Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jsaTfGic_1KsVnIwqwrct-JP-LM.roa
File:                     jsaTfGic_1KsVnIwqwrct-JP-LM.roa (raw, json)
Hash identifier:          EpFTGvADJdV5panyHss/wHUBhJxyP8Ego/S0kKA5Utg=
Subject key identifier:   8E:C6:93:7C:68:9C:FF:52:AC:56:72:30:AB:0A:DC:B7:E2:4F:F8:B3
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       094934F0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jsaTfGic_1KsVnIwqwrct-JP-LM.roa
Signing time:             Sat 01 Jan 2022 06:00:37 +0000
ROA not before:           Sat 01 Jan 2022 06:00:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206638
IP address blocks:        2.56.244.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155792624 (0x94934f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 06:00:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ec6937c689cff52ac567230ab0adcb7e24ff8b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:0e:68:c6:e5:2b:5c:f9:87:e7:80:ee:91:45:
                    02:28:ba:a5:b5:e8:5f:d8:99:13:e4:01:15:24:02:
                    3a:58:a9:44:fa:64:38:97:c6:c0:c6:54:8c:87:01:
                    ba:fc:74:67:41:02:46:31:35:5c:b2:46:72:8d:7e:
                    3e:0f:9d:29:8d:e0:f3:24:ad:0b:68:b4:02:c6:a7:
                    a7:0b:0d:b8:a3:10:51:9f:1f:ee:31:6b:e3:1f:15:
                    9b:32:eb:fb:66:cc:35:2f:f3:31:f6:fe:6c:00:53:
                    90:63:3d:2a:3c:37:59:ca:ed:22:a6:63:dd:76:3a:
                    c6:d6:cc:9a:4a:c3:5f:47:b0:ce:77:f1:bb:cc:c7:
                    b4:ea:f0:53:69:61:94:0e:27:79:9b:1e:c9:43:3d:
                    d0:ed:32:f5:ff:d0:18:c3:60:52:7a:2b:40:e2:0e:
                    50:4f:d2:ec:97:c6:91:28:ca:d3:ce:31:ae:67:26:
                    fc:08:61:4b:68:af:39:41:5c:85:31:17:32:4f:29:
                    a4:87:3a:c2:4b:b4:27:5b:6d:e1:01:31:55:f9:bd:
                    75:4f:91:0f:ab:c7:fc:b5:e5:fd:80:75:ac:f0:8e:
                    0c:d6:0a:12:f6:1f:75:05:fc:9e:88:62:61:14:c7:
                    b6:4b:e8:35:32:28:94:86:c0:54:0c:55:20:ce:4c:
                    8b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:C6:93:7C:68:9C:FF:52:AC:56:72:30:AB:0A:DC:B7:E2:4F:F8:B3
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/jsaTfGic_1KsVnIwqwrct-JP-LM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:d5:11:cf:0e:31:19:dc:42:78:ef:7f:b2:97:fd:67:23:50:
         a7:21:01:fa:0f:da:9d:26:de:e5:53:79:e4:44:51:df:17:28:
         7f:21:71:01:1b:f6:cb:40:03:f5:8c:51:34:23:31:dd:9c:a4:
         45:92:61:84:db:32:13:15:11:4c:06:bc:c6:3b:a2:48:1a:9a:
         16:05:6d:3d:df:80:e2:69:ec:d7:e9:db:6a:33:31:03:ad:34:
         6f:bc:dd:b3:35:ed:d3:0f:9f:9e:cb:18:6b:9f:99:1d:21:f0:
         07:e5:93:47:2c:74:9d:61:56:03:c2:e2:8e:0e:51:de:5e:05:
         73:c8:d6:dc:f4:24:88:50:a7:46:58:09:62:7d:05:03:0a:69:
         23:1a:28:29:8d:20:53:58:6d:cb:9f:50:c7:66:27:8e:42:29:
         5b:f9:8d:ec:b2:24:fc:b9:69:66:12:b3:2f:b8:a7:6f:8b:0a:
         b0:14:29:43:e3:7a:3c:02:93:0e:9f:82:fb:fb:20:7a:4f:ce:
         ed:78:da:ba:44:49:24:92:1e:ab:8b:9a:a1:73:e6:be:09:ee:
         b5:cd:ef:30:f1:0e:42:58:d3:bd:12:31:dd:40:aa:6a:40:2b:
         d1:49:7f:43:c0:88:02:9f:d7:02:69:f3:33:16:95:a8:20:9b:
         9c:ad:5b:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUk08DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVjNjkzN2M2ODlj
ZmY1MmFjNTY3MjMwYWIwYWRjYjdlMjRmZjhiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4OaMblK1z5h+eA7pFFAii6pbXoX9iZE+QBFSQCOlipRPpk
OJfGwMZUjIcBuvx0Z0ECRjE1XLJGco1+Pg+dKY3g8yStC2i0AsanpwsNuKMQUZ8f
7jFr4x8VmzLr+2bMNS/zMfb+bABTkGM9Kjw3WcrtIqZj3XY6xtbMmkrDX0ewznfx
u8zHtOrwU2lhlA4neZseyUM90O0y9f/QGMNgUnorQOIOUE/S7JfGkSjK084xrmcm
/AhhS2ivOUFchTEXMk8ppIc6wku0J1tt4QExVfm9dU+RD6vH/LXl/YB1rPCODNYK
EvYfdQX8nohiYRTHtkvoNTIolIbAVAxVIM5Mi7UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOxpN8aJz/UqxWcjCrCty34k/4szAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L2pzYVRmR2ljXzFLc1ZuSXdxd3JjdC1KUC1MTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI49DANBgkqhkiG9w0BAQsFAAOC
AQEAAtURzw4xGdxCeO9/spf9ZyNQpyEB+g/anSbe5VN55ERR3xcofyFxARv2y0AD
9YxRNCMx3ZykRZJhhNsyExURTAa8xjuiSBqaFgVtPd+A4mns1+nbajMxA600b7zd
szXt0w+fnssYa5+ZHSHwB+WTRyx0nWFWA8Lijg5R3l4Fc8jW3PQkiFCnRlgJYn0F
AwppIxooKY0gU1hty59Qx2YnjkIpW/mN7LIk/LlpZhKzL7inb4sKsBQpQ+N6PAKT
Dp+C+/sgek/O7XjaukRJJJIeq4uaoXPmvgnutc3vMPEOQljTvRIx3UCqakAr0Ul/
Q8CIAp/XAmnzMxaVqCCbnK1bVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org