Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/G8G4Jl34NwIY9fb57HP3_vfcZiU.roa
File:                     G8G4Jl34NwIY9fb57HP3_vfcZiU.roa (raw, json)
Hash identifier:          Z3YCvbYDb99cbfQfv2qn4GpZwyu/If3NTzfk5UaHCf0=
Subject key identifier:   1B:C1:B8:26:5D:F8:37:02:18:F5:F6:F9:EC:73:F7:FE:F7:DC:66:25
Certificate issuer:       /CN=ea5187cbf738c0e9d7a3ed9bfcb2c4a677226483
Certificate serial:       0B1BA82F
Authority key identifier: EA:51:87:CB:F7:38:C0:E9:D7:A3:ED:9B:FC:B2:C4:A6:77:22:64:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6lGHy_c4wOnXo-2b_LLEpnciZIM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/G8G4Jl34NwIY9fb57HP3_vfcZiU.roa
Signing time:             Sat 01 Jan 2022 04:04:01 +0000
ROA not before:           Sat 01 Jan 2022 04:04:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200306
IP address blocks:        2001:678:7e0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 186361903 (0xb1ba82f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea5187cbf738c0e9d7a3ed9bfcb2c4a677226483
        Validity
            Not Before: Jan  1 04:04:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1bc1b8265df8370218f5f6f9ec73f7fef7dc6625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f1:f0:6c:9b:56:56:36:9d:e9:3c:53:44:1d:
                    0f:33:53:e3:91:74:b2:35:c9:45:dd:fc:8e:18:91:
                    17:90:89:e1:4b:27:c0:6a:1a:84:b8:49:c1:c6:bb:
                    68:bf:a3:94:88:1d:33:47:50:86:9a:78:52:d3:6c:
                    65:91:cf:f1:0d:bb:5b:20:6b:63:62:33:a6:27:85:
                    6e:92:1c:e6:d1:88:af:9a:a9:f2:e8:16:02:6a:65:
                    47:96:2f:69:b1:c4:28:fa:d5:ba:ed:4a:9b:f9:bf:
                    fe:69:b4:85:52:2c:fc:38:95:b1:f7:7f:6f:17:1c:
                    eb:7a:9c:8e:d9:0c:53:7e:af:2f:a8:05:65:30:65:
                    19:3b:eb:47:10:ef:bb:fe:b1:23:86:42:03:9f:a9:
                    f8:35:93:3c:27:3b:77:77:76:46:4d:dd:93:98:a1:
                    74:2e:50:24:4d:79:22:a8:66:5b:09:be:93:fe:87:
                    41:60:98:b2:6f:65:24:71:60:63:05:91:0a:0c:22:
                    19:19:48:00:4e:2d:60:14:a7:b4:31:96:6f:b4:bd:
                    1c:9e:ee:1b:1b:c7:fa:20:88:bb:b5:9b:0e:03:24:
                    0d:9b:7e:2b:57:8f:2b:b6:5f:0f:be:08:42:19:d0:
                    23:ad:7f:e8:91:09:fd:76:fc:03:96:79:79:fd:a6:
                    cf:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:C1:B8:26:5D:F8:37:02:18:F5:F6:F9:EC:73:F7:FE:F7:DC:66:25
            X509v3 Authority Key Identifier:
                keyid:EA:51:87:CB:F7:38:C0:E9:D7:A3:ED:9B:FC:B2:C4:A6:77:22:64:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lGHy_c4wOnXo-2b_LLEpnciZIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/G8G4Jl34NwIY9fb57HP3_vfcZiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/05f238-bb62-455d-9921-3a2722507ee5/1/6lGHy_c4wOnXo-2b_LLEpnciZIM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:7e0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b9:93:98:3e:52:ef:91:84:8e:65:9b:20:b5:fd:9c:e5:48:83:
         03:3d:ab:09:b7:a0:e0:10:a8:04:d1:e2:39:5b:11:6d:1e:a8:
         89:30:d7:4f:9d:e1:8d:33:47:3a:1c:fa:b3:68:74:77:c6:54:
         b4:a6:10:0b:59:c0:d8:c3:3a:c4:07:4a:da:16:6c:21:68:d9:
         9c:dc:d4:c7:cc:f7:9b:f4:78:08:8b:fb:85:be:cc:07:e9:7f:
         8b:62:00:c3:03:46:00:7a:40:85:3a:4d:07:13:06:67:eb:f6:
         16:56:e2:04:0e:50:36:5a:58:78:01:40:0c:f1:c4:b7:d6:40:
         25:8d:7e:ba:f1:27:f0:27:42:bc:84:1a:9c:26:54:20:eb:89:
         31:8c:f6:39:88:97:cc:8a:98:07:30:49:14:a5:24:d9:56:0c:
         b8:b4:53:f4:c2:60:20:5a:8d:fb:82:8f:25:57:89:72:4a:55:
         51:c4:0e:2a:73:fe:4b:00:53:b3:57:c1:bc:98:16:e5:54:fe:
         43:fd:b7:1d:ee:23:d5:c0:df:2b:2f:96:b1:46:ba:12:85:fd:
         de:fd:21:ba:28:0a:75:ea:26:26:86:50:19:9c:f2:36:60:36:
         ec:0d:de:c5:9e:92:45:a6:be:79:f6:a6:ba:c4:3d:80:5f:11:
         d1:41:40:db
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECxuoLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTUxODdjYmY3MzhjMGU5ZDdhM2VkOWJmY2IyYzRhNjc3MjI2NDgzMB4XDTIyMDEw
MTA0MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJjMWI4MjY1ZGY4
MzcwMjE4ZjVmNmY5ZWM3M2Y3ZmVmN2RjNjYyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjx8GybVlY2nek8U0QdDzNT45F0sjXJRd38jhiRF5CJ4Usn
wGoahLhJwca7aL+jlIgdM0dQhpp4UtNsZZHP8Q27WyBrY2IzpieFbpIc5tGIr5qp
8ugWAmplR5YvabHEKPrVuu1Km/m//mm0hVIs/DiVsfd/bxcc63qcjtkMU36vL6gF
ZTBlGTvrRxDvu/6xI4ZCA5+p+DWTPCc7d3d2Rk3dk5ihdC5QJE15IqhmWwm+k/6H
QWCYsm9lJHFgYwWRCgwiGRlIAE4tYBSntDGWb7S9HJ7uGxvH+iCIu7WbDgMkDZt+
K1ePK7ZfD74IQhnQI61/6JEJ/Xb8A5Z5ef2mz2cCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQbwbgmXfg3Ahj19vnsc/f+99xmJTAfBgNVHSMEGDAWgBTqUYfL9zjA6dej
7Zv8ssSmdyJkgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZsR0h5X2M0d09uWG8tMmJfTExFcG5jaVpJTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvMDVmMjM4LWJiNjItNDU1ZC05OTIxLTNhMjcyMjUwN2VlNS8x
L0c4RzRKbDM0TndJWTlmYjU3SFAzX3ZmY1ppVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
MDVmMjM4LWJiNjItNDU1ZC05OTIxLTNhMjcyMjUwN2VlNS8xLzZsR0h5X2M0d09u
WG8tMmJfTExFcG5jaVpJTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngH4DANBgkqhkiG9w0BAQsF
AAOCAQEAuZOYPlLvkYSOZZsgtf2c5UiDAz2rCbeg4BCoBNHiOVsRbR6oiTDXT53h
jTNHOhz6s2h0d8ZUtKYQC1nA2MM6xAdK2hZsIWjZnNzUx8z3m/R4CIv7hb7MB+l/
i2IAwwNGAHpAhTpNBxMGZ+v2FlbiBA5QNlpYeAFADPHEt9ZAJY1+uvEn8CdCvIQa
nCZUIOuJMYz2OYiXzIqYBzBJFKUk2VYMuLRT9MJgIFqN+4KPJVeJckpVUcQOKnP+
SwBTs1fBvJgW5VT+Q/23He4j1cDfKy+WsUa6EoX93v0huigKdeomJoZQGZzyNmA2
7A3exZ6SRaa+efamusQ9gF8R0UFA2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:24 2024 by rpki-client on console-ams.rpki-client.org