Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/GclYECU7fH_wdeTH77MymNn3Pog.roa
File:                     GclYECU7fH_wdeTH77MymNn3Pog.roa (raw, json)
Hash identifier:          EDotTLVR/gGvn+8yWhfnqfMxNvHSoU35HcNRN8Lxpbc=
Subject key identifier:   19:C9:58:10:25:3B:7C:7F:F0:75:E4:C7:EF:B3:32:98:D9:F7:3E:88
Certificate issuer:       /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial:       096BEA47
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/GclYECU7fH_wdeTH77MymNn3Pog.roa
Signing time:             Sat 01 Jan 2022 15:58:23 +0000
ROA not before:           Sat 01 Jan 2022 15:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8881
IP address blocks:        2a02:45c0:6::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158067271 (0x96bea47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
        Validity
            Not Before: Jan  1 15:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19c95810253b7c7ff075e4c7efb33298d9f73e88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c9:f9:55:fe:c8:16:ab:2b:27:aa:eb:9b:2e:
                    5a:88:59:e0:28:c6:bf:86:45:47:e4:33:6c:90:4d:
                    90:43:21:f5:35:9a:58:5a:52:88:30:f5:5f:53:e9:
                    48:23:a9:30:82:0e:6e:22:37:06:e7:12:ff:d1:04:
                    2f:6f:2c:b3:e0:67:f0:d4:6c:e7:1b:d8:e1:60:5c:
                    bb:77:52:80:f3:86:f5:ab:19:57:75:1c:ab:57:bf:
                    75:5d:d0:b0:98:e0:bd:cf:a0:27:3f:93:9f:e1:23:
                    da:59:27:b6:27:f6:25:f3:e9:a1:90:2a:57:f8:19:
                    55:45:10:9f:0d:08:a3:4a:52:7f:98:f8:24:c7:ad:
                    df:91:03:0d:65:85:39:2b:b3:5d:5e:82:e5:08:08:
                    11:3c:61:80:52:35:44:b5:02:62:16:0e:3e:99:4b:
                    ad:39:3e:a9:d0:43:95:65:e5:30:1f:6d:57:93:59:
                    10:fe:71:df:c4:25:21:8d:c3:6d:3a:9a:be:89:8c:
                    07:17:51:65:05:e8:da:2d:55:32:de:cd:aa:6c:4d:
                    4c:fd:f8:23:20:5f:b0:50:71:ba:a9:c3:5c:36:23:
                    ff:d1:72:77:f6:04:41:16:f4:b7:00:ca:6b:fd:2c:
                    56:c3:e2:56:9f:02:47:1a:39:0b:4c:a7:f3:9d:c0:
                    98:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C9:58:10:25:3B:7C:7F:F0:75:E4:C7:EF:B3:32:98:D9:F7:3E:88
            X509v3 Authority Key Identifier:
                keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/GclYECU7fH_wdeTH77MymNn3Pog.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:45c0:6::/48

    Signature Algorithm: sha256WithRSAEncryption
         c7:5d:df:d9:20:a9:2e:31:04:2d:43:bc:e6:9d:6f:23:8f:bc:
         f7:b9:15:c2:3a:df:4d:52:85:fb:08:53:d0:18:84:56:b6:eb:
         eb:d3:dd:73:39:3b:3f:01:9b:4c:fd:2b:8d:00:03:ac:09:a1:
         3b:47:08:1a:66:bd:f7:b8:ae:e9:ed:91:53:86:34:40:64:6c:
         0b:d8:9e:cb:65:f1:ff:00:e8:b6:92:fb:48:a8:ff:d0:81:f4:
         6e:c5:a7:d0:07:08:10:29:58:78:ae:6b:06:42:48:1b:31:fe:
         f6:9f:0a:76:e4:33:9d:f6:59:57:2a:b9:82:b9:f7:5f:57:5d:
         4d:84:25:2c:02:4f:3d:1e:62:3b:71:24:2b:62:f9:0f:c4:f6:
         bb:f9:9b:86:bb:d2:f5:00:7f:3f:31:a9:3d:59:89:51:55:e1:
         15:20:76:35:1b:20:1d:29:b3:d4:ad:df:d9:f1:54:46:ed:c8:
         ec:12:31:45:04:db:a8:3f:cb:34:d7:c1:9a:ab:8d:e4:5c:04:
         eb:e7:a4:8b:9a:99:9b:34:99:bc:36:67:71:c2:62:32:fa:f1:
         67:99:81:58:db:34:a7:3a:a6:fe:da:41:b7:24:91:b5:4b:ab:
         64:c6:9c:a1:96:01:1b:ae:7c:ac:a8:f6:fe:b3:e7:18:fb:1b:
         52:1e:3d:bc
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWvqRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmQ0ZjhlNDc2MjM3N2Y4NmIwN2E4NzUzZjZlOThmNmY0YjZiNzkyMB4XDTIyMDEw
MTE1NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTljOTU4MTAyNTNi
N2M3ZmYwNzVlNGM3ZWZiMzMyOThkOWY3M2U4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPJ+VX+yBarKyeq65suWohZ4CjGv4ZFR+QzbJBNkEMh9TWa
WFpSiDD1X1PpSCOpMIIObiI3BucS/9EEL28ss+Bn8NRs5xvY4WBcu3dSgPOG9asZ
V3Ucq1e/dV3QsJjgvc+gJz+Tn+Ej2lkntif2JfPpoZAqV/gZVUUQnw0Io0pSf5j4
JMet35EDDWWFOSuzXV6C5QgIETxhgFI1RLUCYhYOPplLrTk+qdBDlWXlMB9tV5NZ
EP5x38QlIY3DbTqavomMBxdRZQXo2i1VMt7NqmxNTP34IyBfsFBxuqnDXDYj/9Fy
d/YEQRb0twDKa/0sVsPiVp8CRxo5C0yn853AmFcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQZyVgQJTt8f/B15MfvszKY2fc+iDAfBgNVHSMEGDAWgBTb1PjkdiN3+GsH
qHU/bpj29La3kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI5VDQ1SFlqZF9ockI2aDFQMjZZOXZTMnQ1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZDNmNjVkLWFmYWItNGQyOC1iNDZlLTYyMGE3OWNmNzkyYi8x
L0djbFlFQ1U3Zkhfd2RlVEg3N015bU5uM1BvZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZDNmNjVkLWFmYWItNGQyOC1iNDZlLTYyMGE3OWNmNzkyYi8xLzI5VDQ1SFlqZF9o
ckI2aDFQMjZZOXZTMnQ1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCRcAABjANBgkqhkiG9w0BAQsF
AAOCAQEAx13f2SCpLjEELUO85p1vI4+897kVwjrfTVKF+whT0BiEVrbr69Pdczk7
PwGbTP0rjQADrAmhO0cIGma997iu6e2RU4Y0QGRsC9iey2Xx/wDotpL7SKj/0IH0
bsWn0AcIEClYeK5rBkJIGzH+9p8KduQznfZZVyq5grn3X1ddTYQlLAJPPR5iO3Ek
K2L5D8T2u/mbhrvS9QB/PzGpPVmJUVXhFSB2NRsgHSmz1K3f2fFURu3I7BIxRQTb
qD/LNNfBmquN5FwE6+eki5qZmzSZvDZnccJiMvrxZ5mBWNs0pzqm/tpBtySRtUur
ZMacoZYBG658rKj2/rPnGPsbUh49vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org