Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/GGP_-x4uz1LOw1pXXxmsJfpMOdc.roa
File:                     GGP_-x4uz1LOw1pXXxmsJfpMOdc.roa (raw, json)
Hash identifier:          o02+nYaSOQCBOb2vccn/r8Xr4DvASIGi0VlRHFWgSic=
Subject key identifier:   18:63:FF:FB:1E:2E:CF:52:CE:C3:5A:57:5F:19:AC:25:FA:4C:39:D7
Certificate issuer:       /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial:       018270E6650D5A535517721777AD788CB994
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/GGP_-x4uz1LOw1pXXxmsJfpMOdc.roa
Signing time:             Sat 06 Aug 2022 02:05:23 +0000
ROA not before:           Sat 06 Aug 2022 02:05:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61185
IP address blocks:        109.238.168.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:70:e6:65:0d:5a:53:55:17:72:17:77:ad:78:8c:b9:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
        Validity
            Not Before: Aug  6 02:05:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1863fffb1e2ecf52cec35a575f19ac25fa4c39d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:22:c2:b5:9f:47:40:4b:4c:5b:a1:8d:e5:d6:
                    b3:d4:0d:af:0e:76:cf:ab:05:04:37:43:86:5f:9b:
                    9e:c7:37:57:38:b1:b8:9a:5f:0f:9c:df:56:fd:ab:
                    30:1c:d6:54:de:91:e5:cc:85:1c:d3:43:18:1b:25:
                    f5:56:90:7f:3d:76:0e:f6:b0:4c:fb:cb:b9:d2:a4:
                    a4:f4:fd:65:73:fe:0f:9c:cc:c0:b3:22:1b:69:92:
                    9c:0a:5c:cd:09:90:56:43:76:5a:80:f0:00:5d:c6:
                    73:89:2d:16:98:46:4a:fe:43:45:27:18:b1:67:39:
                    c3:be:e7:41:a6:7c:b8:2f:1b:2f:4e:32:92:71:a6:
                    f7:ef:ee:89:f4:24:c3:d3:03:20:a3:fe:cb:80:b1:
                    9f:12:7b:12:95:49:dc:d4:06:bb:32:aa:03:ee:d6:
                    19:ba:93:b4:88:bc:d4:d4:05:38:eb:8b:e9:f7:2e:
                    9a:22:91:e4:8c:6e:2f:42:4c:0a:b6:88:63:6f:bd:
                    0e:34:f3:0c:c4:23:93:2f:60:bf:b7:14:07:9d:26:
                    6f:b8:62:d6:11:ec:c9:4e:bd:40:36:39:87:fe:52:
                    84:a4:5e:12:f7:9e:d7:26:73:07:94:4f:06:56:d0:
                    8a:20:f6:73:7b:f6:9f:35:90:f1:ac:54:97:81:66:
                    c8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:63:FF:FB:1E:2E:CF:52:CE:C3:5A:57:5F:19:AC:25:FA:4C:39:D7
            X509v3 Authority Key Identifier:
                keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/GGP_-x4uz1LOw1pXXxmsJfpMOdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.238.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2d:d7:f9:b0:34:1e:af:3e:1b:d8:0a:a1:18:8d:98:38:08:13:
         7b:c0:ea:b5:ee:bc:f0:f9:92:f0:32:28:95:bb:c8:db:5c:a8:
         f4:7e:96:37:8f:f2:d2:c7:33:fb:fe:3a:26:ce:c1:21:c1:92:
         80:0d:b0:66:45:c7:29:6e:ec:2e:8d:0b:1a:de:ee:e5:ef:58:
         7f:af:1f:38:f7:07:57:32:da:e6:94:b6:e0:61:43:d7:a3:e3:
         83:12:b6:e9:33:b3:6a:c0:1b:90:d7:03:02:2a:f6:8a:dd:0a:
         e7:a9:a7:b3:b8:ee:1a:10:17:cc:88:be:02:26:47:2a:1b:a1:
         9e:dd:47:99:03:47:ca:c9:4c:68:f7:58:d2:d2:06:88:55:bd:
         40:18:b0:98:4c:4e:e4:1c:0b:8a:5a:cf:0e:bb:14:e9:10:ef:
         f4:37:fc:74:1c:9a:6b:09:70:f3:10:38:58:fb:87:bc:8f:37:
         8e:47:fb:4a:bd:f2:bd:65:62:a3:9c:59:a3:32:44:c2:93:b2:
         17:2b:4b:78:e3:02:7f:1b:13:41:47:f6:43:ae:53:1c:21:e1:
         f9:f0:9c:66:15:96:c1:8f:f8:0d:dc:81:03:ce:b4:5a:b4:88:
         30:f8:ab:45:08:de:0c:09:ad:05:14:b2:5f:d8:9a:99:cc:c3:
         b3:f0:09:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJw5mUNWlNVF3IXd614jLmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjIwODA2MDIwNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODYzZmZmYjFlMmVjZjUyY2VjMzVhNTc1ZjE5YWMyNWZhNGMzOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iLCtZ9HQEtMW6GN5daz1A2vDnbP
qwUEN0OGX5uexzdXOLG4ml8PnN9W/aswHNZU3pHlzIUc00MYGyX1VpB/PXYO9rBM
+8u50qSk9P1lc/4PnMzAsyIbaZKcClzNCZBWQ3ZagPAAXcZziS0WmEZK/kNFJxix
ZznDvudBpny4LxsvTjKScab37+6J9CTD0wMgo/7LgLGfEnsSlUnc1Aa7MqoD7tYZ
upO0iLzU1AU464vp9y6aIpHkjG4vQkwKtohjb70ONPMMxCOTL2C/txQHnSZvuGLW
EezJTr1ANjmH/lKEpF4S957XJnMHlE8GVtCKIPZze/afNZDxrFSXgWbI2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhj//seLs9SzsNaV18ZrCX6TDnXMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvR0dQXy14NHV6MUxPdzFwWFh4bXNKZnBNT2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbe6oMA0G
CSqGSIb3DQEBCwUAA4IBAQAt1/mwNB6vPhvYCqEYjZg4CBN7wOq17rzw+ZLwMiiV
u8jbXKj0fpY3j/LSxzP7/jomzsEhwZKADbBmRccpbuwujQsa3u7l71h/rx849wdX
MtrmlLbgYUPXo+ODErbpM7NqwBuQ1wMCKvaK3QrnqaezuO4aEBfMiL4CJkcqG6Ge
3UeZA0fKyUxo91jS0gaIVb1AGLCYTE7kHAuKWs8OuxTpEO/0N/x0HJprCXDzEDhY
+4e8jzeOR/tKvfK9ZWKjnFmjMkTCk7IXK0t44wJ/GxNBR/ZDrlMcIeH58JxmFZbB
j/gN3IEDzrRatIgw+KtFCN4MCa0FFLJf2JqZzMOz8AkB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:25 2024 by rpki-client on console-fra.rpki-client.org