Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/GSx3NYpGMzNqmHkW8tobUUwi2vY.roa
File:                     GSx3NYpGMzNqmHkW8tobUUwi2vY.roa (raw, json)
Hash identifier:          RF0qgcchuKmEV1i3RFeVW9LETyyCFzV1UvxUK/WdCWI=
Subject key identifier:   19:2C:77:35:8A:46:33:33:6A:98:79:16:F2:DA:1B:51:4C:22:DA:F6
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       07DE8E3E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/GSx3NYpGMzNqmHkW8tobUUwi2vY.roa
Signing time:             Sat 01 Jan 2022 08:01:04 +0000
ROA not before:           Sat 01 Jan 2022 08:01:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208861
IP address blocks:        194.113.105.0/24 maxlen: 24
                          2a0a:4780::/32 maxlen: 32
                          2a0d:60c1::/32 maxlen: 32
                          2a0f:cc82::/32 maxlen: 32
                          2a0a:4782::/32 maxlen: 32
                          2a0a:4783::/32 maxlen: 32
                          2a0a:4781::/32 maxlen: 32
                          2a05:fb45::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132025918 (0x7de8e3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jan  1 08:01:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=192c77358a4633336a987916f2da1b514c22daf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:5f:f8:79:20:a8:64:2e:fa:30:af:c0:6f:e4:
                    f2:a0:0b:73:35:70:27:de:c4:ec:a8:4b:55:41:9e:
                    b8:d2:d2:ac:af:9b:87:fe:59:3e:27:84:c2:e2:ef:
                    2d:97:7e:a3:c5:7d:31:c0:b2:e5:4f:65:ea:03:57:
                    62:b3:ac:c0:ab:7b:6f:41:d7:c2:d9:6c:66:6f:70:
                    4d:b0:56:40:67:c7:18:00:b6:df:b0:b3:b1:fa:b4:
                    8f:f5:04:a5:21:94:8e:33:50:69:59:e5:9c:fb:bc:
                    41:47:38:d1:7c:08:2b:ae:99:08:2d:f5:12:68:54:
                    80:ee:21:9a:c4:ba:f2:6b:3e:06:57:80:19:5b:e0:
                    7c:3d:6a:a4:33:30:44:25:3d:ec:ff:15:20:75:d7:
                    db:23:e7:04:61:fe:a3:03:f0:ef:f8:5e:66:f9:68:
                    08:8e:a3:fa:08:7a:33:b6:47:92:9e:42:5e:47:92:
                    71:de:57:42:b6:91:94:1a:e7:85:0a:95:b1:88:90:
                    15:4f:7b:84:c6:59:e8:9a:7d:ef:65:2b:76:ed:65:
                    f2:a5:13:df:8e:46:dc:d1:6d:52:32:e6:ff:0b:e5:
                    44:0c:bb:42:3e:84:04:ef:c1:5a:29:b0:48:c8:eb:
                    57:5e:95:91:1a:b6:6f:ee:f0:af:8b:05:c0:8b:18:
                    36:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:2C:77:35:8A:46:33:33:6A:98:79:16:F2:DA:1B:51:4C:22:DA:F6
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/GSx3NYpGMzNqmHkW8tobUUwi2vY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.113.105.0/24
                IPv6:
                  2a05:fb45::/32
                  2a0a:4780::/30
                  2a0d:60c1::/32
                  2a0f:cc82::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:cf:bb:ff:db:82:b7:6f:61:b0:01:18:60:56:65:ef:9e:b0:
         c2:6a:3c:f4:ee:b5:70:20:fb:20:4e:61:7a:0d:eb:c9:b5:5c:
         f7:2e:59:43:93:88:92:38:65:bd:31:e2:99:ee:e5:2d:bb:75:
         f6:86:cc:b3:de:88:58:30:15:2e:18:38:23:df:f6:05:87:ce:
         bc:66:da:41:62:b8:2e:7d:28:be:4e:6d:13:96:8c:60:df:7e:
         5b:48:38:75:89:ea:3e:08:79:c0:dd:7b:8b:c2:3c:3e:47:e3:
         4b:c8:af:1d:70:a2:5d:e0:fb:44:eb:15:dc:67:56:69:23:ed:
         37:d1:90:db:dd:ae:cb:8f:b2:bc:35:a0:11:96:81:28:80:23:
         5b:37:83:49:3e:c8:40:b6:95:b5:94:b3:1b:3d:03:79:8f:e7:
         98:57:da:24:76:9a:92:2b:2b:3e:64:73:56:84:74:08:57:fd:
         6f:85:11:3a:0f:dd:3c:a7:20:7a:e3:16:78:66:ea:c2:4d:51:
         0e:15:3b:d1:7f:86:45:75:b7:2b:42:7f:1c:34:24:75:85:b0:
         c7:ad:25:73:b7:b8:f7:d4:05:32:88:ac:da:08:14:bb:ea:6b:
         ad:90:4b:6b:17:18:ca:1d:2d:4d:06:63:f8:31:79:e2:8c:6a:
         7e:b6:98:c9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEB96OPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDEw
MTA4MDEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTkyYzc3MzU4YTQ2
MzMzMzZhOTg3OTE2ZjJkYTFiNTE0YzIyZGFmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhf+HkgqGQu+jCvwG/k8qALczVwJ97E7KhLVUGeuNLSrK+b
h/5ZPieEwuLvLZd+o8V9McCy5U9l6gNXYrOswKt7b0HXwtlsZm9wTbBWQGfHGAC2
37Czsfq0j/UEpSGUjjNQaVnlnPu8QUc40XwIK66ZCC31EmhUgO4hmsS68ms+BleA
GVvgfD1qpDMwRCU97P8VIHXX2yPnBGH+owPw7/heZvloCI6j+gh6M7ZHkp5CXkeS
cd5XQraRlBrnhQqVsYiQFU97hMZZ6Jp972Urdu1l8qUT345G3NFtUjLm/wvlRAy7
Qj6EBO/BWimwSMjrV16VkRq2b+7wr4sFwIsYNnsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQZLHc1ikYzM2qYeRby2htRTCLa9jAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
L0dTeDNOWXBHTXpOcW1Ia1c4dG9iVVV3aTJ2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwDAQCAAEwBgMEAMJxaTAiBAIAAjAcAwUAKgX7RQMF
AioKR4ADBQAqDWDBAwUAKg/MgjANBgkqhkiG9w0BAQsFAAOCAQEAR8+7/9uCt29h
sAEYYFZl756wwmo89O61cCD7IE5heg3rybVc9y5ZQ5OIkjhlvTHime7lLbt19obM
s96IWDAVLhg4I9/2BYfOvGbaQWK4Ln0ovk5tE5aMYN9+W0g4dYnqPgh5wN17i8I8
PkfjS8ivHXCiXeD7ROsV3GdWaSPtN9GQ292uy4+yvDWgEZaBKIAjWzeDST7IQLaV
tZSzGz0DeY/nmFfaJHaakisrPmRzVoR0CFf9b4UROg/dPKcgeuMWeGbqwk1RDhU7
0X+GRXW3K0J/HDQkdYWwx60lc7e499QFMois2ggUu+prrZBLaxcYyh0tTQZj+DF5
4oxqfraYyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org