Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GATCJz998cpZFCnKsF0PPr8FTE0.roa
File:                     GATCJz998cpZFCnKsF0PPr8FTE0.roa (raw, json)
Hash identifier:          8bvwSMgZm/bMs6m3aSH73VSaqIDG0Nlr5M988kx8/uc=
Subject key identifier:   18:04:C2:27:3F:7D:F1:CA:59:14:29:CA:B0:5D:0F:3E:BF:05:4C:4D
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01850089ABE037277FAAAFC0658FE15E4F29
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GATCJz998cpZFCnKsF0PPr8FTE0.roa
Signing time:             Sun 11 Dec 2022 09:35:00 +0000
ROA not before:           Sun 11 Dec 2022 09:35:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206286
IP address blocks:        45.137.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:00:89:ab:e0:37:27:7f:aa:af:c0:65:8f:e1:5e:4f:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Dec 11 09:35:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1804c2273f7df1ca591429cab05d0f3ebf054c4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:34:1a:1d:43:16:4b:67:ed:53:33:31:12:5c:
                    1b:c9:b1:5b:3c:02:78:c9:0e:d1:45:53:49:bb:8f:
                    67:8b:41:f3:68:dd:57:16:ee:09:05:35:69:ad:f4:
                    4e:9c:06:11:11:34:dc:f0:a7:d4:ab:e9:62:eb:d6:
                    7c:4f:54:f1:ce:a7:d1:e1:41:36:42:d2:fb:4c:03:
                    9c:f9:26:5c:d1:18:84:b9:92:2b:3f:9f:d5:f4:46:
                    e8:86:a8:43:c9:4f:ff:ab:88:8b:7d:b3:d7:ab:d6:
                    c4:ce:42:43:0c:cb:94:de:dd:12:b9:38:20:ff:39:
                    76:4a:b9:47:e0:37:29:13:c2:53:3a:fc:9d:36:95:
                    99:b2:aa:f7:13:4a:23:ba:34:5f:7d:e3:53:d8:00:
                    ab:62:eb:28:9d:4a:69:73:65:82:76:4a:a9:be:7e:
                    5a:de:da:8a:eb:74:f0:71:bb:85:cd:c3:0e:ad:22:
                    68:05:57:c4:7c:25:c7:2d:59:4f:35:49:33:82:13:
                    cf:a3:18:74:fd:27:36:60:9f:a8:09:c7:7d:10:12:
                    5b:f0:ee:bb:fc:ce:2a:85:1b:9a:82:20:d5:d2:ef:
                    bb:9b:c2:de:24:a0:29:88:2b:5d:21:cf:84:6d:39:
                    36:61:e5:68:12:15:33:a3:42:af:fc:c7:e4:2f:cc:
                    cb:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:04:C2:27:3F:7D:F1:CA:59:14:29:CA:B0:5D:0F:3E:BF:05:4C:4D
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GATCJz998cpZFCnKsF0PPr8FTE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:e2:c0:c9:e0:7f:63:aa:b7:ea:03:8a:a6:b9:fb:0b:c8:12:
         cb:c8:ef:a6:54:96:3d:09:df:17:01:52:54:13:1e:89:d3:df:
         62:87:4c:ac:a5:51:e6:a4:6c:d7:92:60:7a:d7:ba:74:30:f2:
         0a:dd:ae:86:e2:fa:07:ae:a7:a9:27:fe:34:27:38:e6:e0:13:
         56:85:62:4d:93:de:c4:6a:5b:37:22:92:89:bf:90:39:d1:41:
         d9:60:74:44:88:54:63:a3:02:c7:a2:27:15:76:81:1f:eb:eb:
         ea:d7:7c:6d:95:25:cc:3d:cf:06:0d:60:ce:19:e9:f6:b5:e3:
         f2:01:a8:a6:ba:5b:ac:d1:df:5c:e6:d5:f3:ed:96:b8:f3:39:
         b7:10:a8:b1:5d:0a:4c:22:c5:2b:e1:05:ea:21:c4:96:52:e0:
         00:9f:f0:c0:2a:ba:e7:e0:50:ca:9d:84:16:8b:85:59:63:d9:
         3e:e3:16:91:4e:79:ea:ef:72:d2:d8:2f:5b:fc:1f:66:60:a8:
         b7:fe:58:98:57:49:52:cb:86:75:a1:ec:22:02:c7:54:dc:40:
         8a:1d:4e:0a:ae:a6:fd:21:d6:96:53:d6:64:2d:24:06:fb:a1:
         ef:26:b8:25:e1:53:c3:ef:51:f0:f1:e3:dc:8f:41:35:ae:b1:
         6e:5a:2a:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUAiavgNyd/qq/AZY/hXk8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMjExMDkzNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA0YzIyNzNmN2RmMWNhNTkxNDI5Y2FiMDVkMGYzZWJmMDU0YzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQaHUMWS2ftUzMxElwbybFbPAJ4
yQ7RRVNJu49ni0HzaN1XFu4JBTVprfROnAYRETTc8KfUq+li69Z8T1TxzqfR4UE2
QtL7TAOc+SZc0RiEuZIrP5/V9EbohqhDyU//q4iLfbPXq9bEzkJDDMuU3t0SuTgg
/zl2SrlH4DcpE8JTOvydNpWZsqr3E0ojujRffeNT2ACrYusonUppc2WCdkqpvn5a
3tqK63TwcbuFzcMOrSJoBVfEfCXHLVlPNUkzghPPoxh0/Sc2YJ+oCcd9EBJb8O67
/M4qhRuagiDV0u+7m8LeJKApiCtdIc+EbTk2YeVoEhUzo0Kv/MfkL8zL0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgEwic/ffHKWRQpyrBdDz6/BUxNMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvR0FUQ0p6OTk4Y3BaRkNuS3NGMFBQcjhGVEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYnPMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4sDJ4H9jqrfqA4qmufsLyBLLyO+mVJY9Cd8XAVJU
Ex6J099ih0yspVHmpGzXkmB617p0MPIK3a6G4voHrqepJ/40Jzjm4BNWhWJNk97E
als3IpKJv5A50UHZYHREiFRjowLHoicVdoEf6+vq13xtlSXMPc8GDWDOGen2tePy
Aaimulus0d9c5tXz7Za48zm3EKixXQpMIsUr4QXqIcSWUuAAn/DAKrrn4FDKnYQW
i4VZY9k+4xaRTnnq73LS2C9b/B9mYKi3/liYV0lSy4Z1oewiAsdU3ECKHU4Krqb9
IdaWU9ZkLSQG+6HvJrgl4VPD71Hw8ePcj0E1rrFuWiqT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org