Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GkwcUQY1YB975srAZ2Hh_ZtlPhU.roa
File:                     GkwcUQY1YB975srAZ2Hh_ZtlPhU.roa (raw, json)
Hash identifier:          b1W+KcOaj/FfaOQFNFiK9iSDAGNFJLhL+qwNxzNKOH4=
Subject key identifier:   1A:4C:1C:51:06:35:60:1F:7B:E6:CA:C0:67:61:E1:FD:9B:65:3E:15
Certificate issuer:       /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial:       01852AB731407607B58D763CDE4F99B5164E
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GkwcUQY1YB975srAZ2Hh_ZtlPhU.roa
Signing time:             Mon 19 Dec 2022 14:08:46 +0000
ROA not before:           Mon 19 Dec 2022 14:08:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58110
IP address blocks:        91.149.192.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2a:b7:31:40:76:07:b5:8d:76:3c:de:4f:99:b5:16:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
        Validity
            Not Before: Dec 19 14:08:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1a4c1c510635601f7be6cac06761e1fd9b653e15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f7:73:3e:12:26:59:87:6a:44:49:8c:17:73:
                    4b:03:57:4f:ed:44:e7:2f:cf:58:d0:50:8e:52:85:
                    35:b3:e6:07:85:9e:f7:61:e5:cd:0e:f0:fb:b6:d2:
                    88:0a:b8:a1:41:79:de:39:a7:19:50:b6:05:82:f6:
                    cb:8c:93:20:ef:78:7b:ed:9e:b1:47:20:24:ae:19:
                    fe:62:dd:51:8d:f0:c3:54:e6:77:17:db:d5:04:6a:
                    e9:f6:e1:f6:40:cf:a8:6c:0f:ca:ed:91:b1:87:51:
                    ae:9b:a9:2c:74:bc:3f:c2:0f:01:da:9d:1f:a3:33:
                    01:11:a4:82:f6:d1:73:6e:25:2f:b0:75:e3:af:cb:
                    0c:e2:d4:ff:aa:0a:a5:d7:65:ef:a1:d9:b1:57:12:
                    a8:a5:39:6f:84:89:31:b8:31:27:11:5e:a2:0b:fa:
                    43:4f:03:a1:a9:a2:2a:81:d7:bb:05:4d:07:fe:69:
                    8e:ec:a1:d3:b5:31:3d:fc:31:ab:0b:c8:bc:62:c6:
                    00:d2:8b:b0:b7:35:e9:0a:f9:52:8e:f6:64:50:b2:
                    4a:26:2d:a7:8c:f7:c7:27:d8:e6:be:14:bd:e8:9e:
                    75:da:67:b4:06:57:92:69:fe:58:91:43:fe:3f:2f:
                    44:e5:53:d7:3f:62:56:ff:2a:df:ed:d2:64:ab:1a:
                    ac:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:4C:1C:51:06:35:60:1F:7B:E6:CA:C0:67:61:E1:FD:9B:65:3E:15
            X509v3 Authority Key Identifier:
                keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GkwcUQY1YB975srAZ2Hh_ZtlPhU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.149.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:9a:20:88:41:3e:e6:89:e3:a3:de:37:13:06:8e:0d:70:81:
         ff:c2:b1:6f:5a:55:56:9f:ee:1a:21:21:a9:60:b6:90:1a:81:
         f0:6a:3d:a4:2d:3f:90:7e:92:ed:41:cb:d7:80:92:b2:1a:a7:
         49:ae:bc:e5:f0:1f:eb:56:3c:65:92:59:3b:17:8f:e0:7d:3a:
         66:7d:d0:7a:1c:84:74:fc:a0:a2:b4:e5:f4:9c:19:1f:fc:cd:
         d4:55:fe:2b:d0:59:0c:ca:57:bc:3b:57:43:d0:6f:d8:5a:cc:
         60:25:ba:6b:a7:23:70:e8:7b:8f:8c:c5:28:d8:f1:b3:85:3e:
         70:3b:f1:a5:42:26:65:da:1e:4c:2f:d5:63:a7:fd:4b:fc:78:
         5a:98:4d:cb:18:d4:51:ca:15:50:47:38:33:71:ed:09:b4:67:
         a8:f9:de:a9:02:b9:4c:8b:41:3d:58:0e:0d:6b:cc:3e:67:a9:
         55:dd:d4:ba:4d:5f:57:b7:64:f1:ac:66:ed:fa:2f:d7:46:e0:
         21:ac:84:7a:a6:01:c8:db:b1:15:03:82:4a:ee:c5:68:6a:fc:
         91:54:c2:c7:ff:65:10:9b:d5:04:67:fc:1d:e0:77:c6:31:52:
         55:37:59:d5:0c:53:79:33:22:44:fc:82:bd:bd:9d:c2:8c:78:
         09:d4:64:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUqtzFAdge1jXY83k+ZtRZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjE5MTQwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTRjMWM1MTA2MzU2MDFmN2JlNmNhYzA2NzYxZTFmZDliNjUzZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfdzPhImWYdqREmMF3NLA1dP7UTn
L89Y0FCOUoU1s+YHhZ73YeXNDvD7ttKICrihQXneOacZULYFgvbLjJMg73h77Z6x
RyAkrhn+Yt1RjfDDVOZ3F9vVBGrp9uH2QM+obA/K7ZGxh1Gum6ksdLw/wg8B2p0f
ozMBEaSC9tFzbiUvsHXjr8sM4tT/qgql12XvodmxVxKopTlvhIkxuDEnEV6iC/pD
TwOhqaIqgde7BU0H/mmO7KHTtTE9/DGrC8i8YsYA0ouwtzXpCvlSjvZkULJKJi2n
jPfHJ9jmvhS96J512me0BleSaf5YkUP+Py9E5VPXP2JW/yrf7dJkqxqsFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpMHFEGNWAfe+bKwGdh4f2bZT4VMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvR2t3Y1VRWTFZQjk3NXNyQVoySGhfWnRsUGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XAMA0G
CSqGSIb3DQEBCwUAA4IBAQCimiCIQT7mieOj3jcTBo4NcIH/wrFvWlVWn+4aISGp
YLaQGoHwaj2kLT+QfpLtQcvXgJKyGqdJrrzl8B/rVjxlklk7F4/gfTpmfdB6HIR0
/KCitOX0nBkf/M3UVf4r0FkMyle8O1dD0G/YWsxgJbprpyNw6HuPjMUo2PGzhT5w
O/GlQiZl2h5ML9Vjp/1L/HhamE3LGNRRyhVQRzgzce0JtGeo+d6pArlMi0E9WA4N
a8w+Z6lV3dS6TV9Xt2TxrGbt+i/XRuAhrIR6pgHI27EVA4JK7sVoavyRVMLH/2UQ
m9UEZ/wd4HfGMVJVN1nVDFN5MyJE/IK9vZ3CjHgJ1GSn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org