Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gn-NdUUOfyeZfxkVHkHO7svCWCU.roa
File:                     gn-NdUUOfyeZfxkVHkHO7svCWCU.roa (raw, json)
Hash identifier:          tfBHdU4BgbZfQkXOe36cdSm9/Xldrp7MgIJZU7dXri0=
Subject key identifier:   82:7F:8D:75:45:0E:7F:27:99:7F:19:15:1E:41:CE:EE:CB:C2:58:25
Certificate issuer:       /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial:       78174E
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gn-NdUUOfyeZfxkVHkHO7svCWCU.roa
Signing time:             Sat 01 Jan 2022 02:52:45 +0000
ROA not before:           Sat 01 Jan 2022 02:52:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15626
IP address blocks:        82.117.254.0/24 maxlen: 24
                          2a05:9407::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7870286 (0x78174e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
        Validity
            Not Before: Jan  1 02:52:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=827f8d75450e7f27997f19151e41ceeecbc25825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:94:85:8c:4a:69:73:cc:f2:86:30:ed:76:ba:
                    42:03:ec:39:7d:a2:d3:14:81:60:ce:19:38:15:35:
                    e3:7b:02:3e:9e:86:7b:49:ad:3a:ef:35:94:ca:13:
                    df:72:eb:50:62:eb:35:f5:01:62:3c:b5:8e:b2:cf:
                    53:d8:85:23:c9:92:0e:6d:7d:24:65:68:03:66:8e:
                    b9:a0:e6:a6:58:77:ba:9d:f8:f6:73:af:91:c5:4e:
                    89:c8:da:b0:68:ab:cf:2a:ae:b7:20:ef:89:dd:9f:
                    46:5f:ff:63:90:6f:46:e5:ee:8c:ed:84:76:ec:a6:
                    84:eb:f1:b0:62:67:90:42:b0:1d:92:a0:56:d4:25:
                    b3:dd:e9:19:6f:8e:4b:49:04:cd:ea:a5:ae:11:bb:
                    aa:16:20:cf:f3:53:0a:7b:a6:42:06:18:24:70:88:
                    b9:ec:c8:00:f6:ba:df:17:35:ac:67:40:b1:44:9d:
                    32:2b:cf:0c:35:e3:03:c4:7b:66:8a:f2:6d:eb:46:
                    18:4e:e3:80:57:b8:ee:79:b8:d1:48:01:7e:87:0f:
                    b6:93:27:b0:b0:95:11:35:e7:50:a6:6f:31:77:5e:
                    e3:5e:dc:c5:83:be:95:ae:9a:46:bf:f6:1f:26:0c:
                    da:e6:4d:3a:cc:6c:6b:d7:15:3d:12:a2:1b:e9:bb:
                    dd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:7F:8D:75:45:0E:7F:27:99:7F:19:15:1E:41:CE:EE:CB:C2:58:25
            X509v3 Authority Key Identifier:
                keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gn-NdUUOfyeZfxkVHkHO7svCWCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.117.254.0/24
                IPv6:
                  2a05:9407::/32

    Signature Algorithm: sha256WithRSAEncryption
         7c:df:f1:48:bb:fc:c9:b0:ae:41:5f:1b:2d:94:66:84:33:d6:
         73:6f:7c:ce:a7:fe:e0:42:af:2f:6d:26:f9:ea:12:d2:e5:36:
         13:5a:ad:23:f0:f1:4e:70:d4:dc:68:f1:a9:01:da:ee:9a:13:
         e1:f4:b2:cf:b7:f9:26:e2:a2:c6:34:89:90:77:4d:dd:60:f9:
         1a:26:e6:9e:fc:6b:51:be:92:7b:6d:3d:d9:eb:be:5e:7c:2a:
         83:18:fe:77:bc:b7:e1:17:ff:c9:5b:87:db:ab:0f:07:3d:a5:
         80:59:29:ca:dc:08:4a:3c:8a:4e:be:ed:34:e3:cc:81:46:5c:
         35:b8:03:33:83:80:32:32:0d:57:ba:66:57:18:30:b1:78:bd:
         dd:00:4c:e8:98:65:9b:f2:7f:fe:4f:86:78:c6:07:7f:5e:22:
         f2:56:96:13:c9:82:23:04:7b:45:86:a4:38:82:d8:57:5a:26:
         f5:1a:b2:69:2c:04:8a:46:56:0a:9d:10:f7:cc:da:32:e7:37:
         1c:6b:7c:dd:23:98:3b:c1:d8:e2:22:10:41:11:25:71:dc:63:
         82:99:3c:35:e1:87:27:02:49:7f:da:1b:54:5a:69:67:a5:84:
         9d:40:9c:76:41:3f:21:13:a1:d2:a2:f8:18:b2:99:79:72:ca:
         f4:89:01:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDeBdOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk0
ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFhMzRmNWUwHhcNMjIwMTAx
MDI1MjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MjdmOGQ3NTQ1MGU3
ZjI3OTk3ZjE5MTUxZTQxY2VlZWNiYzI1ODI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsZSFjEppc8zyhjDtdrpCA+w5faLTFIFgzhk4FTXjewI+noZ7
Sa067zWUyhPfcutQYus19QFiPLWOss9T2IUjyZIObX0kZWgDZo65oOamWHe6nfj2
c6+RxU6JyNqwaKvPKq63IO+J3Z9GX/9jkG9G5e6M7YR27KaE6/GwYmeQQrAdkqBW
1CWz3ekZb45LSQTN6qWuEbuqFiDP81MKe6ZCBhgkcIi57MgA9rrfFzWsZ0CxRJ0y
K88MNeMDxHtmivJt60YYTuOAV7juebjRSAF+hw+2kyewsJURNedQpm8xd17jXtzF
g76VrppGv/YfJgza5k06zGxr1xU9EqIb6bvdqQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFIJ/jXVFDn8nmX8ZFR5Bzu7LwlglMB8GA1UdIwQYMBaAFJTZjo/saAd1oVcm
bgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0YzdlLzEv
Z24tTmRVVU9meWVaZnhrVkhrSE83c3ZDV0NVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83
YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0YzdlLzEvbE5tT2oteG9CM1do
VnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUnX+MA0EAgACMAcDBQAqBZQHMA0G
CSqGSIb3DQEBCwUAA4IBAQB83/FIu/zJsK5BXxstlGaEM9Zzb3zOp/7gQq8vbSb5
6hLS5TYTWq0j8PFOcNTcaPGpAdrumhPh9LLPt/km4qLGNImQd03dYPkaJuae/GtR
vpJ7bT3Z675efCqDGP53vLfhF//JW4fbqw8HPaWAWSnK3AhKPIpOvu0048yBRlw1
uAMzg4AyMg1XumZXGDCxeL3dAEzomGWb8n/+T4Z4xgd/XiLyVpYTyYIjBHtFhqQ4
gthXWib1GrJpLASKRlYKnRD3zNoy5zcca3zdI5g7wdjiIhBBESVx3GOCmTw14Ycn
Akl/2htUWmlnpYSdQJx2QT8hE6HSovgYspl5csr0iQFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:45 2024 by rpki-client on console-ams.rpki-client.org