Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/G1NCF7G76AVIjaiXB2GI2QMHoEQ.roa
File:                     G1NCF7G76AVIjaiXB2GI2QMHoEQ.roa (raw, json)
Hash identifier:          waL0HJOCb8zRXH+XWhkBzvSRFc0xX9ER/ZtDi0zaw8c=
Subject key identifier:   1B:53:42:17:B1:BB:E8:05:48:8D:A8:97:07:61:88:D9:03:07:A0:44
Certificate issuer:       /CN=5873b598550df5bfdbc99a7a1e396c3495bda83b
Certificate serial:       068CDE56
Authority key identifier: 58:73:B5:98:55:0D:F5:BF:DB:C9:9A:7A:1E:39:6C:34:95:BD:A8:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WHO1mFUN9b_byZp6HjlsNJW9qDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/G1NCF7G76AVIjaiXB2GI2QMHoEQ.roa
Signing time:             Sat 01 Jan 2022 09:02:12 +0000
ROA not before:           Sat 01 Jan 2022 09:02:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     559
IP address blocks:        130.82.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109895254 (0x68cde56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5873b598550df5bfdbc99a7a1e396c3495bda83b
        Validity
            Not Before: Jan  1 09:02:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b534217b1bbe805488da897076188d90307a044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:26:1c:3f:11:e5:01:0b:92:bf:7a:4f:70:bc:
                    21:79:b6:47:9b:4b:25:06:d3:b1:e9:64:29:46:72:
                    71:a3:5d:d2:b7:16:d1:22:83:b6:e1:09:ae:69:15:
                    e9:59:be:4f:0c:ad:6c:03:e5:1a:dd:bd:96:e2:31:
                    29:b0:ee:c5:d2:1c:a5:c1:e1:de:27:15:ae:c0:a3:
                    ad:22:6c:f1:aa:d5:30:cd:bd:8a:92:f7:84:a5:0a:
                    a3:ef:8e:46:d3:1f:4b:76:48:94:65:58:bf:30:ca:
                    fd:ab:5c:3f:92:b4:88:5c:4d:27:94:61:29:29:bc:
                    13:57:f0:3f:bb:33:ab:d4:3f:d6:28:91:ad:ee:8e:
                    08:39:14:d7:27:a5:fa:e1:41:27:1e:bc:12:bf:14:
                    3a:ec:c5:96:af:ec:01:cf:8a:8c:c1:54:e5:2e:32:
                    f7:6a:fb:a6:c6:b6:91:b4:3c:1b:63:1e:09:e3:54:
                    90:f5:f0:20:26:43:0f:d8:92:54:eb:7b:00:a9:4f:
                    fd:dc:db:0d:a4:22:4d:56:1f:9a:1c:10:ae:c8:22:
                    bf:54:0a:84:a9:09:1a:55:fc:fa:a1:e4:db:42:1d:
                    79:ac:61:ed:2f:ec:f6:9e:3e:25:13:0c:80:85:ed:
                    da:68:f7:46:88:34:68:ea:c3:de:ee:85:09:d0:65:
                    53:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:53:42:17:B1:BB:E8:05:48:8D:A8:97:07:61:88:D9:03:07:A0:44
            X509v3 Authority Key Identifier:
                keyid:58:73:B5:98:55:0D:F5:BF:DB:C9:9A:7A:1E:39:6C:34:95:BD:A8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHO1mFUN9b_byZp6HjlsNJW9qDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/G1NCF7G76AVIjaiXB2GI2QMHoEQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/WHO1mFUN9b_byZp6HjlsNJW9qDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         78:70:ed:94:95:d2:70:3f:0c:44:22:3d:ab:ad:31:17:75:5b:
         eb:5e:54:bc:4d:32:ad:d3:b2:cb:42:e2:fd:2d:aa:b4:cc:28:
         55:29:a1:8d:45:6d:16:6c:2d:7e:01:97:49:0b:3f:cc:aa:4f:
         75:ad:22:40:a1:61:f0:b0:46:1c:65:87:24:03:a4:3c:fe:23:
         4f:04:83:93:46:15:32:aa:6b:21:69:b9:26:d1:72:93:88:98:
         f0:a8:f6:70:82:ef:0c:6a:6b:36:e7:34:74:a7:f3:6e:d0:82:
         70:56:b7:84:cd:83:d0:57:ac:8f:42:6e:3c:b9:be:71:12:f2:
         03:92:86:eb:c1:df:16:56:61:7e:f5:03:0a:ef:87:3d:11:e0:
         de:dc:60:24:ca:7c:ae:4d:7c:4e:2c:b8:ff:9b:b1:f1:49:2c:
         4c:e9:d9:21:a8:19:3d:c4:45:40:0f:a9:64:47:9f:e6:fe:86:
         70:e8:f3:48:79:7d:4e:5d:84:d1:db:19:ee:e7:54:7f:7e:0e:
         05:d5:cb:26:ab:70:34:fa:0b:fb:c9:44:28:af:ff:2f:67:86:
         30:25:82:7e:80:3a:53:12:4f:08:a4:c2:73:19:5e:c5:3d:36:
         f7:64:87:91:1c:d9:7b:df:f7:68:b5:69:ca:89:c1:00:52:bc:
         06:d9:d0:07
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEBozeVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODczYjU5ODU1MGRmNWJmZGJjOTlhN2ExZTM5NmMzNDk1YmRhODNiMB4XDTIyMDEw
MTA5MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI1MzQyMTdiMWJi
ZTgwNTQ4OGRhODk3MDc2MTg4ZDkwMzA3YTA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQmHD8R5QELkr96T3C8IXm2R5tLJQbTselkKUZycaNd0rcW
0SKDtuEJrmkV6Vm+TwytbAPlGt29luIxKbDuxdIcpcHh3icVrsCjrSJs8arVMM29
ipL3hKUKo++ORtMfS3ZIlGVYvzDK/atcP5K0iFxNJ5RhKSm8E1fwP7szq9Q/1iiR
re6OCDkU1yel+uFBJx68Er8UOuzFlq/sAc+KjMFU5S4y92r7psa2kbQ8G2MeCeNU
kPXwICZDD9iSVOt7AKlP/dzbDaQiTVYfmhwQrsgiv1QKhKkJGlX8+qHk20Ideaxh
7S/s9p4+JRMMgIXt2mj3Rog0aOrD3u6FCdBlU4kCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQbU0IXsbvoBUiNqJcHYYjZAwegRDAfBgNVHSMEGDAWgBRYc7WYVQ31v9vJ
mnoeOWw0lb2oOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dITzFtRlVOOWJfYnlacDZIamxzTkpXOXFEcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvMTQyMzhkLTg1OTEtNDcxZi04OTViLTE3NjlkMTk5NGRmNi8x
L0cxTkNGN0c3NkFWSWphaVhCMkdJMlFNSG9FUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
MTQyMzhkLTg1OTEtNDcxZi04OTViLTE3NjlkMTk5NGRmNi8xL1dITzFtRlVOOWJf
YnlacDZIamxzTkpXOXFEcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIJSMA0GCSqGSIb3DQEBCwUAA4IB
AQB4cO2UldJwPwxEIj2rrTEXdVvrXlS8TTKt07LLQuL9Laq0zChVKaGNRW0WbC1+
AZdJCz/Mqk91rSJAoWHwsEYcZYckA6Q8/iNPBIOTRhUyqmshabkm0XKTiJjwqPZw
gu8Mams25zR0p/Nu0IJwVreEzYPQV6yPQm48ub5xEvIDkobrwd8WVmF+9QMK74c9
EeDe3GAkynyuTXxOLLj/m7HxSSxM6dkhqBk9xEVAD6lkR5/m/oZw6PNIeX1OXYTR
2xnu51R/fg4F1csmq3A0+gv7yUQor/8vZ4YwJYJ+gDpTEk8IpMJzGV7FPTb3ZIeR
HNl73/dotWnKicEAUrwG2dAH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:48 2024 by rpki-client on console-fra.rpki-client.org