Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/GQnBj3hQsPS4X_uIsXzXmghRZ2Y.roa
File:                     GQnBj3hQsPS4X_uIsXzXmghRZ2Y.roa (raw, json)
Hash identifier:          o3kwdkygOX/iPdL3q96fNst4HzPgyk5CqT/ftcIQ0uI=
Subject key identifier:   19:09:C1:8F:78:50:B0:F4:B8:5F:FB:88:B1:7C:D7:9A:08:51:67:66
Certificate issuer:       /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial:       033C5C33
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/GQnBj3hQsPS4X_uIsXzXmghRZ2Y.roa
Signing time:             Sat 01 Jan 2022 09:56:05 +0000
ROA not before:           Sat 01 Jan 2022 09:56:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        185.199.196.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54287411 (0x33c5c33)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
        Validity
            Not Before: Jan  1 09:56:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1909c18f7850b0f4b85ffb88b17cd79a08516766
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bd:06:14:73:2e:b4:51:95:70:d0:76:b3:09:
                    a8:95:d9:e6:fe:65:6a:e5:e0:5b:d9:6c:c7:47:62:
                    82:ad:47:28:a2:5c:e3:8d:d0:f0:4d:1d:a8:ce:07:
                    a6:33:b5:c4:f1:ca:b7:87:2f:c2:a9:08:4f:b0:42:
                    3a:dc:fb:d7:a0:fb:92:fe:22:3f:5c:13:f1:30:a2:
                    8f:a2:39:6c:d2:ad:bf:c9:89:f5:15:7f:9b:5f:53:
                    34:3a:ce:c0:65:f9:02:b8:8e:12:99:73:d8:3a:6d:
                    7d:22:a0:e5:69:15:30:49:b5:42:40:da:4b:9f:fa:
                    1c:b8:1f:e7:54:f0:2f:0c:26:eb:61:32:5f:3c:6f:
                    a5:6d:92:c5:6d:5e:9e:d4:b8:6c:e1:0c:8a:d8:cd:
                    60:7f:81:d2:ce:db:c5:c0:08:48:92:7f:37:af:2a:
                    7e:21:a6:96:2c:fd:c5:c7:a0:47:ec:3f:4d:1f:b2:
                    d3:ed:3c:ec:a7:c2:2d:20:19:b8:1f:e7:92:af:fe:
                    90:e3:b2:90:10:43:5a:7b:0f:b4:af:90:27:4d:60:
                    e8:bd:92:c7:be:99:ce:42:30:06:3d:09:db:48:4b:
                    a7:63:62:ed:72:a5:71:51:44:02:4b:cf:48:67:15:
                    1d:4b:b5:23:1e:a5:5a:75:76:4a:0e:df:e9:eb:1f:
                    a5:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:09:C1:8F:78:50:B0:F4:B8:5F:FB:88:B1:7C:D7:9A:08:51:67:66
            X509v3 Authority Key Identifier:
                keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/GQnBj3hQsPS4X_uIsXzXmghRZ2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.199.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:f2:e1:71:d3:94:5d:5c:cc:16:b9:56:05:41:21:1b:4c:d1:
         9a:c6:5c:77:58:f4:d5:a6:cf:c8:84:e2:7a:ab:db:29:0b:0c:
         6f:09:13:92:35:10:93:1a:ba:f3:65:5c:1a:1b:f9:ec:f3:1f:
         bf:c9:fd:e3:4d:70:99:fa:3a:ed:9c:05:e2:c4:cf:7e:38:17:
         a2:98:13:ca:0d:6f:86:42:37:c1:da:f4:27:56:87:2b:bc:26:
         20:23:7c:86:e5:fe:dc:c0:aa:9d:20:72:7f:c7:29:a8:98:a3:
         3c:0a:38:0f:0b:3c:a6:b5:da:04:69:37:1a:83:97:92:0a:27:
         e6:68:79:bc:36:0d:81:e2:51:38:64:15:85:50:6d:99:7c:f3:
         a8:15:9f:0c:82:11:f8:46:24:38:3c:81:d3:f9:17:7d:0b:8b:
         ae:eb:be:54:5b:8e:78:87:49:29:b4:44:4f:60:54:ca:70:e3:
         7e:86:0b:00:97:57:10:be:f8:b5:65:03:55:71:c8:54:3e:e0:
         bb:8a:26:fd:54:9b:05:30:3e:ca:32:d7:68:be:ae:7e:31:23:
         40:ae:0c:02:19:15:ce:23:a9:df:e1:a9:65:05:a6:7c:a6:f4:
         45:46:fc:be:c4:0c:9e:01:eb:73:92:43:30:f2:7d:32:b4:19:
         11:b8:06:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzxcMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjFiZDdkZDFmOGFjOGI0MTkyYmE3OGE1OTIzNDhiNWRkMGExYTY2MB4XDTIyMDEw
MTA5NTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTkwOWMxOGY3ODUw
YjBmNGI4NWZmYjg4YjE3Y2Q3OWEwODUxNjc2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK29BhRzLrRRlXDQdrMJqJXZ5v5lauXgW9lsx0digq1HKKJc
443Q8E0dqM4HpjO1xPHKt4cvwqkIT7BCOtz716D7kv4iP1wT8TCij6I5bNKtv8mJ
9RV/m19TNDrOwGX5AriOEplz2DptfSKg5WkVMEm1QkDaS5/6HLgf51TwLwwm62Ey
XzxvpW2SxW1entS4bOEMitjNYH+B0s7bxcAISJJ/N68qfiGmliz9xcegR+w/TR+y
0+087KfCLSAZuB/nkq/+kOOykBBDWnsPtK+QJ01g6L2Sx76ZzkIwBj0J20hLp2Ni
7XKlcVFEAkvPSGcVHUu1Ix6lWnV2Sg7f6esfpRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQZCcGPeFCw9Lhf+4ixfNeaCFFnZjAfBgNVHSMEGDAWgBTmG9fdH4rItBkr
p4pZI0i13QoaZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVodlgzUi1LeUxRWks2ZUtXU05JdGQwS0dtWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNGFjYzE1LWJiYTAtNDQ1OS05NjY3LWRlOWIyZjhmN2UyOS8x
L0dRbkJqM2hRc1BTNFhfdUlzWHpYbWdoUloyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NGFjYzE1LWJiYTAtNDQ1OS05NjY3LWRlOWIyZjhmN2UyOS8xLzVodlgzUi1LeUxR
Wks2ZUtXU05JdGQwS0dtWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnHxDANBgkqhkiG9w0BAQsFAAOC
AQEADvLhcdOUXVzMFrlWBUEhG0zRmsZcd1j01abPyITieqvbKQsMbwkTkjUQkxq6
82VcGhv57PMfv8n9401wmfo67ZwF4sTPfjgXopgTyg1vhkI3wdr0J1aHK7wmICN8
huX+3MCqnSByf8cpqJijPAo4Dws8prXaBGk3GoOXkgon5mh5vDYNgeJROGQVhVBt
mXzzqBWfDIIR+EYkODyB0/kXfQuLruu+VFuOeIdJKbRET2BUynDjfoYLAJdXEL74
tWUDVXHIVD7gu4om/VSbBTA+yjLXaL6ufjEjQK4MAhkVziOp3+GpZQWmfKb0RUb8
vsQMngHrc5JDMPJ9MrQZEbgGbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org