Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/gsUvJ1UqBEcLfjKozIr1ZTon4zI.roa
File:                     gsUvJ1UqBEcLfjKozIr1ZTon4zI.roa (raw, json)
Hash identifier:          U82/K7vCKlQNtmnMcQeSX29nH2GtZPRCtBPRc73SpBo=
Subject key identifier:   82:C5:2F:27:55:2A:04:47:0B:7E:32:A8:CC:8A:F5:65:3A:27:E3:32
Certificate issuer:       /CN=d897faea94815e0520b46f185c3ebec29b376ef0
Certificate serial:       014982
Authority key identifier: D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/gsUvJ1UqBEcLfjKozIr1ZTon4zI.roa
Signing time:             Thu 19 May 2022 07:57:41 +0000
ROA not before:           Thu 19 May 2022 07:57:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        95.130.184.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84354 (0x14982)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d897faea94815e0520b46f185c3ebec29b376ef0
        Validity
            Not Before: May 19 07:57:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=82c52f27552a04470b7e32a8cc8af5653a27e332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9b:2e:35:8e:dd:8a:15:a2:f9:eb:94:88:fb:
                    67:fd:ac:c7:8a:21:ad:ce:fb:c5:ee:b6:fa:61:1a:
                    25:99:45:8d:39:bf:9b:97:af:20:9a:1e:8d:f5:d7:
                    95:6e:bb:ba:8d:14:6f:c5:1c:a1:7c:91:e8:56:ee:
                    95:4c:e8:4b:0e:51:eb:03:a9:dc:62:50:34:2e:ec:
                    f1:63:e8:50:0f:2f:3b:67:85:46:47:ac:c8:22:d7:
                    d6:71:57:f4:14:60:e1:1a:f5:eb:c8:dc:df:cc:25:
                    7d:92:25:3f:d7:be:95:8c:b1:17:81:ee:6a:64:02:
                    f1:65:37:6e:25:43:4c:f8:ab:6f:bc:7f:27:3c:26:
                    c1:3f:3d:50:01:e3:c2:02:da:5b:87:2a:e6:32:d3:
                    65:9d:69:0a:d3:9f:67:ec:84:ad:80:38:86:74:42:
                    f2:0a:c5:58:f8:cf:0d:92:a0:29:00:05:45:10:05:
                    61:95:e4:b3:11:b8:c8:0a:7f:0a:76:c2:de:c6:0d:
                    69:20:42:cb:a4:ad:63:5a:c9:c4:cf:05:f1:c2:1e:
                    b1:12:1b:61:ff:cd:24:e0:6a:23:7f:ac:75:84:a8:
                    41:ea:a1:d9:3b:7e:78:81:d7:a7:84:64:d1:f8:1a:
                    52:e2:0f:28:fc:ef:8a:f4:c6:47:8d:a9:03:45:85:
                    2f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C5:2F:27:55:2A:04:47:0B:7E:32:A8:CC:8A:F5:65:3A:27:E3:32
            X509v3 Authority Key Identifier:
                keyid:D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/gsUvJ1UqBEcLfjKozIr1ZTon4zI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/2Jf66pSBXgUgtG8YXD6-wps3bvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.130.184.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:0e:1d:f8:2a:26:b0:06:02:ab:b0:53:4a:b3:c1:cf:08:c0:
         33:0c:07:b5:3e:ad:5a:4e:20:40:12:3f:66:8f:03:6b:03:74:
         aa:fe:5c:5c:7b:4f:b6:0d:10:14:34:2c:7a:12:80:c6:59:3f:
         55:fc:af:43:9b:00:29:5f:46:7f:1f:25:ed:7d:6a:db:bb:ba:
         eb:11:1a:34:db:09:49:3e:57:4c:18:08:61:6b:7a:b1:1a:28:
         87:0d:ff:a0:73:44:d7:4a:97:2b:2a:8b:e2:2b:6b:a5:29:eb:
         00:9e:c0:af:24:9b:3c:f9:ce:e8:f7:4e:74:a8:b2:91:c4:f3:
         d0:77:1e:49:b2:e4:6e:07:00:06:17:27:3c:4c:7b:a9:e1:5a:
         e5:51:65:ab:b9:f3:ec:ab:1f:9b:5a:91:e1:43:5b:9f:23:8d:
         de:16:bb:c0:ca:7a:6d:b9:c2:95:81:19:f1:e4:a9:f3:9d:d5:
         85:57:ca:d5:22:b5:e0:d1:4f:e9:92:18:85:86:87:28:02:4e:
         85:69:e5:79:24:ae:03:37:f5:36:92:07:ce:11:be:6b:76:6f:
         c0:c6:f3:44:d2:e0:37:35:21:35:1c:58:3f:9d:41:f9:77:79:
         3b:d2:71:53:6d:ad:20:1f:30:ea:d1:2d:4f:89:55:65:f3:56:
         ec:fe:22:8e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAUmCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
OTdmYWVhOTQ4MTVlMDUyMGI0NmYxODVjM2ViZWMyOWIzNzZlZjAwHhcNMjIwNTE5
MDc1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MmM1MmYyNzU1MmEw
NDQ3MGI3ZTMyYThjYzhhZjU2NTNhMjdlMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq5suNY7dihWi+euUiPtn/azHiiGtzvvF7rb6YRolmUWNOb+b
l68gmh6N9deVbru6jRRvxRyhfJHoVu6VTOhLDlHrA6ncYlA0LuzxY+hQDy87Z4VG
R6zIItfWcVf0FGDhGvXryNzfzCV9kiU/176VjLEXge5qZALxZTduJUNM+KtvvH8n
PCbBPz1QAePCAtpbhyrmMtNlnWkK059n7IStgDiGdELyCsVY+M8NkqApAAVFEAVh
leSzEbjICn8KdsLexg1pIELLpK1jWsnEzwXxwh6xEhth/80k4Gojf6x1hKhB6qHZ
O354gdenhGTR+BpS4g8o/O+K9MZHjakDRYUvLQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFILFLydVKgRHC34yqMyK9WU6J+MyMB8GA1UdIwQYMBaAFNiX+uqUgV4FILRv
GFw+vsKbN27wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEv
Z3NVdkoxVXFCRWNMZmpLb3pJcjFaVG9uNHpJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83
NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEvMkpmNjZwU0JYZ1Vn
dEc4WVhENi13cHMzYnZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX4K4MA0GCSqGSIb3DQEBCwUAA4IB
AQCpDh34KiawBgKrsFNKs8HPCMAzDAe1Pq1aTiBAEj9mjwNrA3Sq/lxce0+2DRAU
NCx6EoDGWT9V/K9DmwApX0Z/HyXtfWrbu7rrERo02wlJPldMGAhha3qxGiiHDf+g
c0TXSpcrKoviK2ulKesAnsCvJJs8+c7o9050qLKRxPPQdx5JsuRuBwAGFyc8THup
4VrlUWWrufPsqx+bWpHhQ1ufI43eFrvAynptucKVgRnx5KnzndWFV8rVIrXg0U/p
khiFhocoAk6FaeV5JK4DN/U2kgfOEb5rdm/AxvNE0uA3NSE1HFg/nUH5d3k70nFT
ba0gHzDq0S1PiVVl81bs/iKO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:46 2024 by rpki-client on console-ams.rpki-client.org