Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Jdk1RXfxbPmxap3iXtBhPb-T9js.roa
File:                     Jdk1RXfxbPmxap3iXtBhPb-T9js.roa (raw, json)
Hash identifier:          8a60i8e0A7H5/M4Lk9EZECUlXXb+rI+oFlP25lU793k=
Subject key identifier:   25:D9:35:45:77:F1:6C:F9:B1:6A:9D:E2:5E:D0:61:3D:BF:93:F6:3B
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       05B79BEC
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Jdk1RXfxbPmxap3iXtBhPb-T9js.roa
Signing time:             Fri 27 May 2022 09:27:55 +0000
ROA not before:           Fri 27 May 2022 09:27:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        193.233.121.0/24 maxlen: 24
                          193.233.122.0/24 maxlen: 24
                          193.233.123.0/24 maxlen: 24
                          193.233.100.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 95919084 (0x5b79bec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: May 27 09:27:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25d9354577f16cf9b16a9de25ed0613dbf93f63b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:48:2b:84:e3:97:15:a8:39:4a:01:09:5c:97:
                    b0:1b:14:d0:6b:04:0f:29:96:4a:0d:5b:99:b5:29:
                    c0:39:53:c6:52:55:af:1c:ca:a9:15:a8:85:b6:b7:
                    e3:18:cf:1c:04:d3:ca:af:8e:c6:2d:f5:aa:f4:f4:
                    0a:02:83:b4:5b:55:1d:b7:b3:66:55:ff:46:c0:95:
                    af:89:62:2c:76:08:25:7c:45:6e:93:8a:32:d6:64:
                    09:25:5d:42:6b:69:c8:bf:42:6b:30:81:6b:33:fb:
                    6c:c8:62:4f:59:7f:b8:8e:6a:04:3a:27:2d:50:9f:
                    cd:0d:80:df:b1:89:ba:52:4a:82:b0:3d:c5:5e:41:
                    56:90:a3:ca:0c:14:e1:1a:d0:aa:d4:47:4a:cb:8a:
                    a3:2f:3d:e0:b0:7c:2b:71:79:2b:57:d0:77:2e:ee:
                    29:be:cf:83:8e:ba:fe:1a:8d:77:c9:15:97:7c:4c:
                    e6:a9:6c:40:84:e2:0f:12:e8:f9:8d:cf:49:61:03:
                    df:9e:6c:e3:d7:e4:e6:ac:c8:9d:b5:73:a3:b0:b8:
                    c4:d3:94:a5:f1:a8:b1:7a:1f:ad:11:2c:42:50:1d:
                    38:40:75:2b:d5:2e:2c:05:90:e5:54:92:0c:72:e8:
                    6c:2f:e4:1a:af:86:a1:42:fe:41:df:b8:49:2f:74:
                    a7:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:D9:35:45:77:F1:6C:F9:B1:6A:9D:E2:5E:D0:61:3D:BF:93:F6:3B
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Jdk1RXfxbPmxap3iXtBhPb-T9js.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.100.0/22
                  193.233.121.0-193.233.123.255

    Signature Algorithm: sha256WithRSAEncryption
         41:62:95:ae:39:c0:16:b6:a4:a0:70:15:eb:cf:67:7d:5d:0f:
         bb:e1:63:28:ca:98:19:38:a7:db:15:18:6e:12:a1:75:a4:dc:
         10:09:c5:da:7c:db:92:19:70:5b:86:d3:7e:dc:a1:a7:94:17:
         ef:52:5f:e4:31:79:17:bb:fa:b6:9b:78:f6:66:e0:bf:79:db:
         2c:ce:d5:a8:fe:be:f4:55:d2:cd:11:e4:5e:eb:79:9d:b9:9c:
         c7:df:f4:a3:2f:23:29:51:d0:51:bf:a9:c3:1b:87:24:fe:db:
         9f:9c:ed:4a:c8:35:40:f3:88:fc:5d:90:06:ba:6d:33:59:dd:
         72:7c:ff:b0:89:ff:b7:cc:30:2f:18:1e:69:34:c7:40:71:18:
         5b:ff:da:e6:26:2f:6d:2e:15:f8:d3:72:70:27:51:85:8f:e5:
         55:59:17:61:11:ee:8d:69:72:ee:3a:8f:cd:be:a9:48:c3:24:
         3b:c6:a8:e3:d0:a9:a2:ba:5a:82:dd:09:f0:f4:f2:58:8f:df:
         b0:28:8c:44:fa:b2:c4:8d:be:31:38:16:4c:65:8d:53:b3:27:
         e1:aa:1b:13:6b:64:0f:b0:1f:14:1b:71:b9:5f:f5:6c:12:e0:
         64:41:87:59:97:29:2e:a9:19:16:61:00:a8:70:23:31:8b:bd:
         db:13:d1:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBbeb7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDUy
NzA5Mjc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVkOTM1NDU3N2Yx
NmNmOWIxNmE5ZGUyNWVkMDYxM2RiZjkzZjYzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtIK4TjlxWoOUoBCVyXsBsU0GsEDymWSg1bmbUpwDlTxlJV
rxzKqRWohba34xjPHATTyq+Oxi31qvT0CgKDtFtVHbezZlX/RsCVr4liLHYIJXxF
bpOKMtZkCSVdQmtpyL9CazCBazP7bMhiT1l/uI5qBDonLVCfzQ2A37GJulJKgrA9
xV5BVpCjygwU4RrQqtRHSsuKoy894LB8K3F5K1fQdy7uKb7Pg466/hqNd8kVl3xM
5qlsQITiDxLo+Y3PSWED355s49fk5qzInbVzo7C4xNOUpfGosXofrREsQlAdOEB1
K9UuLAWQ5VSSDHLobC/kGq+GoUL+Qd+4SS90p60CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQl2TVFd/Fs+bFqneJe0GE9v5P2OzAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L0pkazFSWGZ4YlBteGFwM2lYdEJoUGItVDlqcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAsHpZDAMAwQAwel5AwQCwel4MA0G
CSqGSIb3DQEBCwUAA4IBAQBBYpWuOcAWtqSgcBXrz2d9XQ+74WMoypgZOKfbFRhu
EqF1pNwQCcXafNuSGXBbhtN+3KGnlBfvUl/kMXkXu/q2m3j2ZuC/edssztWo/r70
VdLNEeRe63mduZzH3/SjLyMpUdBRv6nDG4ck/tufnO1KyDVA84j8XZAGum0zWd1y
fP+wif+3zDAvGB5pNMdAcRhb/9rmJi9tLhX403JwJ1GFj+VVWRdhEe6NaXLuOo/N
vqlIwyQ7xqjj0KmiulqC3Qnw9PJYj9+wKIxE+rLEjb4xOBZMZY1TsyfhqhsTa2QP
sB8UG3G5X/VsEuBkQYdZlykuqRkWYQCocCMxi73bE9GA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org