Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/081e96-10e1-4c97-b932-1daf80c519d0/1/ggD5jfGD1ma48SkZSwmqPlHNLkE.roa
File:                     ggD5jfGD1ma48SkZSwmqPlHNLkE.roa (raw, json)
Hash identifier:          hLiy7kY6u+vmbQ6+XmUoqtWiSTBV9t/HMJBCVzj+3Nc=
Subject key identifier:   82:00:F9:8D:F1:83:D6:66:B8:F1:29:19:4B:09:AA:3E:51:CD:2E:41
Certificate issuer:       /CN=743d850cd12a363ddcdb0dc273e1dfc863b705f7
Certificate serial:       02098123
Authority key identifier: 74:3D:85:0C:D1:2A:36:3D:DC:DB:0D:C2:73:E1:DF:C8:63:B7:05:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dD2FDNEqNj3c2w3Cc-HfyGO3Bfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/081e96-10e1-4c97-b932-1daf80c519d0/1/ggD5jfGD1ma48SkZSwmqPlHNLkE.roa
Signing time:             Sat 01 Jan 2022 05:53:42 +0000
ROA not before:           Sat 01 Jan 2022 05:53:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        194.6.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34177315 (0x2098123)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=743d850cd12a363ddcdb0dc273e1dfc863b705f7
        Validity
            Not Before: Jan  1 05:53:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8200f98df183d666b8f129194b09aa3e51cd2e41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cb:26:33:df:60:33:b1:bd:d9:0d:fc:1b:68:
                    ac:3d:96:a3:29:14:d3:f8:b1:87:90:49:47:0f:19:
                    6a:49:f6:30:fb:da:03:03:f4:22:44:44:0b:df:5e:
                    a6:e8:9b:32:ef:d2:1b:c5:8f:55:7b:1f:e1:8e:c5:
                    49:24:c0:b8:ac:8c:14:14:f2:17:74:b8:13:66:38:
                    10:d5:0f:d4:15:48:60:11:c3:ba:74:6d:5c:f7:61:
                    73:be:45:74:e3:d0:7f:6a:99:66:5b:c4:6f:bf:79:
                    af:8b:ad:a7:87:dc:3e:34:20:d5:09:06:a2:10:75:
                    d6:31:26:3f:af:5b:a5:fc:9e:09:a8:81:3d:3e:a7:
                    33:a4:ab:20:fe:2e:87:52:3e:66:a5:da:72:74:4a:
                    d2:da:05:ff:a7:30:ff:7d:3e:c3:7c:af:b9:81:a5:
                    6d:e3:1b:53:99:39:06:e4:b5:df:74:97:a1:a4:6e:
                    c6:5c:22:1c:01:2a:e4:cd:71:2d:3a:26:5e:4b:f7:
                    94:86:55:14:0b:bc:9e:d7:65:ee:40:38:7b:ee:15:
                    cd:a7:94:17:5d:67:da:ec:af:6a:ae:bc:b3:43:82:
                    be:96:08:f1:c4:0d:a6:7e:59:3e:6e:68:0b:14:62:
                    29:b4:05:85:4f:44:a5:63:87:05:16:bc:e1:2f:19:
                    f5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:00:F9:8D:F1:83:D6:66:B8:F1:29:19:4B:09:AA:3E:51:CD:2E:41
            X509v3 Authority Key Identifier:
                keyid:74:3D:85:0C:D1:2A:36:3D:DC:DB:0D:C2:73:E1:DF:C8:63:B7:05:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD2FDNEqNj3c2w3Cc-HfyGO3Bfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/081e96-10e1-4c97-b932-1daf80c519d0/1/ggD5jfGD1ma48SkZSwmqPlHNLkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/081e96-10e1-4c97-b932-1daf80c519d0/1/dD2FDNEqNj3c2w3Cc-HfyGO3Bfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.6.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:b1:f4:1b:64:ef:72:3c:04:32:94:00:d4:03:2a:96:aa:5f:
         c2:c8:58:5e:d6:72:08:cb:85:d9:8f:e6:0c:ff:87:8e:f0:ce:
         35:f9:c1:4c:6c:7e:b1:c6:9b:88:3a:46:82:93:ca:f1:c3:06:
         af:2e:93:6b:0e:92:e6:00:5b:ec:29:ba:53:ba:d5:f0:ec:1a:
         5d:07:87:fe:b5:6e:d8:62:21:36:1e:35:cc:11:47:4e:97:6e:
         48:6d:27:59:04:38:4f:d9:50:73:60:b4:a6:48:0c:ae:ce:9f:
         31:81:55:0e:23:71:16:c8:85:6a:b6:6c:6c:97:62:34:74:42:
         41:51:eb:cc:d2:f2:c4:73:2f:37:37:b6:17:6d:f6:2a:fb:c1:
         f6:b7:b7:f5:1d:c8:5b:96:e0:7e:57:8d:2b:dc:c0:4d:d0:c7:
         a2:d8:08:b5:7c:30:fd:67:54:98:c2:79:15:ed:5d:e2:09:fe:
         c6:79:cf:f6:98:59:5f:f2:5a:82:4b:3e:21:ca:b9:b9:35:38:
         49:6f:50:e6:44:cb:23:2d:8e:74:b4:92:ba:5c:e8:92:57:00:
         6a:9d:28:28:cc:14:0a:6b:a6:40:9d:90:3b:ef:e2:86:27:35:
         5e:d6:dd:ae:6a:3b:b1:19:b7:01:02:b3:51:5e:95:05:85:00:
         da:a7:49:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgmBIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNkODUwY2QxMmEzNjNkZGNkYjBkYzI3M2UxZGZjODYzYjcwNWY3MB4XDTIyMDEw
MTA1NTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIwMGY5OGRmMTgz
ZDY2NmI4ZjEyOTE5NGIwOWFhM2U1MWNkMmU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDLJjPfYDOxvdkN/BtorD2WoykU0/ixh5BJRw8Zakn2MPva
AwP0IkREC99epuibMu/SG8WPVXsf4Y7FSSTAuKyMFBTyF3S4E2Y4ENUP1BVIYBHD
unRtXPdhc75FdOPQf2qZZlvEb795r4utp4fcPjQg1QkGohB11jEmP69bpfyeCaiB
PT6nM6SrIP4uh1I+ZqXacnRK0toF/6cw/30+w3yvuYGlbeMbU5k5BuS133SXoaRu
xlwiHAEq5M1xLTomXkv3lIZVFAu8ntdl7kA4e+4VzaeUF11n2uyvaq68s0OCvpYI
8cQNpn5ZPm5oCxRiKbQFhU9EpWOHBRa84S8Z9c0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCAPmN8YPWZrjxKRlLCao+Uc0uQTAfBgNVHSMEGDAWgBR0PYUM0So2Pdzb
DcJz4d/IY7cF9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2REMkZETkVxTmozYzJ3M0NjLUhmeUdPM0JmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvMDgxZTk2LTEwZTEtNGM5Ny1iOTMyLTFkYWY4MGM1MTlkMC8x
L2dnRDVqZkdEMW1hNDhTa1pTd21xUGxITkxrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
MDgxZTk2LTEwZTEtNGM5Ny1iOTMyLTFkYWY4MGM1MTlkMC8xL2REMkZETkVxTmoz
YzJ3M0NjLUhmeUdPM0JmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIG/zANBgkqhkiG9w0BAQsFAAOC
AQEAeLH0G2TvcjwEMpQA1AMqlqpfwshYXtZyCMuF2Y/mDP+HjvDONfnBTGx+scab
iDpGgpPK8cMGry6Taw6S5gBb7Cm6U7rV8OwaXQeH/rVu2GIhNh41zBFHTpduSG0n
WQQ4T9lQc2C0pkgMrs6fMYFVDiNxFsiFarZsbJdiNHRCQVHrzNLyxHMvNze2F232
KvvB9re39R3IW5bgfleNK9zATdDHotgItXww/WdUmMJ5Fe1d4gn+xnnP9phZX/Ja
gks+Icq5uTU4SW9Q5kTLIy2OdLSSulzoklcAap0oKMwUCmumQJ2QO+/ihic1Xtbd
rmo7sRm3AQKzUV6VBYUA2qdJ4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:51 2024 by rpki-client on console-ams.rpki-client.org