Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5ae8bf-f999-4c74-9f46-325627c466e2/1/GMf3sJQsNe8uuG6G-csRdUhmJXA.roa
File:                     GMf3sJQsNe8uuG6G-csRdUhmJXA.roa (raw, json)
Hash identifier:          3CsuI6/TZm2oEB7WI33nmoiv7DmAerK1fpRQCEPk0/U=
Subject key identifier:   18:C7:F7:B0:94:2C:35:EF:2E:B8:6E:86:F9:CB:11:75:48:66:25:70
Certificate issuer:       /CN=b1b201363ccc556bec88702569d8d381a0e89566
Certificate serial:       01CDBB
Authority key identifier: B1:B2:01:36:3C:CC:55:6B:EC:88:70:25:69:D8:D3:81:A0:E8:95:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sbIBNjzMVWvsiHAladjTgaDolWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5ae8bf-f999-4c74-9f46-325627c466e2/1/GMf3sJQsNe8uuG6G-csRdUhmJXA.roa
Signing time:             Thu 02 Jun 2022 08:34:20 +0000
ROA not before:           Thu 02 Jun 2022 08:34:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50945
IP address blocks:        91.216.52.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118203 (0x1cdbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1b201363ccc556bec88702569d8d381a0e89566
        Validity
            Not Before: Jun  2 08:34:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18c7f7b0942c35ef2eb86e86f9cb117548662570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a5:91:5f:6f:04:3f:42:74:b3:f3:11:54:3b:
                    c7:4a:cf:62:fd:e3:8b:c2:bc:f5:df:88:75:c0:01:
                    0c:04:f6:1f:92:7e:0c:95:b1:84:c2:40:01:0f:84:
                    fe:7e:6f:11:c5:bb:f9:5b:cd:47:5e:9d:2b:bf:51:
                    e3:70:74:eb:1b:6b:55:f1:59:02:5a:a7:e8:4a:a7:
                    bf:29:7e:db:0c:a8:37:5b:f2:f4:59:b8:bb:3e:77:
                    17:53:89:01:8d:6e:fe:5d:ce:0c:bf:45:b5:af:9b:
                    04:3a:9f:b3:55:a4:fc:17:f4:23:83:c9:c3:4a:ce:
                    27:87:b4:f7:fa:8f:dd:98:15:69:1d:c3:81:e2:d9:
                    03:77:d0:50:ff:65:c0:d0:2a:fd:bc:da:0e:71:4a:
                    56:6a:a2:9b:5b:05:79:d2:0f:5a:3d:1e:90:a9:90:
                    86:3a:b7:bd:36:df:78:65:63:ad:bc:4a:65:1f:8f:
                    0a:07:76:8a:42:96:82:64:a3:1e:2f:18:19:47:bd:
                    dd:7d:e3:79:e3:f8:11:aa:9b:9d:fc:99:07:a6:29:
                    18:22:64:de:b5:76:8b:0f:0f:16:c5:0d:a6:ad:ed:
                    ae:c3:20:e0:ae:a4:a1:ab:5c:38:ef:ce:1e:85:b3:
                    38:c2:a4:7f:46:89:74:8d:1e:9e:17:36:b4:e6:80:
                    c0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:C7:F7:B0:94:2C:35:EF:2E:B8:6E:86:F9:CB:11:75:48:66:25:70
            X509v3 Authority Key Identifier:
                keyid:B1:B2:01:36:3C:CC:55:6B:EC:88:70:25:69:D8:D3:81:A0:E8:95:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbIBNjzMVWvsiHAladjTgaDolWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5ae8bf-f999-4c74-9f46-325627c466e2/1/GMf3sJQsNe8uuG6G-csRdUhmJXA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5ae8bf-f999-4c74-9f46-325627c466e2/1/sbIBNjzMVWvsiHAladjTgaDolWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:36:ee:d3:19:c0:9a:f9:76:8f:42:5b:56:b2:cf:3b:7c:67:
         e4:f1:3a:40:03:d3:85:6b:f6:2d:c3:40:bb:ae:7e:ee:a4:2e:
         53:b9:54:30:b8:ca:59:c6:b9:e0:f9:ee:5c:ca:d1:ec:6b:a8:
         be:f7:b8:3f:82:aa:60:16:bf:d2:79:14:3b:cb:5c:00:52:bf:
         00:4a:d8:9c:ca:64:8a:84:a2:3e:8e:3d:21:c1:ae:c8:38:7c:
         c7:3c:2b:95:e6:db:34:9e:6a:f7:ca:04:65:75:4f:ab:e1:b0:
         79:f8:67:e8:b5:f5:d9:45:cb:ea:d1:b1:c5:e5:3d:79:35:7d:
         be:34:f7:b1:c9:28:2b:1f:94:da:7d:27:cb:9c:54:c5:ad:b4:
         90:96:f3:75:bb:95:97:f3:4f:17:45:56:e4:08:c5:b2:62:ce:
         17:bd:81:13:28:a9:1f:c4:b8:7f:8b:a2:e8:18:2a:52:bc:65:
         59:b1:20:e3:52:8c:97:dd:c3:6f:0e:24:2a:46:20:61:56:85:
         43:2f:85:71:4f:88:cb:da:15:b8:0e:fa:ca:84:00:96:e6:ad:
         39:c3:d1:02:7c:7e:17:14:a8:df:1f:aa:d4:68:18:10:60:c6:
         47:53:65:e7:14:02:17:14:09:c8:d0:d7:c7:ea:4f:18:c8:aa:
         01:e1:b5:95
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAc27MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIx
YjIwMTM2M2NjYzU1NmJlYzg4NzAyNTY5ZDhkMzgxYTBlODk1NjYwHhcNMjIwNjAy
MDgzNDIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxOGM3ZjdiMDk0MmMz
NWVmMmViODZlODZmOWNiMTE3NTQ4NjYyNTcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA16WRX28EP0J0s/MRVDvHSs9i/eOLwrz134h1wAEMBPYfkn4M
lbGEwkABD4T+fm8Rxbv5W81HXp0rv1HjcHTrG2tV8VkCWqfoSqe/KX7bDKg3W/L0
Wbi7PncXU4kBjW7+Xc4Mv0W1r5sEOp+zVaT8F/Qjg8nDSs4nh7T3+o/dmBVpHcOB
4tkDd9BQ/2XA0Cr9vNoOcUpWaqKbWwV50g9aPR6QqZCGOre9Nt94ZWOtvEplH48K
B3aKQpaCZKMeLxgZR73dfeN54/gRqpud/JkHpikYImTetXaLDw8WxQ2mre2uwyDg
rqShq1w4784ehbM4wqR/Rol0jR6eFza05oDA4wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFBjH97CULDXvLrhuhvnLEXVIZiVwMB8GA1UdIwQYMBaAFLGyATY8zFVr7Ihw
JWnY04Gg6JVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c2JJQk5qek1WV3ZzaUhBbGFkalRnYURvbFdZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jNi81YWU4YmYtZjk5OS00Yzc0LTlmNDYtMzI1NjI3YzQ2NmUyLzEv
R01mM3NKUXNOZTh1dUc2Ry1jc1JkVWhtSlhBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81
YWU4YmYtZjk5OS00Yzc0LTlmNDYtMzI1NjI3YzQ2NmUyLzEvc2JJQk5qek1WV3Zz
aUhBbGFkalRnYURvbFdZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9g0MA0GCSqGSIb3DQEBCwUAA4IB
AQBQNu7TGcCa+XaPQltWss87fGfk8TpAA9OFa/Ytw0C7rn7upC5TuVQwuMpZxrng
+e5cytHsa6i+97g/gqpgFr/SeRQ7y1wAUr8ASticymSKhKI+jj0hwa7IOHzHPCuV
5ts0nmr3ygRldU+r4bB5+GfotfXZRcvq0bHF5T15NX2+NPexySgrH5TafSfLnFTF
rbSQlvN1u5WX808XRVbkCMWyYs4XvYETKKkfxLh/i6LoGCpSvGVZsSDjUoyX3cNv
DiQqRiBhVoVDL4VxT4jL2hW4DvrKhACW5q05w9ECfH4XFKjfH6rUaBgQYMZHU2Xn
FAIXFAnI0NfH6k8YyKoB4bWV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:14 2024 by rpki-client on console-fra.rpki-client.org