Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa
File:                     gx-hTDZatWWdCD34xaJcuF59h4Y.roa (raw, json)
Hash identifier:          linTIqnqEMSZPI8RJoAu/ygb0FGNWQ8KvwoEehB1P78=
Subject key identifier:   83:1F:A1:4C:36:5A:B5:65:9D:08:3D:F8:C5:A2:5C:B8:5E:7D:87:86
Certificate issuer:       /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial:       018413CA4050AC3947C2F25350F2764DD69F
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa
Signing time:             Wed 26 Oct 2022 10:15:32 +0000
ROA not before:           Wed 26 Oct 2022 10:15:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29535
IP address blocks:        83.2.0.0/20 maxlen: 20
                          83.2.8.0/22 maxlen: 22
                          79.191.255.0/24 maxlen: 24
                          195.149.235.0/24 maxlen: 24
                          195.149.236.0/22 maxlen: 22
                          80.54.110.0/23 maxlen: 24
                          83.2.56.0/22 maxlen: 22
                          193.110.120.0/22 maxlen: 22
                          2a01:1101:5::/48 maxlen: 48
                          2001:7f8:27::/48 maxlen: 48
                          2a01:11f0::/28 maxlen: 28

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:13:ca:40:50:ac:39:47:c2:f2:53:50:f2:76:4d:d6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
        Validity
            Not Before: Oct 26 10:15:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=831fa14c365ab5659d083df8c5a25cb85e7d8786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a2:42:35:95:44:ee:ce:30:43:c0:f9:81:b3:
                    5c:93:3a:ba:47:11:fa:2c:b9:dc:55:a2:27:76:67:
                    b5:82:85:9f:c5:39:eb:b7:fb:12:c3:dc:75:9f:9a:
                    82:10:f3:97:52:5a:1d:47:85:e0:8b:5e:09:39:8a:
                    0c:4c:7f:02:05:ba:a9:49:dd:b7:ab:ff:9c:b1:5d:
                    01:95:13:ae:4b:e5:7a:f7:4e:65:96:9e:98:a0:05:
                    e9:5d:be:0b:42:78:3e:a5:c0:78:e3:4e:fe:2c:13:
                    60:c1:40:14:97:d5:d3:62:1a:1d:9c:0c:c5:4a:cb:
                    bb:8f:e4:9d:d4:20:3f:4b:17:40:37:b4:38:d1:7b:
                    7e:ae:7a:b2:09:85:99:39:46:7d:83:91:36:89:61:
                    7a:c3:e8:8e:ca:c8:2a:34:6d:ef:f7:ea:42:1c:df:
                    32:c1:cd:18:20:42:4c:14:38:d1:90:0b:64:6f:73:
                    50:2c:68:6b:21:39:0f:9e:f7:65:dd:a2:49:1a:dd:
                    24:e0:31:b9:df:d3:a8:ec:25:e0:d8:90:1e:d1:1f:
                    90:95:39:d6:c3:82:bf:2a:c6:ab:bc:3c:80:f4:c7:
                    e8:bd:25:92:cf:c8:1b:ed:5e:11:e7:fb:aa:3a:b1:
                    67:73:20:d4:a8:23:fb:f1:c8:9a:83:79:e8:0d:f3:
                    36:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:1F:A1:4C:36:5A:B5:65:9D:08:3D:F8:C5:A2:5C:B8:5E:7D:87:86
            X509v3 Authority Key Identifier:
                keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/gx-hTDZatWWdCD34xaJcuF59h4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.191.255.0/24
                  80.54.110.0/23
                  83.2.0.0/20
                  83.2.56.0/22
                  193.110.120.0/22
                  195.149.235.0-195.149.239.255
                IPv6:
                  2001:7f8:27::/48
                  2a01:1101:5::/48
                  2a01:11f0::/28

    Signature Algorithm: sha256WithRSAEncryption
         48:81:63:ff:9d:51:47:22:5d:26:97:98:36:ac:ec:52:2d:5b:
         72:a2:d8:15:73:9a:97:29:1b:4d:04:c7:e4:48:db:9c:f3:59:
         68:5d:69:fe:a1:ee:d8:cb:36:86:f0:b0:81:c7:53:a5:f6:19:
         95:61:53:e6:93:dc:3a:6a:e7:de:13:50:62:f1:e2:f0:03:d6:
         d8:55:91:13:6b:96:d4:0b:2e:2a:c8:74:ce:29:34:26:af:b2:
         6b:e1:34:19:6f:55:81:d7:5a:09:f1:51:ef:ae:b2:f5:be:35:
         59:c4:4e:6f:ff:16:aa:72:d0:6e:4c:88:f2:13:3f:a0:96:41:
         77:5f:b1:98:2f:5c:51:56:32:fc:26:f0:49:10:1f:c8:83:c0:
         ab:08:5a:61:f5:57:b3:74:46:35:d9:b4:76:a8:66:d3:02:d9:
         70:71:f5:81:85:28:e2:22:09:74:28:82:fb:35:1f:5f:a3:21:
         c4:d0:87:1b:06:d1:c9:56:29:8d:28:46:1f:29:06:77:08:c4:
         e7:c8:81:50:b8:c8:1f:16:f4:80:dc:5f:a3:d6:03:07:96:fa:
         66:7f:5e:7b:c1:6b:77:f1:83:6d:6c:6f:30:44:e7:89:da:d7:
         3f:41:7a:87:4a:3e:36:2a:ea:d4:c6:ee:2c:22:08:39:07:5e:
         07:0a:74:0b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYQTykBQrDlHwvJTUPJ2TdafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjIxMDI2MTAxNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFmYTE0YzM2NWFiNTY1OWQwODNkZjhjNWEyNWNiODVlN2Q4Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaJCNZVE7s4wQ8D5gbNckzq6RxH6
LLncVaIndme1goWfxTnrt/sSw9x1n5qCEPOXUlodR4Xgi14JOYoMTH8CBbqpSd23
q/+csV0BlROuS+V6905llp6YoAXpXb4LQng+pcB4407+LBNgwUAUl9XTYhodnAzF
Ssu7j+Sd1CA/SxdAN7Q40Xt+rnqyCYWZOUZ9g5E2iWF6w+iOysgqNG3v9+pCHN8y
wc0YIEJMFDjRkAtkb3NQLGhrITkPnvdl3aJJGt0k4DG539Oo7CXg2JAe0R+QlTnW
w4K/KsarvDyA9MfovSWSz8gb7V4R5/uqOrFncyDUqCP78ciag3noDfM2mQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIMfoUw2WrVlnQg9+MWiXLhefYeGMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvZ3gtaFREWmF0V1dkQ0QzNHhhSmN1RjU5aDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAyBAIAATAsAwQAT7//AwQB
UDZuAwQEUwIAAwQCUwI4AwQCwW54MAwDBADDlesDBATDleAwHwQCAAIwGQMHACAB
B/gAJwMHACoBEQEABQMFBCoBEfAwDQYJKoZIhvcNAQELBQADggEBAEiBY/+dUUci
XSaXmDas7FItW3Ki2BVzmpcpG00Ex+RI25zzWWhdaf6h7tjLNobwsIHHU6X2GZVh
U+aT3Dpq594TUGLx4vAD1thVkRNrltQLLirIdM4pNCavsmvhNBlvVYHXWgnxUe+u
svW+NVnETm//Fqpy0G5MiPITP6CWQXdfsZgvXFFWMvwm8EkQH8iDwKsIWmH1V7N0
RjXZtHaoZtMC2XBx9YGFKOIiCXQogvs1H1+jIcTQhxsG0clWKY0oRh8pBncIxOfI
gVC4yB8W9IDcX6PWAweW+mZ/XnvBa3fxg21sbzBE54na1z9BeodKPjYq6tTG7iwi
CDkHXgcKdAs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:16 2024 by rpki-client on console-ams.rpki-client.org