Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/gpjg934uU29p71s1wE796-1jLJE.roa
File:                     gpjg934uU29p71s1wE796-1jLJE.roa (raw, json)
Hash identifier:          wnLog8heepxjIBpew7NwcFbW8QHUChlHOjKVD0zyOxU=
Subject key identifier:   82:98:E0:F7:7E:2E:53:6F:69:EF:5B:35:C0:4E:FD:EB:ED:63:2C:91
Certificate issuer:       /CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Certificate serial:       0B5236C4
Authority key identifier: 22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/gpjg934uU29p71s1wE796-1jLJE.roa
Signing time:             Sat 01 Jan 2022 11:56:43 +0000
ROA not before:           Sat 01 Jan 2022 11:56:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48399
IP address blocks:        178.170.223.0/24 maxlen: 24
                          85.193.70.0/23 maxlen: 23
                          192.70.198.0/23 maxlen: 23
                          192.70.196.0/23 maxlen: 23
                          185.190.118.0/23 maxlen: 23
                          185.190.116.0/23 maxlen: 23
                          2a07:ecc0::/30 maxlen: 30
                          2a07:ecc4::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189937348 (0xb5236c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
        Validity
            Not Before: Jan  1 11:56:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8298e0f77e2e536f69ef5b35c04efdebed632c91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e5:f3:eb:e3:bc:d4:e8:b1:5e:1d:38:d3:43:
                    5e:b0:b1:25:d5:7a:4a:33:85:76:77:d4:f5:4a:35:
                    b7:6f:04:2c:4c:aa:3b:cc:5a:99:a2:6f:83:57:b2:
                    f7:f1:6f:5f:01:16:27:37:4c:4f:09:92:59:6e:19:
                    81:87:42:84:01:f7:f4:4e:06:01:e0:d0:3c:3c:ad:
                    8d:91:cd:ee:5f:f3:ae:bd:e1:5d:f0:6a:9e:a2:c2:
                    e1:01:16:81:d3:64:27:d2:d7:ad:bd:d2:21:44:37:
                    07:e2:1f:cf:c6:b0:a1:4a:4e:ed:77:95:46:78:43:
                    95:5c:fa:24:b8:2c:57:93:d1:e6:cb:f8:32:d2:35:
                    8e:7d:f3:8b:36:76:42:b3:bb:de:7a:5d:c4:6e:72:
                    7f:a4:6d:02:90:78:3f:05:4f:90:7c:b1:19:78:12:
                    2b:b2:dd:cd:33:4b:a2:8b:e9:81:6e:2d:c8:51:6a:
                    bd:65:70:d5:35:6b:75:4b:c7:5d:b3:2d:59:32:2c:
                    c9:f3:5b:17:ce:6e:69:ff:3b:8c:94:f8:65:4e:8e:
                    a7:6c:24:f7:5a:bf:77:bf:da:dd:d4:13:27:91:b4:
                    88:59:9b:17:b1:58:5c:5e:9e:1e:8e:4b:00:c4:ba:
                    6c:0e:c8:4b:7b:25:9e:b4:dc:73:58:79:87:36:d0:
                    90:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:98:E0:F7:7E:2E:53:6F:69:EF:5B:35:C0:4E:FD:EB:ED:63:2C:91
            X509v3 Authority Key Identifier:
                keyid:22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/gpjg934uU29p71s1wE796-1jLJE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.193.70.0/23
                  178.170.223.0/24
                  185.190.116.0/22
                  192.70.196.0/22
                IPv6:
                  2a07:ecc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:0f:3f:a9:00:92:7a:ab:32:6e:df:10:6c:65:6e:fe:59:15:
         e3:6d:91:b9:c9:ec:e2:10:be:7e:6a:88:ac:03:0f:91:b7:58:
         be:6f:22:d9:44:72:37:bb:f6:1f:16:2a:e0:bc:0b:9b:b8:49:
         ad:8f:07:01:a6:79:18:8b:21:68:48:42:41:17:13:45:85:45:
         8e:68:2b:4a:a0:a8:e8:6e:2a:c0:42:23:38:f1:f0:48:a9:08:
         5b:5c:31:c6:90:ae:b4:c7:77:76:7b:50:c9:67:9c:c9:88:60:
         61:2e:00:06:b1:13:cb:d0:cb:1d:fb:08:9b:50:e2:13:59:e4:
         a0:95:e1:f5:36:fc:d2:ea:de:9c:be:bb:78:2d:6c:c9:a1:ad:
         0b:63:75:cd:19:9b:47:b0:f8:61:2b:e6:d0:50:af:ef:26:e7:
         6a:c3:14:9a:aa:ba:3a:7c:cb:61:af:66:3d:cc:f8:e3:bb:5f:
         7c:96:37:7e:cb:db:ad:ae:b6:1d:19:38:72:f0:a5:d3:a7:53:
         b0:3c:6e:f4:ae:4e:dd:ee:4e:d2:84:b7:17:cb:00:67:4d:50:
         5c:0b:f9:fa:b1:59:57:53:65:b7:3a:d0:a8:4e:d5:8e:e1:81:
         d7:3e:cf:ae:8f:47:66:5d:75:e1:2d:e0:fe:f3:56:0d:3f:19:
         59:ef:4d:bc
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEC1I2xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM1ZmViMmQyNWZhYzRkZDhiYWE0ZjcxZDhkYzIyNjgxODZhMDM5MB4XDTIyMDEw
MTExNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI5OGUwZjc3ZTJl
NTM2ZjY5ZWY1YjM1YzA0ZWZkZWJlZDYzMmM5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbl8+vjvNTosV4dONNDXrCxJdV6SjOFdnfU9Uo1t28ELEyq
O8xamaJvg1ey9/FvXwEWJzdMTwmSWW4ZgYdChAH39E4GAeDQPDytjZHN7l/zrr3h
XfBqnqLC4QEWgdNkJ9LXrb3SIUQ3B+Ifz8awoUpO7XeVRnhDlVz6JLgsV5PR5sv4
MtI1jn3zizZ2QrO73npdxG5yf6RtApB4PwVPkHyxGXgSK7LdzTNLoovpgW4tyFFq
vWVw1TVrdUvHXbMtWTIsyfNbF85uaf87jJT4ZU6Op2wk91q/d7/a3dQTJ5G0iFmb
F7FYXF6eHo5LAMS6bA7IS3slnrTcc1h5hzbQkNsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSCmOD3fi5Tb2nvWzXATv3r7WMskTAfBgNVHSMEGDAWgBQixf6y0l+sTdi6
pPcdjcImgYagOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzWC1zdEpmckUzWXVxVDNIWTNDSm9HR29Eay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvZDIxNmVkLTlhNzYtNGE5My1iNmE5LTQ2OGY0OThmYWYxYy8x
L2dwamc5MzR1VTI5cDcxczF3RTc5Ni0xakxKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
ZDIxNmVkLTlhNzYtNGE5My1iNmE5LTQ2OGY0OThmYWYxYy8xL0lzWC1zdEpmckUz
WXVxVDNIWTNDSm9HR29Eay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAVXBRgMEALKq3wMEArm+dAMEAsBG
xDANBAIAAjAHAwUDKgfswDANBgkqhkiG9w0BAQsFAAOCAQEANA8/qQCSeqsybt8Q
bGVu/lkV422Rucns4hC+fmqIrAMPkbdYvm8i2URyN7v2HxYq4LwLm7hJrY8HAaZ5
GIshaEhCQRcTRYVFjmgrSqCo6G4qwEIjOPHwSKkIW1wxxpCutMd3dntQyWecyYhg
YS4ABrETy9DLHfsIm1DiE1nkoJXh9Tb80urenL67eC1syaGtC2N1zRmbR7D4YSvm
0FCv7ybnasMUmqq6OnzLYa9mPcz447tffJY3fsvbra62HRk4cvCl06dTsDxu9K5O
3e5O0oS3F8sAZ01QXAv5+rFZV1NltzrQqE7VjuGB1z7Pro9HZl114S3g/vNWDT8Z
We9NvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:53 2024 by rpki-client on console-ams.rpki-client.org