Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/1-GCrVI0kNLWupyPiQ4kLku3U6iU.roa
File:                     1-GCrVI0kNLWupyPiQ4kLku3U6iU.roa (raw, json)
Hash identifier:          VyAZel1UkpETM9LQGQDSV2X0Sj6iJqzlbXAiz18UoPs=
Subject key identifier:   F8:60:AB:54:8D:24:34:B5:AE:A7:23:E2:43:89:0B:92:ED:D4:EA:25
Certificate issuer:       /CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Certificate serial:       0334A895
Authority key identifier: 9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/1-GCrVI0kNLWupyPiQ4kLku3U6iU.roa
Signing time:             Sat 01 Jan 2022 14:58:56 +0000
ROA not before:           Sat 01 Jan 2022 14:58:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212424
IP address blocks:        138.195.128.0/19 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53782677 (0x334a895)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
        Validity
            Not Before: Jan  1 14:58:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f860ab548d2434b5aea723e243890b92edd4ea25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:90:6f:69:b2:eb:23:fd:10:e0:1a:3c:e2:d7:
                    37:c9:b0:15:62:37:c7:a3:dc:96:f0:4f:e2:48:b3:
                    9d:88:3e:a6:ec:d2:75:86:66:f3:c8:bb:13:9a:0f:
                    78:62:0f:5c:10:b7:40:33:cb:2e:55:94:ed:47:58:
                    9c:8d:b2:92:09:46:6d:2e:13:40:90:93:98:d3:0d:
                    24:d5:28:d3:0f:cf:53:b0:13:c1:08:fb:93:8b:10:
                    4b:4a:5a:d3:d4:6d:b6:f2:6b:75:17:c5:d8:c5:6c:
                    75:8c:d7:70:39:fa:0b:1f:4a:9e:0b:57:5d:32:c7:
                    3d:9a:b9:5a:c4:75:fa:6f:88:66:dc:bd:3b:89:03:
                    27:93:47:04:7d:db:3e:db:d1:14:cd:f8:a5:cc:4c:
                    fc:87:97:93:e0:d8:50:b9:38:8e:94:74:03:d3:fa:
                    dc:0f:d9:26:35:7a:82:15:e0:a2:8d:bf:55:8a:45:
                    0d:a2:03:e0:f1:6f:5e:25:ad:5e:41:4c:d1:16:02:
                    08:1d:45:78:59:95:57:b4:4b:f6:de:33:80:fa:9d:
                    d3:4f:e1:1f:2c:c2:5f:73:6c:48:ed:9d:52:da:50:
                    c8:5b:20:1a:37:53:60:c5:8e:40:5c:07:21:fe:8e:
                    5a:46:a1:37:3d:23:c5:67:82:b2:57:31:c7:f8:b2:
                    50:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:60:AB:54:8D:24:34:B5:AE:A7:23:E2:43:89:0B:92:ED:D4:EA:25
            X509v3 Authority Key Identifier:
                keyid:9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/1-GCrVI0kNLWupyPiQ4kLku3U6iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/mjk-8WAn_AO8XARf-SidS7t_82Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.195.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         cc:eb:f0:ec:ca:ba:40:a2:ba:83:3f:3b:3e:a3:3a:35:38:98:
         6e:e9:3e:87:13:5c:31:6b:83:21:5b:b6:c9:6d:49:72:63:9f:
         1a:42:44:d9:12:53:36:66:56:60:88:0d:25:ca:6d:00:6c:97:
         7d:ba:d2:60:06:b5:8a:06:bd:91:66:0c:77:fb:74:c8:68:88:
         7a:be:16:11:8c:c3:cd:50:56:e9:1c:53:c5:79:4b:04:1d:11:
         86:2d:1a:df:8a:55:b8:da:8d:d9:26:db:3f:15:e5:ce:cb:ea:
         4a:d9:e9:05:8c:95:98:ba:49:15:ba:f2:8b:8f:88:6a:3e:f1:
         fa:1c:58:80:c9:07:58:a7:a1:0f:04:f3:d5:9a:38:22:7c:75:
         27:a3:7a:7d:df:35:3e:04:e6:f3:b9:4e:5a:c7:f8:51:f6:c0:
         b6:0f:9d:50:23:22:5f:34:7f:a0:2a:48:c7:9f:92:40:6c:44:
         fc:4d:85:0b:6c:64:fa:a9:54:5a:3c:0a:5d:1b:da:fd:5b:c0:
         66:49:74:68:ca:b2:63:23:b7:d5:94:dd:44:91:b4:06:e2:77:
         40:f0:f6:c7:c0:c4:36:b0:a6:92:d3:8c:00:88:51:66:81:6d:
         2e:dc:82:2d:6a:15:77:1a:a7:e2:58:19:b1:c3:74:9c:a4:da:
         12:d1:2f:1c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAzSolTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTM5M2VmMTYwMjdmYzAzYmM1YzA0NWZmOTI4OWQ0YmJiN2ZmMzY0MB4XDTIyMDEw
MTE0NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg2MGFiNTQ4ZDI0
MzRiNWFlYTcyM2UyNDM4OTBiOTJlZGQ0ZWEyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqQb2my6yP9EOAaPOLXN8mwFWI3x6PclvBP4kiznYg+puzS
dYZm88i7E5oPeGIPXBC3QDPLLlWU7UdYnI2ykglGbS4TQJCTmNMNJNUo0w/PU7AT
wQj7k4sQS0pa09RttvJrdRfF2MVsdYzXcDn6Cx9KngtXXTLHPZq5WsR1+m+IZty9
O4kDJ5NHBH3bPtvRFM34pcxM/IeXk+DYULk4jpR0A9P63A/ZJjV6ghXgoo2/VYpF
DaID4PFvXiWtXkFM0RYCCB1FeFmVV7RL9t4zgPqd00/hHyzCX3NsSO2dUtpQyFsg
GjdTYMWOQFwHIf6OWkahNz0jxWeCslcxx/iyUEkCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT4YKtUjSQ0ta6nI+JDiQuS7dTqJTAfBgNVHSMEGDAWgBSaOT7xYCf8A7xc
BF/5KJ1Lu3/zZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21qay04V0FuX0FPOFhBUmYtU2lkUzd0XzgyUS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzZkOTg0LTZiZmMtNDYwMi05ZDU4LWFiMmQ1ZTdkNGE3Yi8x
LzEtR0NyVkkwa05MV3VweVBpUTRrTGt1M1U2aVUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0
L2M2ZDk4NC02YmZjLTQ2MDItOWQ1OC1hYjJkNWU3ZDRhN2IvMS9tamstOFdBbl9B
TzhYQVJmLVNpZFM3dF84MlEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAWKw4AwDQYJKoZIhvcNAQELBQAD
ggEBAMzr8OzKukCiuoM/Oz6jOjU4mG7pPocTXDFrgyFbtsltSXJjnxpCRNkSUzZm
VmCIDSXKbQBsl3260mAGtYoGvZFmDHf7dMhoiHq+FhGMw81QVukcU8V5SwQdEYYt
Gt+KVbjajdkm2z8V5c7L6krZ6QWMlZi6SRW68ouPiGo+8focWIDJB1inoQ8E89Wa
OCJ8dSejen3fNT4E5vO5TlrH+FH2wLYPnVAjIl80f6AqSMefkkBsRPxNhQtsZPqp
VFo8Cl0b2v1bwGZJdGjKsmMjt9WU3USRtAbid0Dw9sfAxDawppLTjACIUWaBbS7c
gi1qFXcap+JYGbHDdJyk2hLRLxw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org