Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/GF1pxJsIsc4XdAqCCFS0Cavgcvc.roa
File:                     GF1pxJsIsc4XdAqCCFS0Cavgcvc.roa (raw, json)
Hash identifier:          OhN1hR2Xzbwateuz24ncxt09wR9PfLxQIPHcIj2oLOw=
Subject key identifier:   18:5D:69:C4:9B:08:B1:CE:17:74:0A:82:08:54:B4:09:AB:E0:72:F7
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01842D2EC7DE4F0AFEFC1AC727EBAB17F1CF
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/GF1pxJsIsc4XdAqCCFS0Cavgcvc.roa
Signing time:             Mon 31 Oct 2022 08:35:51 +0000
ROA not before:           Mon 31 Oct 2022 08:35:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41327
IP address blocks:        80.71.237.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2d:2e:c7:de:4f:0a:fe:fc:1a:c7:27:eb:ab:17:f1:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Oct 31 08:35:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=185d69c49b08b1ce17740a820854b409abe072f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d0:cb:c6:fb:96:33:e2:de:35:bf:a0:ad:3f:
                    7c:09:9d:8c:1e:21:ae:c2:7f:6d:6f:cb:8b:07:55:
                    10:99:ba:9c:81:54:f8:17:69:37:5e:ae:c6:9f:2a:
                    62:93:39:d7:83:8c:ae:ff:b0:bf:a4:7a:98:c7:fa:
                    28:c0:a4:b3:ef:31:7f:1d:81:f6:07:f5:5f:cc:8e:
                    bc:ec:89:c2:9a:32:b0:54:9f:53:48:03:48:ac:34:
                    7b:c0:ea:28:1b:cb:27:9b:31:cc:4d:2c:6a:b4:cd:
                    27:31:f1:e7:6a:87:5b:bf:c6:23:30:e4:89:4d:7c:
                    21:94:3d:31:2f:52:5e:af:70:7d:79:f9:56:de:40:
                    4c:2d:ee:a1:a7:3a:50:18:5d:e4:9d:d9:fa:b9:47:
                    1a:c4:cb:9a:48:88:87:cd:b8:39:01:19:90:65:c5:
                    ec:3d:52:c0:b5:e5:49:3e:81:a3:c9:eb:e0:77:f2:
                    89:f1:6a:a1:64:0c:1d:4e:ce:15:5e:45:1c:b3:b7:
                    22:f7:e5:d6:97:18:9a:9e:7c:0a:d6:c7:5b:b9:66:
                    3f:65:2a:f1:18:1a:f0:89:9d:c3:79:78:5c:4e:a1:
                    06:fe:26:6b:87:35:73:8c:dd:45:95:63:fa:50:f8:
                    54:29:7e:c2:8a:0a:60:48:95:c4:24:ea:a0:ba:5a:
                    88:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:5D:69:C4:9B:08:B1:CE:17:74:0A:82:08:54:B4:09:AB:E0:72:F7
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/GF1pxJsIsc4XdAqCCFS0Cavgcvc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:63:1d:f7:fe:21:ef:0c:1a:fc:a0:9a:36:92:04:b8:d5:42:
         1c:2b:fa:0f:e1:ef:ad:36:f1:a3:96:24:11:60:96:09:fa:1d:
         30:00:c4:69:ac:5f:f8:cb:bb:40:d9:79:9a:47:9a:73:dc:0d:
         13:a7:c7:5c:f2:57:29:f1:37:fa:cd:42:02:a2:28:82:62:03:
         ca:0e:96:1a:63:27:80:e4:7e:b8:97:a5:19:b0:a9:30:d7:38:
         35:92:c8:c8:26:c1:da:c2:7f:68:d8:6b:e8:fb:25:30:15:8e:
         96:87:bd:c0:de:9d:86:07:c7:57:d4:32:11:8d:5e:d0:49:30:
         39:1f:2d:05:76:e4:07:f0:f6:9c:82:10:b0:7b:b8:fb:07:98:
         21:93:e7:92:ea:fb:ab:09:7e:6e:01:b8:fb:6e:01:59:7c:76:
         35:df:85:8c:e2:85:13:79:c2:2e:7d:bd:7d:fe:97:93:8a:85:
         42:82:b3:a3:fc:92:b1:ce:60:8b:f6:ec:21:b0:03:bb:04:db:
         73:00:62:75:b6:d2:56:11:e3:f1:fc:57:49:4a:94:36:aa:9c:
         87:67:53:bf:37:07:ae:a9:8b:f2:26:63:60:de:ac:83:9f:86:
         85:e1:ba:f8:51:c1:9c:07:2f:fc:fb:da:2c:1f:88:d5:1c:01:
         33:93:a0:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQtLsfeTwr+/BrHJ+urF/HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMDMxMDgzNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVkNjljNDliMDhiMWNlMTc3NDBhODIwODU0YjQwOWFiZTA3MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNDLxvuWM+LeNb+grT98CZ2MHiGu
wn9tb8uLB1UQmbqcgVT4F2k3Xq7GnypikznXg4yu/7C/pHqYx/oowKSz7zF/HYH2
B/VfzI687InCmjKwVJ9TSANIrDR7wOooG8snmzHMTSxqtM0nMfHnaodbv8YjMOSJ
TXwhlD0xL1Jer3B9eflW3kBMLe6hpzpQGF3kndn6uUcaxMuaSIiHzbg5ARmQZcXs
PVLAteVJPoGjyevgd/KJ8WqhZAwdTs4VXkUcs7ci9+XWlxiannwK1sdbuWY/ZSrx
GBrwiZ3DeXhcTqEG/iZrhzVzjN1FlWP6UPhUKX7CigpgSJXEJOqgulqIkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhdacSbCLHOF3QKgghUtAmr4HL3MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvR0YxcHhKc0lzYzRYZEFxQ0NGUzBDYXZnY3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEftMA0G
CSqGSIb3DQEBCwUAA4IBAQCUYx33/iHvDBr8oJo2kgS41UIcK/oP4e+tNvGjliQR
YJYJ+h0wAMRprF/4y7tA2XmaR5pz3A0Tp8dc8lcp8Tf6zUICoiiCYgPKDpYaYyeA
5H64l6UZsKkw1zg1ksjIJsHawn9o2Gvo+yUwFY6Wh73A3p2GB8dX1DIRjV7QSTA5
Hy0FduQH8PacghCwe7j7B5ghk+eS6vurCX5uAbj7bgFZfHY134WM4oUTecIufb19
/peTioVCgrOj/JKxzmCL9uwhsAO7BNtzAGJ1ttJWEePx/FdJSpQ2qpyHZ1O/Nweu
qYvyJmNg3qyDn4aF4br4UcGcBy/8+9osH4jVHAEzk6CP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org