Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa
File:                     GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa (raw, json)
Hash identifier:          y9Oo18ZjoDupRKa7GV7IfevStBQszccSOQHv/XqKsfk=
Subject key identifier:   1A:03:9E:03:40:BF:0A:60:75:A6:E2:7C:65:75:DB:B9:EF:1F:CC:3B
Certificate issuer:       /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial:       018510B0B07242A4D9CEB1E4627901FE2BB1
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa
Signing time:             Wed 14 Dec 2022 12:51:32 +0000
ROA not before:           Wed 14 Dec 2022 12:51:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3177
IP address blocks:        195.28.11.0/24 maxlen: 24
                          103.215.223.0/24 maxlen: 24
                          103.215.221.0/24 maxlen: 24
                          103.215.222.0/24 maxlen: 24
                          103.215.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:10:b0:b0:72:42:a4:d9:ce:b1:e4:62:79:01:fe:2b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
        Validity
            Not Before: Dec 14 12:51:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1a039e0340bf0a6075a6e27c6575dbb9ef1fcc3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:fb:5d:c9:6d:74:ff:c5:05:cf:fd:cc:7b:be:
                    94:8e:67:01:cb:0a:d9:56:e9:9c:56:86:14:b9:e9:
                    6d:ff:d6:b2:43:ba:70:ec:10:9e:81:c0:09:45:5f:
                    55:ec:43:46:04:1a:c7:38:71:f9:ba:07:fc:c4:a0:
                    98:50:92:a6:40:03:c4:05:ad:ff:98:f8:e5:76:c6:
                    78:af:14:e0:0a:37:75:cc:e7:73:8c:92:9c:92:3e:
                    fd:a4:d2:7a:4a:88:fa:5c:99:be:5a:c5:6d:54:15:
                    91:55:17:93:60:44:e9:00:2a:e6:52:eb:b9:6a:bc:
                    41:a6:a7:c4:04:f7:fc:31:26:b5:c5:a3:67:6d:34:
                    0d:72:65:cc:44:e6:eb:26:72:f3:88:2e:ff:19:a9:
                    d1:e1:71:98:b6:80:cd:36:87:58:13:d9:00:93:ed:
                    97:cb:4c:60:b2:a4:27:98:e1:40:d9:df:fd:a9:b0:
                    fb:b3:35:a4:61:e0:ca:ff:59:30:2e:1e:c9:4b:f4:
                    86:e8:21:18:0f:30:37:0f:76:ad:39:d3:85:93:2d:
                    c3:f1:dc:31:ed:66:89:05:d1:b0:dc:f7:90:b9:3f:
                    1d:8d:c6:32:42:37:75:46:85:65:81:d7:a6:90:f4:
                    12:b2:00:5d:4e:84:c3:85:39:f0:70:ea:9e:30:6a:
                    5b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:03:9E:03:40:BF:0A:60:75:A6:E2:7C:65:75:DB:B9:EF:1F:CC:3B
            X509v3 Authority Key Identifier:
                keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/GgOeA0C_CmB1puJ8ZXXbue8fzDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.215.220.0/22
                  195.28.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:ee:a5:46:5c:3b:82:f3:ee:da:54:07:36:ce:90:7a:32:57:
         63:14:96:42:eb:71:1e:d6:de:29:0a:ec:fe:64:e8:15:45:8f:
         74:8a:8b:42:72:af:da:80:52:6d:46:23:66:fd:87:5c:a8:04:
         b6:4a:86:75:91:b1:7e:7b:0d:9c:e0:ff:5e:c6:10:8b:99:af:
         8b:69:14:75:58:74:e9:32:bb:f6:e6:bc:c8:9c:c4:f9:c7:88:
         65:9c:0a:69:73:f8:aa:ba:ba:7b:be:13:72:ac:d4:33:72:f0:
         cc:b2:0e:f4:c5:e1:64:25:4c:6d:72:14:d3:b4:e9:bb:3e:18:
         03:47:d7:32:50:71:6b:16:dd:25:f3:a2:69:d6:9c:9f:e0:81:
         b9:ff:f0:58:3f:d1:27:92:48:fe:66:5c:5d:38:de:95:d8:0f:
         16:67:c6:80:25:bf:14:2f:b4:e2:81:06:44:e8:84:76:db:57:
         ad:76:1a:8c:e4:2e:40:ed:7c:23:9a:aa:a1:c6:2a:ee:d5:6a:
         8e:2e:ce:31:a3:ae:e0:53:2a:c1:56:9e:08:7c:77:27:88:45:
         bb:4f:89:23:fc:6c:18:b0:5a:c3:d9:71:5e:0d:da:fe:0a:53:
         7f:93:de:4e:0f:78:2f:23:db:a4:e3:b5:ec:9c:5c:59:ce:f9:
         0e:1c:3b:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUQsLByQqTZzrHkYnkB/iuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIxMjE0MTI1MTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTAzOWUwMzQwYmYwYTYwNzVhNmUyN2M2NTc1ZGJiOWVmMWZjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvtdyW10/8UFz/3Me76UjmcBywrZ
VumcVoYUuelt/9ayQ7pw7BCegcAJRV9V7ENGBBrHOHH5ugf8xKCYUJKmQAPEBa3/
mPjldsZ4rxTgCjd1zOdzjJKckj79pNJ6Soj6XJm+WsVtVBWRVReTYETpACrmUuu5
arxBpqfEBPf8MSa1xaNnbTQNcmXMRObrJnLziC7/GanR4XGYtoDNNodYE9kAk+2X
y0xgsqQnmOFA2d/9qbD7szWkYeDK/1kwLh7JS/SG6CEYDzA3D3atOdOFky3D8dwx
7WaJBdGw3PeQuT8djcYyQjd1RoVlgdemkPQSsgBdToTDhTnwcOqeMGpbXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBoDngNAvwpgdabifGV127nvH8w7MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvR2dPZUEwQ19DbUIxcHVKOFpYWGJ1ZThmekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ9fcAwQA
wxwLMA0GCSqGSIb3DQEBCwUAA4IBAQA+7qVGXDuC8+7aVAc2zpB6MldjFJZC63Ee
1t4pCuz+ZOgVRY90iotCcq/agFJtRiNm/YdcqAS2SoZ1kbF+ew2c4P9exhCLma+L
aRR1WHTpMrv25rzInMT5x4hlnAppc/iqurp7vhNyrNQzcvDMsg70xeFkJUxtchTT
tOm7PhgDR9cyUHFrFt0l86Jp1pyf4IG5//BYP9Enkkj+ZlxdON6V2A8WZ8aAJb8U
L7TigQZE6IR221etdhqM5C5A7Xwjmqqhxiru1WqOLs4xo67gUyrBVp4IfHcniEW7
T4kj/GwYsFrD2XFeDdr+ClN/k95OD3gvI9uk47XsnFxZzvkOHDuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org