Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Gd4MMGrkIbeqtoO4h7vIddOBG_8.roa
File:                     Gd4MMGrkIbeqtoO4h7vIddOBG_8.roa (raw, json)
Hash identifier:          oOl1SX1M5IQhYWtHMjm3Z64jzo+NvB2H5IY+JJt5O4s=
Subject key identifier:   19:DE:0C:30:6A:E4:21:B7:AA:B6:83:B8:87:BB:C8:75:D3:81:1B:FF
Certificate issuer:       /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial:       04F0637C
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Gd4MMGrkIbeqtoO4h7vIddOBG_8.roa
Signing time:             Sat 01 Jan 2022 10:56:51 +0000
ROA not before:           Sat 01 Jan 2022 10:56:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49937
IP address blocks:        193.31.214.0/24 maxlen: 24
                          193.31.215.0/24 maxlen: 24
                          185.28.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82862972 (0x4f0637c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
        Validity
            Not Before: Jan  1 10:56:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19de0c306ae421b7aab683b887bbc875d3811bff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9d:61:b1:66:a1:86:b0:14:42:b2:43:8b:4e:
                    22:1c:97:de:9c:52:3c:f1:ec:6c:42:87:0c:c0:95:
                    c5:ee:b7:67:71:de:20:48:8b:2e:cf:eb:36:8f:ba:
                    ff:ca:2c:61:c0:f7:d2:27:ff:8b:d3:f8:80:67:60:
                    f1:1e:e7:9a:96:ed:41:ec:59:2c:dc:f0:21:aa:17:
                    83:8a:9b:74:cc:ae:15:b8:2b:2b:2b:b3:21:96:8c:
                    3b:ff:14:0b:bf:1f:f7:81:21:3e:08:12:ea:0f:e6:
                    be:03:65:21:66:ef:02:ce:ec:d1:cc:3b:de:40:f3:
                    44:e7:1f:91:0a:c7:6d:da:7d:c2:e9:2f:c5:ff:a4:
                    5b:f4:df:33:13:ad:34:57:52:1c:99:4f:a5:2b:4e:
                    ac:65:e1:46:cc:2c:b2:5d:d6:b7:72:09:a4:7a:68:
                    e2:6d:8a:dc:0b:a3:69:e8:09:ea:ed:e7:02:0f:f9:
                    5a:7f:64:a2:99:c6:32:bc:72:8f:45:1f:c7:64:fe:
                    90:9a:36:94:a9:1e:0f:4b:41:a0:5b:2b:90:27:a2:
                    44:98:96:f1:45:01:67:a3:ba:88:a5:3d:79:bf:0f:
                    a5:11:33:74:14:c7:d1:9c:8f:bd:c2:e9:47:c6:b1:
                    41:ee:5e:80:58:39:6b:fa:0c:27:a5:e7:1c:f9:d6:
                    bd:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:DE:0C:30:6A:E4:21:B7:AA:B6:83:B8:87:BB:C8:75:D3:81:1B:FF
            X509v3 Authority Key Identifier:
                keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Gd4MMGrkIbeqtoO4h7vIddOBG_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.72.0/24
                  193.31.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:81:01:2d:8a:cd:21:ad:6f:95:b3:e3:14:cd:0e:1a:11:01:
         4a:66:91:60:ea:f4:9b:17:f3:4d:dc:b4:de:f3:55:60:66:fc:
         fd:7c:59:99:76:7c:20:64:cf:7e:08:4f:b8:19:9a:9e:3e:c9:
         56:22:06:ea:f0:8a:ff:5f:3b:89:fc:8a:9c:99:e9:2d:df:07:
         7d:18:2f:6f:53:57:bb:09:f0:98:a3:ac:1e:c3:90:73:8d:69:
         ec:9f:30:b3:2a:e7:99:11:97:c0:3e:8d:42:e7:5b:19:24:f1:
         37:0b:e0:5e:22:f0:c3:f6:4f:93:57:2a:34:5d:9d:7e:81:ef:
         a3:40:cb:ac:e3:ab:40:45:21:89:13:3c:f7:8a:15:bc:93:72:
         3f:70:56:df:d1:c4:cb:f5:4a:22:36:10:61:d1:50:cf:fb:27:
         51:f6:71:f6:15:f8:58:c1:70:88:33:51:13:00:42:20:3f:3c:
         88:1d:78:54:c2:f6:70:ca:e1:b9:88:d7:2b:ef:37:53:a6:13:
         dc:4c:14:b9:7f:95:1e:b5:45:95:55:1b:15:7d:a2:a1:68:8a:
         60:47:7a:29:23:b0:d1:af:54:10:f5:c7:31:d6:f9:7a:68:de:
         ca:c2:16:5f:15:5c:84:05:ff:a2:37:8d:18:2d:fe:f2:31:25:
         9f:60:6a:c4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBPBjfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjQ2ZThhNzZkMzBjN2MwNDk1YmM1Y2U4ZWU1MTEwZmVhYjI4NmU2MB4XDTIyMDEw
MTEwNTY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlkZTBjMzA2YWU0
MjFiN2FhYjY4M2I4ODdiYmM4NzVkMzgxMWJmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2dYbFmoYawFEKyQ4tOIhyX3pxSPPHsbEKHDMCVxe63Z3He
IEiLLs/rNo+6/8osYcD30if/i9P4gGdg8R7nmpbtQexZLNzwIaoXg4qbdMyuFbgr
KyuzIZaMO/8UC78f94EhPggS6g/mvgNlIWbvAs7s0cw73kDzROcfkQrHbdp9wukv
xf+kW/TfMxOtNFdSHJlPpStOrGXhRswssl3Wt3IJpHpo4m2K3AujaegJ6u3nAg/5
Wn9kopnGMrxyj0Ufx2T+kJo2lKkeD0tBoFsrkCeiRJiW8UUBZ6O6iKU9eb8PpREz
dBTH0ZyPvcLpR8axQe5egFg5a/oMJ6XnHPnWvU8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQZ3gwwauQht6q2g7iHu8h104Eb/zAfBgNVHSMEGDAWgBQCRuinbTDHwElb
xc6O5REP6rKG5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FrYm9wMjB3eDhCSlc4WE9qdVVSRC1xeWh1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvYzBhNTc2LWEyMjAtNGRlMC1hYWMxLTdiOTZhOTk5NzcxOC8x
L0dkNE1NR3JrSWJlcXRvTzRoN3ZJZGRPQkdfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
YzBhNTc2LWEyMjAtNGRlMC1hYWMxLTdiOTZhOTk5NzcxOC8xL0FrYm9wMjB3eDhC
Slc4WE9qdVVSRC1xeWh1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkcSAMEAcEf1jANBgkqhkiG9w0B
AQsFAAOCAQEAOoEBLYrNIa1vlbPjFM0OGhEBSmaRYOr0mxfzTdy03vNVYGb8/XxZ
mXZ8IGTPfghPuBmanj7JViIG6vCK/187ifyKnJnpLd8HfRgvb1NXuwnwmKOsHsOQ
c41p7J8wsyrnmRGXwD6NQudbGSTxNwvgXiLww/ZPk1cqNF2dfoHvo0DLrOOrQEUh
iRM894oVvJNyP3BW39HEy/VKIjYQYdFQz/snUfZx9hX4WMFwiDNREwBCID88iB14
VML2cMrhuYjXK+83U6YT3EwUuX+VHrVFlVUbFX2ioWiKYEd6KSOw0a9UEPXHMdb5
emjeysIWXxVchAX/ojeNGC3+8jEln2BqxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:37 2024 by rpki-client on console-ams.rpki-client.org