Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/pjrbenUda7djenpoZgZKkMHs66c.roa
File:                     pjrbenUda7djenpoZgZKkMHs66c.roa (raw, json)
Hash identifier:          vyVc8K/qoGyIUWJPe1DmDvIL0xXU8t2eOQnOeuG/+N8=
Subject key identifier:   A6:3A:DB:7A:75:1D:6B:B7:63:7A:7A:68:66:06:4A:90:C1:EC:EB:A7
Certificate issuer:       /CN=4a4713cc31b7ea3891be1455de11dcc2f329d515
Certificate serial:       01B889
Authority key identifier: 4A:47:13:CC:31:B7:EA:38:91:BE:14:55:DE:11:DC:C2:F3:29:D5:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SkcTzDG36jiRvhRV3hHcwvMp1RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/pjrbenUda7djenpoZgZKkMHs66c.roa
Signing time:             Sat 28 May 2022 04:16:27 +0000
ROA not before:           Sat 28 May 2022 04:16:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399686
IP address blocks:        213.232.255.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112777 (0x1b889)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a4713cc31b7ea3891be1455de11dcc2f329d515
        Validity
            Not Before: May 28 04:16:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a63adb7a751d6bb7637a7a6866064a90c1eceba7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:44:bd:4c:a6:65:d8:2b:4c:58:de:47:1e:21:
                    16:43:1f:73:85:c9:69:bd:ea:20:d7:11:5c:9c:54:
                    ee:45:f4:bc:7b:75:b9:91:c0:ee:f1:9e:c3:c2:c2:
                    26:c4:59:00:e2:b4:10:4a:a0:13:c4:3d:a8:37:4b:
                    b5:b0:78:52:71:a3:31:36:02:8e:eb:b2:1e:d9:e1:
                    21:de:46:2b:8d:9b:84:7f:3e:03:b1:4c:69:81:c6:
                    a1:a1:5f:dc:9d:be:e9:32:e1:be:2c:fa:22:5e:0d:
                    e1:db:07:5e:ad:10:6b:bd:d2:54:80:bf:77:66:90:
                    4b:9d:d8:df:75:b7:79:31:b8:f7:fa:71:b7:ec:b7:
                    bb:e4:9e:1b:81:e4:15:48:91:1a:76:27:ed:f1:ef:
                    78:72:9f:23:0e:98:b5:be:65:e5:dc:de:c0:ec:3d:
                    9a:89:4f:6a:5a:75:09:e4:40:49:d7:32:e0:d4:fd:
                    e5:53:bf:8f:66:e6:33:b1:63:88:2b:7b:fd:e1:0d:
                    b0:2a:49:a2:f0:6e:47:d3:e6:82:e6:bd:6e:e2:04:
                    d7:b4:e3:02:9a:90:62:38:6b:00:0e:ed:ce:9c:bb:
                    b5:1e:10:60:21:85:ed:94:a6:21:ec:cc:38:11:aa:
                    fa:a4:fd:43:1d:16:34:a1:e6:f1:07:63:43:b6:3a:
                    85:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:3A:DB:7A:75:1D:6B:B7:63:7A:7A:68:66:06:4A:90:C1:EC:EB:A7
            X509v3 Authority Key Identifier:
                keyid:4A:47:13:CC:31:B7:EA:38:91:BE:14:55:DE:11:DC:C2:F3:29:D5:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkcTzDG36jiRvhRV3hHcwvMp1RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/pjrbenUda7djenpoZgZKkMHs66c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/397f55-2b76-41de-86aa-a4202a40ce18/1/SkcTzDG36jiRvhRV3hHcwvMp1RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:e6:fc:13:70:4d:ec:26:79:86:14:c7:17:1e:04:d6:fd:e2:
         9b:6c:95:0e:5b:25:c8:64:b2:6d:20:54:c5:58:88:8c:7a:7a:
         00:74:12:f6:4e:fd:dc:17:16:b6:73:1c:fd:0f:da:2a:fd:f6:
         bb:4e:e1:7c:16:a6:f4:7a:57:ad:f8:f3:f9:6f:cc:9a:09:5c:
         50:3b:a6:ec:5a:0b:57:cc:cc:77:49:d5:56:ed:37:b8:27:42:
         78:94:be:f9:64:2f:58:55:1a:88:8b:e1:da:77:8a:ca:b9:e5:
         48:bf:38:e6:c8:1d:39:2c:26:96:e4:b3:f6:0d:51:8c:e8:6d:
         b7:bf:61:e8:c2:b9:db:79:38:67:f6:72:3d:b1:66:3a:5c:dc:
         9c:56:6d:b3:9e:3f:fd:fa:0d:b3:cf:01:77:22:81:ff:dc:a6:
         91:d6:52:f5:c3:57:0f:e9:14:d1:3d:ff:5e:6d:28:d4:dd:48:
         4f:42:5b:47:f7:ff:15:0b:dc:16:e7:5e:50:36:5c:d1:b4:8b:
         0f:5f:cc:0e:c1:db:f1:3d:6c:a2:1f:1c:19:f2:5d:89:fb:08:
         40:81:83:ad:82:63:9c:f9:24:28:3c:cf:61:fd:85:87:22:54:
         ea:3e:97:f6:a8:2d:ed:0a:8c:04:e5:87:48:65:a3:b0:72:ec:
         e0:23:fe:ba
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAbiJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
NDcxM2NjMzFiN2VhMzg5MWJlMTQ1NWRlMTFkY2MyZjMyOWQ1MTUwHhcNMjIwNTI4
MDQxNjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNjNhZGI3YTc1MWQ2
YmI3NjM3YTdhNjg2NjA2NGE5MGMxZWNlYmE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmES9TKZl2CtMWN5HHiEWQx9zhclpveog1xFcnFTuRfS8e3W5
kcDu8Z7DwsImxFkA4rQQSqATxD2oN0u1sHhScaMxNgKO67Ie2eEh3kYrjZuEfz4D
sUxpgcahoV/cnb7pMuG+LPoiXg3h2wderRBrvdJUgL93ZpBLndjfdbd5Mbj3+nG3
7Le75J4bgeQVSJEadift8e94cp8jDpi1vmXl3N7A7D2aiU9qWnUJ5EBJ1zLg1P3l
U7+PZuYzsWOIK3v94Q2wKkmi8G5H0+aC5r1u4gTXtOMCmpBiOGsADu3OnLu1HhBg
IYXtlKYh7Mw4Ear6pP1DHRY0oebxB2NDtjqFAQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKY623p1HWu3Y3p6aGYGSpDB7OunMB8GA1UdIwQYMBaAFEpHE8wxt+o4kb4U
Vd4R3MLzKdUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U2tjVHpERzM2amlSdmhSVjNoSGN3dk1wMVJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMi8zOTdmNTUtMmI3Ni00MWRlLTg2YWEtYTQyMDJhNDBjZTE4LzEv
cGpyYmVuVWRhN2RqZW5wb1pnWktrTUhzNjZjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8z
OTdmNTUtMmI3Ni00MWRlLTg2YWEtYTQyMDJhNDBjZTE4LzEvU2tjVHpERzM2amlS
dmhSVjNoSGN3dk1wMVJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ej/MA0GCSqGSIb3DQEBCwUAA4IB
AQAV5vwTcE3sJnmGFMcXHgTW/eKbbJUOWyXIZLJtIFTFWIiMenoAdBL2Tv3cFxa2
cxz9D9oq/fa7TuF8Fqb0elet+PP5b8yaCVxQO6bsWgtXzMx3SdVW7Te4J0J4lL75
ZC9YVRqIi+Had4rKueVIvzjmyB05LCaW5LP2DVGM6G23v2HowrnbeThn9nI9sWY6
XNycVm2znj/9+g2zzwF3IoH/3KaR1lL1w1cP6RTRPf9ebSjU3UhPQltH9/8VC9wW
515QNlzRtIsPX8wOwdvxPWyiHxwZ8l2J+whAgYOtgmOc+SQoPM9h/YWHIlTqPpf2
qC3tCowE5YdIZaOwcuzgI/66
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:49 2024 by rpki-client on console-fra.rpki-client.org