Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/G2kaUzdXAd4q2ztxoq586e2scYA.roa
File:                     G2kaUzdXAd4q2ztxoq586e2scYA.roa (raw, json)
Hash identifier:          nRJ1AZFNNX5kN4zR8mc191oSEVPRel1/yz1NQaKNrvM=
Subject key identifier:   1B:69:1A:53:37:57:01:DE:2A:DB:3B:71:A2:AE:7C:E9:ED:AC:71:80
Certificate issuer:       /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial:       056E88B4
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/G2kaUzdXAd4q2ztxoq586e2scYA.roa
Signing time:             Sat 01 Jan 2022 07:59:06 +0000
ROA not before:           Sat 01 Jan 2022 07:59:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57837
IP address blocks:        84.201.98.0/24 maxlen: 24
                          2a00:1348:10::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91130036 (0x56e88b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
        Validity
            Not Before: Jan  1 07:59:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b691a53375701de2adb3b71a2ae7ce9edac7180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8e:4a:45:24:b9:4d:9c:11:3b:cd:07:25:8e:
                    37:79:2f:8f:dc:fb:35:a3:6f:7e:66:19:73:4e:82:
                    16:9e:d5:8e:08:9b:ee:56:f6:af:ee:a5:f6:f5:44:
                    69:9a:88:26:e4:b6:e4:e3:c0:35:a8:01:12:ad:b6:
                    65:4f:0f:6e:ea:de:bc:87:cc:21:9c:ce:3a:a2:56:
                    aa:95:ae:44:f6:9a:c9:31:26:4b:e2:3c:6a:6e:2e:
                    bd:d6:2f:b6:82:ac:fd:a8:6f:0a:08:b1:35:92:f0:
                    4e:10:ab:ba:b5:e1:c6:da:6a:31:43:05:5d:da:eb:
                    9c:a6:52:8e:44:58:eb:09:9d:52:25:08:96:d6:8f:
                    3b:7f:11:72:cf:d5:59:b9:b7:00:c9:68:17:98:61:
                    12:07:0f:6a:a9:be:f3:21:7f:b2:c7:53:77:21:84:
                    36:ab:5c:5a:7a:b7:a0:f5:a6:2d:87:4b:3e:8d:a4:
                    9d:01:b3:e9:07:a6:52:f3:21:11:1c:0a:25:64:2b:
                    b3:4e:15:c5:a7:c2:b4:03:2b:f6:a0:a4:83:d6:f0:
                    36:6a:ed:6d:48:3e:7a:18:a5:48:1e:76:d5:7e:71:
                    02:6e:9d:ef:f6:e2:97:07:4a:3c:03:ba:a7:58:3d:
                    4a:93:55:8b:f2:54:a2:12:c9:45:cc:6c:e4:e5:ef:
                    cd:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:69:1A:53:37:57:01:DE:2A:DB:3B:71:A2:AE:7C:E9:ED:AC:71:80
            X509v3 Authority Key Identifier:
                keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/G2kaUzdXAd4q2ztxoq586e2scYA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.201.98.0/24
                IPv6:
                  2a00:1348:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:7c:c1:4c:57:79:6d:ae:55:6b:77:af:fe:09:04:77:a9:0e:
         89:c4:24:6f:c1:85:c3:4e:de:35:7f:f7:d8:88:b6:be:d9:41:
         f2:df:3d:fb:d1:7b:a6:92:7f:da:a9:ed:4c:bf:7a:44:eb:87:
         a8:df:76:14:0b:a7:4d:0f:a4:15:fc:74:24:e6:e7:cf:02:52:
         ea:dc:cf:1b:fc:5c:19:8d:fa:1d:a0:de:09:b0:d0:67:de:e1:
         50:d1:74:01:6a:6a:f6:a6:41:1e:31:dc:e0:15:08:86:e7:0b:
         f9:4e:24:98:19:52:92:f7:e7:8c:50:b1:cc:32:6b:f6:9f:46:
         4a:ca:af:b5:2a:31:8e:e4:69:ca:fb:b7:fd:b1:65:1a:7c:45:
         aa:ee:91:dc:84:00:d3:b8:92:e6:39:c1:39:83:17:9b:76:58:
         67:6b:65:f9:f8:10:e7:f9:85:5d:23:7e:c6:e9:c2:a6:32:63:
         51:b3:2a:4f:54:27:39:40:52:dd:ba:35:cd:d8:f5:6d:81:c3:
         3b:ec:66:2d:6d:87:51:6a:1b:98:5f:2e:5b:96:f8:f5:74:18:
         55:a6:16:2d:4e:82:66:27:74:39:d9:b1:bc:05:8e:ec:23:28:
         9c:7c:f9:78:1b:f8:a2:a5:16:9e:1b:34:94:1f:3a:10:e6:2b:
         3a:65:9b:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBW6ItDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjYzMmVkYjYzNWFhOGY5YzQwYTA0OTVhN2E2M2JiNjUzOTU4MGJiMB4XDTIyMDEw
MTA3NTkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI2OTFhNTMzNzU3
MDFkZTJhZGIzYjcxYTJhZTdjZTllZGFjNzE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCOSkUkuU2cETvNByWON3kvj9z7NaNvfmYZc06CFp7Vjgib
7lb2r+6l9vVEaZqIJuS25OPANagBEq22ZU8PburevIfMIZzOOqJWqpWuRPaayTEm
S+I8am4uvdYvtoKs/ahvCgixNZLwThCrurXhxtpqMUMFXdrrnKZSjkRY6wmdUiUI
ltaPO38Rcs/VWbm3AMloF5hhEgcPaqm+8yF/ssdTdyGENqtcWnq3oPWmLYdLPo2k
nQGz6QemUvMhERwKJWQrs04VxafCtAMr9qCkg9bwNmrtbUg+ehilSB521X5xAm6d
7/bilwdKPAO6p1g9SpNVi/JUohLJRcxs5OXvze0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQbaRpTN1cB3irbO3Girnzp7axxgDAfBgNVHSMEGDAWgBSbYy7bY1qo+cQK
BJWnpju2U5WAuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20yTXUyMk5hcVBuRUNnU1ZwNlk3dGxPVmdMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8x
L0cya2FVemRYQWQ0cTJ6dHhvcTU4NmUyc2NZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8xL20yTXUyMk5hcVBu
RUNnU1ZwNlk3dGxPVmdMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFTJYjAPBAIAAjAJAwcAKgATSAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBKfMFMV3ltrlVrd6/+CQR3qQ6JxCRvwYXDTt41
f/fYiLa+2UHy3z370Xumkn/aqe1Mv3pE64eo33YUC6dND6QV/HQk5ufPAlLq3M8b
/FwZjfodoN4JsNBn3uFQ0XQBamr2pkEeMdzgFQiG5wv5TiSYGVKS9+eMULHMMmv2
n0ZKyq+1KjGO5GnK+7f9sWUafEWq7pHchADTuJLmOcE5gxebdlhna2X5+BDn+YVd
I37G6cKmMmNRsypPVCc5QFLdujXN2PVtgcM77GYtbYdRahuYXy5blvj1dBhVphYt
ToJmJ3Q52bG8BY7sIyicfPl4G/iipRaeGzSUHzoQ5is6ZZtz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:22 2024 by rpki-client on console-fra.rpki-client.org