Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/gELR_JT0C9gNks6md70B6zcyXuk.roa
File:                     gELR_JT0C9gNks6md70B6zcyXuk.roa (raw, json)
Hash identifier:          5LtKyS0svnvqqr8V2qYqBpmSZHAQatiWMxQDC81YHtY=
Subject key identifier:   80:42:D1:FC:94:F4:0B:D8:0D:92:CE:A6:77:BD:01:EB:37:32:5E:E9
Certificate issuer:       /CN=5262505b488581c2ecd7582a34ece52632e3ef96
Certificate serial:       631D76
Authority key identifier: 52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/gELR_JT0C9gNks6md70B6zcyXuk.roa
Signing time:             Sat 01 Jan 2022 01:53:15 +0000
ROA not before:           Sat 01 Jan 2022 01:53:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57199
IP address blocks:        2a0b:cbc0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6495606 (0x631d76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262505b488581c2ecd7582a34ece52632e3ef96
        Validity
            Not Before: Jan  1 01:53:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8042d1fc94f40bd80d92cea677bd01eb37325ee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:29:8e:03:9f:1f:28:a0:01:3d:13:a1:45:76:
                    6d:f8:95:5a:92:2b:58:8a:7f:23:43:46:e2:05:8f:
                    0b:35:b9:43:01:e6:6c:c9:7f:12:d9:ba:4e:1c:20:
                    c7:c9:73:65:58:a7:47:6c:41:3e:0e:d9:9f:8c:12:
                    40:97:8c:86:99:19:0f:7d:1c:98:5c:98:4a:03:13:
                    51:c6:16:10:8a:f9:81:6e:0f:f6:27:51:4a:22:a2:
                    44:47:b0:6f:5a:49:47:41:68:de:67:8f:f7:6a:2a:
                    e4:11:6d:8b:df:81:4f:92:4f:2f:f5:c2:dc:5c:77:
                    96:8d:27:73:25:5a:8f:f5:d8:07:bc:44:05:2d:de:
                    08:ad:87:93:05:a6:23:c5:b9:3f:7a:bb:d3:1b:e9:
                    9c:be:d2:f2:7f:8d:c7:f4:29:7a:53:09:ef:ac:21:
                    b3:0d:37:b1:77:1b:ae:2e:88:1d:43:f6:0b:a3:d6:
                    8f:cb:4f:39:80:e9:fd:b1:de:75:66:71:59:03:60:
                    e9:c4:c1:4e:30:36:ce:e4:66:08:78:b8:92:c5:64:
                    fd:d2:fb:46:bf:c8:7d:64:b8:66:c1:0c:cf:fb:75:
                    d3:6d:9b:b0:45:a9:44:00:58:ff:b4:71:07:36:ff:
                    b2:09:05:84:0e:45:a2:57:53:99:1b:fd:16:f5:5c:
                    3f:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:42:D1:FC:94:F4:0B:D8:0D:92:CE:A6:77:BD:01:EB:37:32:5E:E9
            X509v3 Authority Key Identifier:
                keyid:52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/gELR_JT0C9gNks6md70B6zcyXuk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/UmJQW0iFgcLs11gqNOzlJjLj75Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:cbc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8e:a1:16:c5:24:bd:a2:82:fa:80:81:29:ab:e8:ae:06:fd:d8:
         2b:d4:f7:5e:17:af:bf:ab:1e:c5:ba:8b:76:be:14:20:18:21:
         78:22:04:7c:4d:bb:cb:3c:94:55:d6:90:21:13:ff:b2:30:c6:
         99:5f:99:34:1f:82:0c:53:df:bd:f5:5c:76:f7:fd:da:09:4a:
         c6:83:09:dd:02:11:f0:ce:a7:c5:29:a3:cf:c6:e6:71:df:58:
         84:c2:be:9e:0a:0e:43:00:7c:fe:84:be:7b:0b:91:ad:6e:cc:
         9b:63:26:c9:72:78:bb:b0:5d:f1:eb:d9:ca:5c:c6:b3:78:5e:
         d1:ef:3a:03:bc:e1:8f:34:50:36:1e:cb:3c:f7:cc:23:e7:de:
         50:e7:f3:c5:a2:fd:0a:9c:04:ea:66:c9:05:2b:45:df:8e:b1:
         c4:b2:f3:ea:67:09:f8:ad:f1:c5:ee:84:e0:8c:e2:63:9f:36:
         f0:38:3c:d7:26:3d:01:3c:e0:0b:5c:57:a3:6c:d4:9d:3c:2d:
         3c:31:08:4d:8c:ca:4c:b6:13:59:d5:20:d7:e3:32:9a:68:b0:
         06:24:81:53:7c:af:70:cd:69:31:68:fe:9a:e3:71:17:13:c9:
         0c:15:89:58:b4:45:e8:25:21:02:e9:7b:3a:03:f5:da:e4:15:
         ae:a7:96:84
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDYx12MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
NjI1MDViNDg4NTgxYzJlY2Q3NTgyYTM0ZWNlNTI2MzJlM2VmOTYwHhcNMjIwMTAx
MDE1MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MDQyZDFmYzk0ZjQw
YmQ4MGQ5MmNlYTY3N2JkMDFlYjM3MzI1ZWU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvymOA58fKKABPROhRXZt+JVakitYin8jQ0biBY8LNblDAeZs
yX8S2bpOHCDHyXNlWKdHbEE+DtmfjBJAl4yGmRkPfRyYXJhKAxNRxhYQivmBbg/2
J1FKIqJER7BvWklHQWjeZ4/3airkEW2L34FPkk8v9cLcXHeWjSdzJVqP9dgHvEQF
Ld4IrYeTBaYjxbk/ervTG+mcvtLyf43H9Cl6UwnvrCGzDTexdxuuLogdQ/YLo9aP
y085gOn9sd51ZnFZA2DpxMFOMDbO5GYIeLiSxWT90vtGv8h9ZLhmwQzP+3XTbZuw
RalEAFj/tHEHNv+yCQWEDkWiV1OZG/0W9Vw/NwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFIBC0fyU9AvYDZLOpne9Aes3Ml7pMB8GA1UdIwQYMBaAFFJiUFtIhYHC7NdY
KjTs5SYy4++WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VW1KUVcwaUZnY0xzMTFncU5PemxKakxqNzVZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lZS9kZmJhYTItNGEyNy00ZjNjLWI5ZmMtZmIwMTQzNmE2OTVmLzEv
Z0VMUl9KVDBDOWdOa3M2bWQ3MEI2emN5WHVrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9k
ZmJhYTItNGEyNy00ZjNjLWI5ZmMtZmIwMTQzNmE2OTVmLzEvVW1KUVcwaUZnY0xz
MTFncU5PemxKakxqNzVZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgvLwDANBgkqhkiG9w0BAQsFAAOC
AQEAjqEWxSS9ooL6gIEpq+iuBv3YK9T3Xhevv6sexbqLdr4UIBgheCIEfE27yzyU
VdaQIRP/sjDGmV+ZNB+CDFPfvfVcdvf92glKxoMJ3QIR8M6nxSmjz8bmcd9YhMK+
ngoOQwB8/oS+ewuRrW7Mm2MmyXJ4u7Bd8evZylzGs3he0e86A7zhjzRQNh7LPPfM
I+feUOfzxaL9CpwE6mbJBStF346xxLLz6mcJ+K3xxe6E4IziY5828Dg81yY9ATzg
C1xXo2zUnTwtPDEITYzKTLYTWdUg1+MymmiwBiSBU3yvcM1pMWj+muNxFxPJDBWJ
WLRF6CUhAul7OgP12uQVrqeWhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:29 2024 by rpki-client on console-ams.rpki-client.org