Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/jPeGLca8EXTXw-qX-gvLqYtmUk0.roa
File:                     jPeGLca8EXTXw-qX-gvLqYtmUk0.roa (raw, json)
Hash identifier:          AZ+NxWxCcs34aFmfee9JPCOu0cUQAIdk5iSKV3ujUjY=
Subject key identifier:   8C:F7:86:2D:C6:BC:11:74:D7:C3:EA:97:FA:0B:CB:A9:8B:66:52:4D
Certificate issuer:       /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial:       02B6234D
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/jPeGLca8EXTXw-qX-gvLqYtmUk0.roa
Signing time:             Sat 01 Jan 2022 03:57:11 +0000
ROA not before:           Sat 01 Jan 2022 03:57:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        83.136.208.0/21 maxlen: 24
                          83.136.208.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45491021 (0x2b6234d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
        Validity
            Not Before: Jan  1 03:57:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8cf7862dc6bc1174d7c3ea97fa0bcba98b66524d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1d:73:9b:2b:bd:bc:f9:4e:76:e3:dd:55:3b:
                    02:15:ed:1a:60:42:ae:ae:03:74:97:d7:20:31:f3:
                    5f:0b:07:f5:c9:d9:d9:1b:c8:b3:4e:9d:1f:bb:7e:
                    0f:87:f7:d1:23:b6:98:93:6c:f0:43:9b:eb:db:06:
                    3f:2b:b1:30:cd:34:8c:2b:34:67:39:5b:8c:04:85:
                    10:a3:8d:b3:85:f2:30:7d:b4:84:21:00:a8:0c:2f:
                    e4:fb:f4:7c:70:93:46:ae:5a:b4:30:44:80:d6:93:
                    61:2d:53:42:62:63:1f:50:c4:eb:72:d5:f7:8d:ab:
                    a4:82:76:02:3b:62:62:a7:c0:e6:ac:dc:85:4d:0f:
                    6f:04:e1:ee:ba:26:06:67:d4:dc:26:0d:b5:d7:36:
                    78:dd:ea:1c:1e:45:c8:78:73:3d:16:55:74:42:c8:
                    17:47:ad:54:3c:99:e9:7e:1b:1e:77:fa:2d:2e:cd:
                    5b:50:4f:15:1b:af:f4:7d:11:e7:ef:ed:02:9a:2a:
                    16:d5:dc:bb:19:9e:d0:20:70:b3:4d:02:ee:b5:ba:
                    0a:e6:ae:1f:1d:95:fc:28:ab:51:1e:68:02:53:cb:
                    12:f3:d9:62:75:a1:92:f5:16:00:ad:82:d7:2d:68:
                    8c:3c:b7:4e:17:4c:30:70:14:99:57:45:7f:bb:66:
                    12:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F7:86:2D:C6:BC:11:74:D7:C3:EA:97:FA:0B:CB:A9:8B:66:52:4D
            X509v3 Authority Key Identifier:
                keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/jPeGLca8EXTXw-qX-gvLqYtmUk0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.136.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1c:dd:28:91:7f:f2:70:9b:46:2b:18:62:97:2c:01:5f:8d:89:
         8c:fa:b8:25:5a:d0:d4:70:61:20:3a:88:f5:76:45:e7:6d:67:
         58:ac:6e:4a:e3:e3:45:c2:bd:1e:c2:7d:a8:c5:46:34:d6:01:
         37:fc:a9:04:7d:fb:b2:d5:e9:f9:89:e4:ae:d7:a6:ab:ca:02:
         82:ae:9f:b1:e5:89:3d:82:c9:3d:a5:9a:99:f9:4d:da:bd:b9:
         55:d2:ce:5a:17:49:bb:78:51:6f:7c:ec:e5:45:91:7f:c1:cb:
         c5:e4:3c:02:19:43:00:9f:71:f8:66:4c:25:bf:50:d2:bf:3f:
         72:4a:fd:d3:4c:3b:a1:56:87:30:f4:5b:bf:e7:a0:18:87:44:
         03:b7:48:a9:0b:4a:dc:d3:72:b0:b4:21:1a:a1:59:9e:3e:b9:
         e4:4d:26:77:45:b8:e2:fc:9f:4e:5b:bc:3c:00:79:92:89:be:
         f1:1f:a6:3e:00:1a:cf:bf:2d:49:f7:79:f6:c9:2e:67:73:1f:
         4a:35:a6:32:22:95:dd:f6:29:1c:98:6a:b1:87:0f:1f:54:22:
         7b:90:fa:18:ab:a9:dc:79:f2:49:bb:77:07:44:3b:82:05:2e:
         86:86:29:26:25:57:d1:97:01:7c:c4:b8:9e:58:c6:d5:a4:df:
         00:9d:72:ec
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEArYjTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODc5OTg4ZTBmNDk5NzFhMzI2ZjQxOWU1Y2ZhY2JmZGRjYzk5M2U3MB4XDTIyMDEw
MTAzNTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNmNzg2MmRjNmJj
MTE3NGQ3YzNlYTk3ZmEwYmNiYTk4YjY2NTI0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4dc5srvbz5Tnbj3VU7AhXtGmBCrq4DdJfXIDHzXwsH9cnZ
2RvIs06dH7t+D4f30SO2mJNs8EOb69sGPyuxMM00jCs0ZzlbjASFEKONs4XyMH20
hCEAqAwv5Pv0fHCTRq5atDBEgNaTYS1TQmJjH1DE63LV942rpIJ2AjtiYqfA5qzc
hU0PbwTh7romBmfU3CYNtdc2eN3qHB5FyHhzPRZVdELIF0etVDyZ6X4bHnf6LS7N
W1BPFRuv9H0R5+/tApoqFtXcuxme0CBws00C7rW6CuauHx2V/CirUR5oAlPLEvPZ
YnWhkvUWAK2C1y1ojDy3ThdMMHAUmVdFf7tmEp0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSM94YtxrwRdNfD6pf6C8upi2ZSTTAfBgNVHSMEGDAWgBT4eZiOD0mXGjJv
QZ5c+sv93MmT5zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzA1L2FmM2Q4MS0wMDQ3LTQxM2MtOTFmNC0wNDcwYjRiYjMwZGIv
MS9qUGVHTGNhOEVYVFh3LXFYLWd2THFZdG1VazAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1
L2FmM2Q4MS0wMDQ3LTQxM2MtOTFmNC0wNDcwYjRiYjMwZGIvMS8xLUhtWWpnOUps
eG95YjBHZVhQckxfZHpKay1jLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU4jQMA0GCSqGSIb3DQEBCwUA
A4IBAQAc3SiRf/Jwm0YrGGKXLAFfjYmM+rglWtDUcGEgOoj1dkXnbWdYrG5K4+NF
wr0ewn2oxUY01gE3/KkEffuy1en5ieSu16arygKCrp+x5Yk9gsk9pZqZ+U3avblV
0s5aF0m7eFFvfOzlRZF/wcvF5DwCGUMAn3H4Zkwlv1DSvz9ySv3TTDuhVocw9Fu/
56AYh0QDt0ipC0rc03KwtCEaoVmePrnkTSZ3Rbji/J9OW7w8AHmSib7xH6Y+ABrP
vy1J93n2yS5ncx9KNaYyIpXd9ikcmGqxhw8fVCJ7kPoYq6ncefJJu3cHRDuCBS6G
hikmJVfRlwF8xLieWMbVpN8AnXLs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org