Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa
File:                     AXD_GCkzPXRnmECTIIIB85Y1wts.roa (raw, json)
Hash identifier:          7IOXruPRFD6ZLRPjHU/VNk1llUwJLLsnzWSG4Wxh74g=
Subject key identifier:   01:70:FF:18:29:33:3D:74:67:98:40:93:20:82:01:F3:96:35:C2:DB
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       018263A65CC4E891302706789F1A35157AE1
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa
Signing time:             Wed 03 Aug 2022 12:20:23 +0000
ROA not before:           Wed 03 Aug 2022 12:20:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25374
IP address blocks:        79.124.11.0/24 maxlen: 24
                          79.124.10.0/24 maxlen: 24
                          79.124.10.0/23 maxlen: 23
                          79.124.12.0/24 maxlen: 24
                          79.124.19.0/24 maxlen: 24
                          79.124.18.0/23 maxlen: 23
                          79.124.18.0/24 maxlen: 24
                          79.124.46.0/24 maxlen: 24
                          130.185.230.0/23 maxlen: 23
                          130.185.230.0/24 maxlen: 24
                          130.185.233.0/24 maxlen: 24
                          130.185.231.0/24 maxlen: 24
                          80.72.84.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:63:a6:5c:c4:e8:91:30:27:06:78:9f:1a:35:15:7a:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Aug  3 12:20:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0170ff1829333d7467984093208201f39635c2db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:65:c3:95:db:21:d1:9a:b7:69:bb:f1:8a:c8:
                    69:7b:37:18:1a:7a:de:f1:20:59:7f:fd:58:35:6f:
                    4c:d1:6a:41:22:d0:a5:98:26:45:e2:e2:d4:85:37:
                    b5:66:c0:57:b3:37:8a:08:d5:d9:90:a3:01:27:33:
                    a0:2f:18:39:3c:63:ff:68:09:be:99:e9:01:93:3d:
                    64:d0:38:e5:a5:b6:30:f6:5e:23:0b:db:e0:63:02:
                    3b:20:0c:9b:95:b3:ea:00:0c:fd:a3:2f:1f:d2:74:
                    c4:53:8e:6a:c9:f1:42:ae:7c:b3:2b:ae:8c:ed:1e:
                    c0:d5:5d:96:00:ff:95:95:1c:b2:d7:8f:12:bb:b7:
                    6f:38:56:f4:ac:e0:e6:06:cb:eb:85:b8:3f:f8:a1:
                    0b:3a:ac:6e:fa:32:8d:c7:cb:03:d3:1f:39:bd:d5:
                    03:6c:2d:4c:2e:95:58:e4:56:6d:57:c6:75:ad:79:
                    2c:75:15:fe:56:e8:a5:7a:44:06:0f:69:53:b2:e2:
                    3c:90:f0:6b:5d:b7:27:1e:70:19:fb:30:09:ff:72:
                    c5:25:a3:fc:0f:4b:95:62:e6:e8:ba:74:84:06:48:
                    8a:a3:be:fb:95:dd:ba:e5:89:6c:1d:bd:40:95:5c:
                    dc:8a:c3:42:2e:13:ce:a3:27:9d:dc:ca:07:cb:0f:
                    38:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:70:FF:18:29:33:3D:74:67:98:40:93:20:82:01:F3:96:35:C2:DB
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AXD_GCkzPXRnmECTIIIB85Y1wts.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.124.10.0-79.124.12.255
                  79.124.18.0/23
                  79.124.46.0/24
                  80.72.84.0/22
                  130.185.230.0/23
                  130.185.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:f4:c9:d9:af:53:0b:ef:1c:fd:d9:7c:4b:aa:6d:49:c6:d4:
         76:6a:72:dc:30:11:42:bc:eb:de:1e:f0:8a:a0:ac:fc:c6:45:
         cd:16:65:3d:83:95:f4:56:ca:3b:98:b4:91:c0:7d:07:9a:f8:
         bd:eb:8d:56:9f:7a:03:46:2e:b8:8a:a9:cf:b7:81:45:57:14:
         9c:e8:ae:18:04:ee:bf:b8:5b:ed:1d:7d:90:34:11:69:43:1e:
         9c:df:57:ad:f4:9e:4f:11:e9:48:a4:38:a4:98:c4:17:c5:cd:
         88:10:0a:d0:81:6c:87:7f:69:8e:ea:ce:88:e1:55:ca:35:af:
         54:fd:f3:b7:79:7e:71:f6:d7:e9:5f:27:70:38:9a:5b:29:53:
         5d:12:11:68:44:30:f7:7b:1e:43:22:ae:f9:5c:9d:48:2d:8c:
         a1:3d:63:e1:74:dc:a6:7b:08:b1:e2:65:0f:12:81:f0:12:35:
         01:6a:bd:73:db:2f:9a:d2:ac:ef:33:43:9d:36:2b:cb:8c:c8:
         d0:89:0b:9a:88:aa:5e:eb:52:fd:e4:0d:4f:85:b8:50:30:be:
         a4:56:f9:55:9c:55:e6:bb:9b:d4:16:7d:e3:8b:92:06:7a:b5:
         f1:d8:e2:da:ad:ad:8f:36:96:14:70:e8:8b:5f:61:e6:4d:f8:
         1a:f3:b7:c6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJjplzE6JEwJwZ4nxo1FXrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjIwODAzMTIyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTcwZmYxODI5MzMzZDc0Njc5ODQwOTMyMDgyMDFmMzk2MzVjMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGXDldsh0Zq3abvxishpezcYGnre
8SBZf/1YNW9M0WpBItClmCZF4uLUhTe1ZsBXszeKCNXZkKMBJzOgLxg5PGP/aAm+
mekBkz1k0DjlpbYw9l4jC9vgYwI7IAyblbPqAAz9oy8f0nTEU45qyfFCrnyzK66M
7R7A1V2WAP+VlRyy148Su7dvOFb0rODmBsvrhbg/+KELOqxu+jKNx8sD0x85vdUD
bC1MLpVY5FZtV8Z1rXksdRX+VuilekQGD2lTsuI8kPBrXbcnHnAZ+zAJ/3LFJaP8
D0uVYubounSEBkiKo777ld265YlsHb1AlVzcisNCLhPOoyed3MoHyw845wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAFw/xgpMz10Z5hAkyCCAfOWNcLbMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvQVhEX0dDa3pQWFJubUVDVElJSUI4NVkxd3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAFPfAoD
BABPfAwDBAFPfBIDBABPfC4DBAJQSFQDBAGCueYDBACCuekwDQYJKoZIhvcNAQEL
BQADggEBALX0ydmvUwvvHP3ZfEuqbUnG1HZqctwwEUK8694e8IqgrPzGRc0WZT2D
lfRWyjuYtJHAfQea+L3rjVafegNGLriKqc+3gUVXFJzorhgE7r+4W+0dfZA0EWlD
HpzfV630nk8R6UikOKSYxBfFzYgQCtCBbId/aY7qzojhVco1r1T987d5fnH21+lf
J3A4mlspU10SEWhEMPd7HkMirvlcnUgtjKE9Y+F03KZ7CLHiZQ8SgfASNQFqvXPb
L5rSrO8zQ502K8uMyNCJC5qIql7rUv3kDU+FuFAwvqRW+VWcVea7m9QWfeOLkgZ6
tfHY4tqtrY82lhRw6ItfYeZN+Brzt8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org