Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5888ff-3b8e-4556-adf4-4d9ecfce0dbc/1/gxcpOpCnd215GhBGG6Wtqpoal2s.roa
File:                     gxcpOpCnd215GhBGG6Wtqpoal2s.roa (raw, json)
Hash identifier:          0Q/uII6fx3lwBnCMUjBIFYrbKqfMx1zIsUsPEwexCU4=
Subject key identifier:   83:17:29:3A:90:A7:77:6D:79:1A:10:46:1B:A5:AD:AA:9A:1A:97:6B
Certificate issuer:       /CN=57fbb6eb2cec9a9b7bb81a3b160c1aab990e4826
Certificate serial:       0136BCF5
Authority key identifier: 57:FB:B6:EB:2C:EC:9A:9B:7B:B8:1A:3B:16:0C:1A:AB:99:0E:48:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V_u26yzsmpt7uBo7Fgwaq5kOSCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5888ff-3b8e-4556-adf4-4d9ecfce0dbc/1/gxcpOpCnd215GhBGG6Wtqpoal2s.roa
Signing time:             Sat 01 Jan 2022 11:03:16 +0000
ROA not before:           Sat 01 Jan 2022 11:03:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42929
IP address blocks:        195.225.80.0/24 maxlen: 24
                          2a11:e600::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20364533 (0x136bcf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57fbb6eb2cec9a9b7bb81a3b160c1aab990e4826
        Validity
            Not Before: Jan  1 11:03:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8317293a90a7776d791a10461ba5adaa9a1a976b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:14:51:7c:cd:1f:cc:ff:5e:85:eb:02:91:2b:
                    0d:a8:a6:72:81:a5:6b:5a:73:bd:ba:0f:6a:f6:d0:
                    4e:b8:b7:a9:38:c9:e5:a8:6a:fc:48:58:99:83:69:
                    0e:a5:3e:08:e7:60:b9:f5:2d:86:06:18:d8:af:46:
                    f1:6f:fe:44:33:f7:c6:c5:43:cb:f8:a2:96:9f:47:
                    18:18:4f:f4:56:0e:19:e5:4d:22:db:31:02:24:cf:
                    fc:94:6b:39:85:07:e2:1c:b6:d2:d8:9d:58:fc:78:
                    df:72:88:aa:d5:89:7b:9b:c1:9f:c5:a1:57:3f:41:
                    e6:cc:35:d5:df:fc:5c:a2:69:48:e6:b9:b8:b6:60:
                    b1:ea:46:45:e8:3e:2e:ab:fd:4c:ea:4d:c9:3b:06:
                    ab:a4:80:27:c5:0f:9c:63:3f:00:95:93:fd:b1:48:
                    59:d3:8e:13:a9:75:1e:1c:e1:65:43:a9:05:26:bd:
                    82:74:21:67:e7:d7:d4:dc:3e:83:d7:b5:43:e7:77:
                    46:20:1d:2d:fc:11:cb:64:e6:a5:7d:06:35:ab:0d:
                    5b:90:0c:42:ec:1a:9d:cf:4a:69:c8:59:46:cd:4c:
                    40:16:b0:97:55:c5:48:59:c4:35:d5:12:a2:8c:72:
                    28:60:a3:66:fc:c6:85:47:48:78:91:a2:f4:b7:7f:
                    47:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:17:29:3A:90:A7:77:6D:79:1A:10:46:1B:A5:AD:AA:9A:1A:97:6B
            X509v3 Authority Key Identifier:
                keyid:57:FB:B6:EB:2C:EC:9A:9B:7B:B8:1A:3B:16:0C:1A:AB:99:0E:48:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V_u26yzsmpt7uBo7Fgwaq5kOSCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5888ff-3b8e-4556-adf4-4d9ecfce0dbc/1/gxcpOpCnd215GhBGG6Wtqpoal2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5888ff-3b8e-4556-adf4-4d9ecfce0dbc/1/V_u26yzsmpt7uBo7Fgwaq5kOSCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.80.0/24
                IPv6:
                  2a11:e600::/29

    Signature Algorithm: sha256WithRSAEncryption
         a1:a8:09:8f:60:5c:b5:b1:aa:1b:bf:20:e0:c2:23:fb:ac:b6:
         14:57:90:3b:14:fd:80:8c:39:34:e8:36:6a:ea:f8:4a:c9:49:
         31:e1:95:2f:4f:18:d3:ce:c3:ce:ae:fa:92:41:84:09:63:16:
         c0:64:c3:51:cb:1e:9e:fa:fd:fa:99:7c:cb:69:9a:94:02:d7:
         96:9c:54:cc:4f:d5:40:36:50:58:19:f5:50:70:e2:f5:52:a3:
         8c:e8:92:4c:ce:a3:b9:8b:a5:76:86:80:39:27:6e:5c:6b:af:
         8c:06:5d:17:38:2f:cd:55:14:ca:d8:eb:a5:e4:f2:39:69:8f:
         44:e5:79:24:00:5d:c4:09:fb:98:eb:a8:c8:82:b7:c0:45:30:
         79:7b:be:98:b4:24:e2:1d:b4:52:9b:f0:cc:d1:30:de:f1:01:
         09:1f:83:8c:94:c4:7c:9f:c8:54:4f:ce:85:8e:99:89:3c:e8:
         66:06:c9:88:0c:f0:04:73:8a:cf:e2:11:83:1d:d3:d9:0f:67:
         9e:c9:2e:0d:4a:6c:70:e4:bb:93:47:c0:1b:6d:9c:da:23:ea:
         74:cf:9b:a3:11:4d:6b:12:59:3e:4c:67:72:3b:75:8c:61:e6:
         d6:7a:a9:27:e5:d8:dc:f2:ee:74:3c:71:d7:4c:b6:5a:3c:b0:
         30:1b:c4:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEATa89TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2ZiYjZlYjJjZWM5YTliN2JiODFhM2IxNjBjMWFhYjk5MGU0ODI2MB4XDTIyMDEw
MTExMDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODMxNzI5M2E5MGE3
Nzc2ZDc5MWExMDQ2MWJhNWFkYWE5YTFhOTc2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMUUXzNH8z/XoXrApErDaimcoGla1pzvboPavbQTri3qTjJ
5ahq/EhYmYNpDqU+COdgufUthgYY2K9G8W/+RDP3xsVDy/iilp9HGBhP9FYOGeVN
ItsxAiTP/JRrOYUH4hy20tidWPx433KIqtWJe5vBn8WhVz9B5sw11d/8XKJpSOa5
uLZgsepGReg+Lqv9TOpNyTsGq6SAJ8UPnGM/AJWT/bFIWdOOE6l1HhzhZUOpBSa9
gnQhZ+fX1Nw+g9e1Q+d3RiAdLfwRy2TmpX0GNasNW5AMQuwanc9KachZRs1MQBaw
l1XFSFnENdUSooxyKGCjZvzGhUdIeJGi9Ld/R1kCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSDFyk6kKd3bXkaEEYbpa2qmhqXazAfBgNVHSMEGDAWgBRX+7brLOyam3u4
GjsWDBqrmQ5IJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZfdTI2eXpzbXB0N3VCbzdGZ3dhcTVrT1NDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvNTg4OGZmLTNiOGUtNDU1Ni1hZGY0LTRkOWVjZmNlMGRiYy8x
L2d4Y3BPcENuZDIxNUdoQkdHNld0cXBvYWwycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
NTg4OGZmLTNiOGUtNDU1Ni1hZGY0LTRkOWVjZmNlMGRiYy8xL1ZfdTI2eXpzbXB0
N3VCbzdGZ3dhcTVrT1NDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMPhUDANBAIAAjAHAwUDKhHmADAN
BgkqhkiG9w0BAQsFAAOCAQEAoagJj2BctbGqG78g4MIj+6y2FFeQOxT9gIw5NOg2
aur4SslJMeGVL08Y087Dzq76kkGECWMWwGTDUcsenvr9+pl8y2malALXlpxUzE/V
QDZQWBn1UHDi9VKjjOiSTM6juYuldoaAOSduXGuvjAZdFzgvzVUUytjrpeTyOWmP
ROV5JABdxAn7mOuoyIK3wEUweXu+mLQk4h20UpvwzNEw3vEBCR+DjJTEfJ/IVE/O
hY6ZiTzoZgbJiAzwBHOKz+IRgx3T2Q9nnskuDUpscOS7k0fAG22c2iPqdM+boxFN
axJZPkxncjt1jGHm1nqpJ+XY3PLudDxx10y2WjywMBvExg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:30 2024 by rpki-client on console-fra.rpki-client.org