs
WjhWMtwGLgyDu4TP83qaI62/1F7oH6+tTL2slAyDKftnXOa68RlMvPcCjGj5Euk6
soQai/dWG1FXpd7Y/xHlZuneDRHVbL4cX584HM9HV37oe37LrNVNwE+UoZSohDbB
RNMW3bkftXyQVboa9gfPnjEGBNBCKZ0y78efOIXDaXcQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org