Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/gNQ67ote_8Mr77Lg3nrA_TlqGx4.roa
File:                     gNQ67ote_8Mr77Lg3nrA_TlqGx4.roa (raw, json)
Hash identifier:          AD+rSJqszE9Wt+q60t5M2uShqYc8dDeozedf21EGUYU=
Subject key identifier:   80:D4:3A:EE:8B:5E:FF:C3:2B:EF:B2:E0:DE:7A:C0:FD:39:6A:1B:1E
Certificate issuer:       /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial:       01848578999DDC8D8A11D8905C2D92BEE7FB
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/gNQ67ote_8Mr77Lg3nrA_TlqGx4.roa
Signing time:             Thu 17 Nov 2022 12:03:04 +0000
ROA not before:           Thu 17 Nov 2022 12:03:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.230.0/25 maxlen: 25
                          185.1.230.128/25 maxlen: 25
                          195.69.118.0/24 maxlen: 24
                          195.69.117.0/24 maxlen: 24
                          195.69.116.0/24 maxlen: 24
                          195.69.119.0/24 maxlen: 24
                          195.245.240.0/24 maxlen: 24
                          2001:7f8:122::/49 maxlen: 49
                          2001:7f8:122:8000::/49 maxlen: 49

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:85:78:99:9d:dc:8d:8a:11:d8:90:5c:2d:92:be:e7:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
        Validity
            Not Before: Nov 17 12:03:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80d43aee8b5effc32befb2e0de7ac0fd396a1b1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9d:d0:23:dc:54:c7:fd:7e:0d:e6:1f:f6:3c:
                    8e:4a:b1:c2:de:92:63:6a:fd:15:9f:11:b7:11:d2:
                    bb:34:88:91:eb:5d:bd:13:55:bf:b5:13:22:62:98:
                    6b:93:5f:00:81:c1:4c:7c:c0:a2:08:d3:3c:e2:fa:
                    9f:a5:b4:31:96:84:14:42:6b:a0:71:9d:a2:02:15:
                    1d:ee:2c:53:28:00:19:fa:1e:41:2f:b8:e6:f1:7b:
                    85:7a:8d:2e:d6:79:70:2f:66:44:e0:e1:f5:92:b6:
                    98:8b:ab:78:64:41:57:40:c2:64:e4:9c:ba:f0:eb:
                    97:59:88:f2:24:81:80:b4:74:48:80:da:16:70:f6:
                    64:c8:08:9d:5d:56:80:7b:26:fb:14:4c:e4:55:f1:
                    02:93:57:65:ad:4c:a0:d2:22:37:5a:d3:4f:5a:8e:
                    83:82:d1:8f:34:5f:23:9d:eb:15:3d:e5:37:cc:da:
                    b6:b6:19:31:53:04:8b:a1:67:79:15:23:0a:f2:8f:
                    03:ee:aa:25:18:e3:55:db:30:78:46:86:13:6d:25:
                    6e:6f:40:83:d7:1c:fc:47:a7:1f:4a:29:4c:e4:46:
                    db:cd:e9:3c:6e:0a:3b:c6:fc:8a:e3:1c:98:c7:c7:
                    22:49:75:ce:bd:3e:c0:21:c4:b4:bb:85:00:91:78:
                    ed:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:D4:3A:EE:8B:5E:FF:C3:2B:EF:B2:E0:DE:7A:C0:FD:39:6A:1B:1E
            X509v3 Authority Key Identifier:
                keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/gNQ67ote_8Mr77Lg3nrA_TlqGx4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.230.0/24
                  195.69.116.0/22
                  195.245.240.0/24
                IPv6:
                  2001:7f8:122::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:f0:ee:4b:7a:3a:69:8c:f3:26:52:92:26:fa:a6:a0:63:73:
         dd:c4:da:dd:a7:0c:dc:61:83:2b:46:b5:c7:b0:a6:ea:91:ad:
         e7:31:2a:40:f0:63:c9:73:01:d6:29:59:7a:90:d8:de:a3:08:
         2e:62:13:31:74:17:82:6b:f9:d5:ae:1a:8e:90:9e:0b:d0:d5:
         b2:df:7c:eb:87:76:71:35:6b:85:84:51:14:4b:37:dd:d7:f5:
         7f:88:3c:59:89:6b:28:46:3d:b5:b6:b7:1b:22:42:60:91:f8:
         79:d6:9b:cd:8d:85:d0:5e:ca:79:a5:a2:3b:20:fa:d1:b8:67:
         25:fe:54:95:22:7e:1d:d1:f6:ee:46:91:8c:e6:91:b1:b3:f0:
         55:5f:81:fa:55:a4:bb:a5:36:90:98:ef:23:82:5b:12:b5:80:
         54:ed:b2:fd:87:86:db:8a:d5:dd:f5:e0:06:22:eb:dc:eb:66:
         21:93:d7:da:ac:3c:d8:1f:0f:94:9d:5a:b5:da:a7:c1:e6:b6:
         25:94:d2:b7:30:8e:22:78:c0:c3:78:4a:7c:af:07:a0:ab:25:
         d4:ec:44:be:f5:53:25:59:2f:5e:13:d6:1b:bb:24:96:06:2b:
         04:97:58:52:8b:e6:54:57:b4:f2:9b:2d:29:30:ef:e5:f6:c4:
         44:92:52:44
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYSFeJmd3I2KEdiQXC2Svuf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjIxMTE3MTIwMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ0M2FlZThiNWVmZmMzMmJlZmIyZTBkZTdhYzBmZDM5NmExYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp3QI9xUx/1+DeYf9jyOSrHC3pJj
av0VnxG3EdK7NIiR6129E1W/tRMiYphrk18AgcFMfMCiCNM84vqfpbQxloQUQmug
cZ2iAhUd7ixTKAAZ+h5BL7jm8XuFeo0u1nlwL2ZE4OH1kraYi6t4ZEFXQMJk5Jy6
8OuXWYjyJIGAtHRIgNoWcPZkyAidXVaAeyb7FEzkVfECk1dlrUyg0iI3WtNPWo6D
gtGPNF8jnesVPeU3zNq2thkxUwSLoWd5FSMK8o8D7qolGONV2zB4RoYTbSVub0CD
1xz8R6cfSilM5Ebbzek8bgo7xvyK4xyYx8ciSXXOvT7AIcS0u4UAkXjtsQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIDUOu6LXv/DK++y4N56wP05ahseMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvZ05RNjdvdGVfOE1yNzdMZzNuckFfVGxxR3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuQHmAwQC
w0V0AwQAw/XwMA8EAgACMAkDBwAgAQf4ASIwDQYJKoZIhvcNAQELBQADggEBAATw
7kt6OmmM8yZSkib6pqBjc93E2t2nDNxhgytGtcewpuqRrecxKkDwY8lzAdYpWXqQ
2N6jCC5iEzF0F4Jr+dWuGo6QngvQ1bLffOuHdnE1a4WEURRLN93X9X+IPFmJayhG
PbW2txsiQmCR+HnWm82NhdBeynmlojsg+tG4ZyX+VJUifh3R9u5GkYzmkbGz8FVf
gfpVpLulNpCY7yOCWxK1gFTtsv2HhtuK1d314AYi69zrZiGT19qsPNgfD5SdWrXa
p8HmtiWU0rcwjiJ4wMN4SnyvB6CrJdTsRL71UyVZL14T1hu7JJYGKwSXWFKL5lRX
tPKbLSkw7+X2xESSUkQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:35 2024 by rpki-client on console-ams.rpki-client.org