Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/gLbNuQMcYij-dK49PwTCwk1EX58.roa
File:                     gLbNuQMcYij-dK49PwTCwk1EX58.roa (raw, json)
Hash identifier:          LRPFC0U522SSIybEkZ8JWiPiUyRN4PCW+BG6CAoKmuI=
Subject key identifier:   80:B6:CD:B9:03:1C:62:28:FE:74:AE:3D:3F:04:C2:C2:4D:44:5F:9F
Certificate issuer:       /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial:       169303BB
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/gLbNuQMcYij-dK49PwTCwk1EX58.roa
Signing time:             Fri 21 Jan 2022 11:36:41 +0000
ROA not before:           Fri 21 Jan 2022 11:36:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211421
IP address blocks:        194.59.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 378733499 (0x169303bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
        Validity
            Not Before: Jan 21 11:36:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80b6cdb9031c6228fe74ae3d3f04c2c24d445f9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6d:32:a8:94:7c:20:d3:cc:d4:04:e2:5a:1d:
                    e0:14:07:e6:35:cf:77:d9:be:80:aa:7e:fc:9e:92:
                    e7:75:8b:8c:0c:a0:7d:82:25:64:d4:fc:f6:6e:dc:
                    0d:90:83:1f:a7:d6:0d:c3:d9:70:52:36:3c:e3:43:
                    99:da:c0:ff:4d:db:c7:52:e0:57:5c:e6:e2:9d:dd:
                    60:a6:23:f1:65:b0:12:30:4f:fd:98:57:5d:c6:59:
                    39:a1:12:e4:ac:97:9a:05:8b:41:2c:ae:97:2e:04:
                    7b:ad:64:00:6a:3a:a8:39:4e:26:6c:2d:43:3c:43:
                    fb:32:15:dd:6f:2e:37:1e:4c:ca:cf:4d:a9:49:46:
                    42:d9:0e:35:7d:a8:de:a7:f4:d4:67:dc:36:3f:16:
                    c3:d9:a6:95:41:ff:77:80:c7:9a:c0:98:fc:3c:7a:
                    03:b6:8e:a0:5b:37:31:9a:fb:ca:6d:92:f0:af:06:
                    de:89:27:f2:36:d3:77:7a:0f:e9:2b:53:b1:a8:37:
                    6c:9d:cb:b4:7d:29:00:12:6a:a6:f3:59:93:a2:0a:
                    39:70:d4:7a:87:28:a2:43:c7:a2:93:6d:c5:ac:c9:
                    ea:6d:5b:39:7d:37:0b:3f:a0:54:0f:2c:67:20:f7:
                    45:fd:b4:6a:92:99:cb:fc:db:91:59:22:b5:55:c9:
                    14:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B6:CD:B9:03:1C:62:28:FE:74:AE:3D:3F:04:C2:C2:4D:44:5F:9F
            X509v3 Authority Key Identifier:
                keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/gLbNuQMcYij-dK49PwTCwk1EX58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:6a:18:1b:e4:3c:82:44:40:4b:c0:a0:5d:24:d6:34:c4:41:
         8f:58:42:b4:5d:2c:55:05:0b:48:2b:b0:a8:29:b1:b2:f0:73:
         3d:ec:fb:26:39:9f:46:3d:8d:ff:52:ac:ba:a7:d4:06:f5:bb:
         e1:9f:0b:56:00:5e:36:85:78:e9:e8:53:6f:ce:b8:e4:ef:f9:
         a7:b4:f9:0e:19:37:c7:a8:0f:9b:12:fa:37:19:74:2a:b9:ab:
         7c:8c:43:c4:61:b6:89:fe:19:ce:79:96:d6:4e:45:09:68:2e:
         d3:15:6b:82:9f:b0:6f:dc:09:b3:57:67:6d:4c:7f:f5:12:fc:
         15:b7:10:ce:f4:ee:2b:2c:5c:63:a9:99:b0:05:93:01:46:db:
         60:59:5c:4e:c4:c6:f7:65:28:b3:88:b2:d6:a6:01:81:1f:1a:
         1f:79:ea:57:b7:84:51:29:ea:92:38:8f:a1:08:46:a5:41:99:
         b1:04:7b:1a:21:99:f4:82:af:74:17:47:26:7f:44:83:f3:69:
         b3:04:1b:e8:3f:a0:7b:e5:80:87:7e:01:66:ba:21:da:9e:8a:
         6e:67:02:d8:9e:7e:31:e8:42:2a:23:54:7f:e3:f0:2b:9b:cc:
         30:93:5a:a2:14:df:0d:3d:be:08:36:75:69:6c:7b:e7:43:22:
         47:8c:5c:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFpMDuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmVhMzdhOGU3M2U3Njc5YTkzM2Q3MGY3YjljODcyMDgxMDI0NDU1MB4XDTIyMDEy
MTExMzY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBiNmNkYjkwMzFj
NjIyOGZlNzRhZTNkM2YwNGMyYzI0ZDQ0NWY5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJtMqiUfCDTzNQE4lod4BQH5jXPd9m+gKp+/J6S53WLjAyg
fYIlZNT89m7cDZCDH6fWDcPZcFI2PONDmdrA/03bx1LgV1zm4p3dYKYj8WWwEjBP
/ZhXXcZZOaES5KyXmgWLQSyuly4Ee61kAGo6qDlOJmwtQzxD+zIV3W8uNx5Mys9N
qUlGQtkONX2o3qf01GfcNj8Ww9mmlUH/d4DHmsCY/Dx6A7aOoFs3MZr7ym2S8K8G
3okn8jbTd3oP6StTsag3bJ3LtH0pABJqpvNZk6IKOXDUeocookPHopNtxazJ6m1b
OX03Cz+gVA8sZyD3Rf20apKZy/zbkVkitVXJFJsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAts25AxxiKP50rj0/BMLCTURfnzAfBgNVHSMEGDAWgBQW6jeo5z52eakz
1w97nIcggQJEVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z1bzNxT2MtZG5tcE05Y1BlNXlISUlFQ1JGVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvNTFjZDk0LWEwNTUtNDNlZS1hMDliLTQ3MmIwZDA3MmU4My8x
L2dMYk51UU1jWWlqLWRLNDlQd1RDd2sxRVg1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
NTFjZDk0LWEwNTUtNDNlZS1hMDliLTQ3MmIwZDA3MmU4My8xL0Z1bzNxT2MtZG5t
cE05Y1BlNXlISUlFQ1JGVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI7qjANBgkqhkiG9w0BAQsFAAOC
AQEAjWoYG+Q8gkRAS8CgXSTWNMRBj1hCtF0sVQULSCuwqCmxsvBzPez7JjmfRj2N
/1KsuqfUBvW74Z8LVgBeNoV46ehTb8645O/5p7T5Dhk3x6gPmxL6Nxl0KrmrfIxD
xGG2if4ZznmW1k5FCWgu0xVrgp+wb9wJs1dnbUx/9RL8FbcQzvTuKyxcY6mZsAWT
AUbbYFlcTsTG92Uos4iy1qYBgR8aH3nqV7eEUSnqkjiPoQhGpUGZsQR7GiGZ9IKv
dBdHJn9Eg/NpswQb6D+ge+WAh34BZroh2p6KbmcC2J5+MehCKiNUf+PwK5vMMJNa
ohTfDT2+CDZ1aWx750MiR4xc/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:58 2024 by rpki-client on console-fra.rpki-client.org