Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/JaYk_8aMWzZD04s772GU6WUWrkM.roa
File:                     JaYk_8aMWzZD04s772GU6WUWrkM.roa (raw, json)
Hash identifier:          M2G6JdChSvhJv14YgRLtYnDmBX77YJXhek4t2leXwlA=
Subject key identifier:   25:A6:24:FF:C6:8C:5B:36:43:D3:8B:3B:EF:61:94:E9:65:16:AE:43
Certificate issuer:       /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial:       018513B1BCAA2753CC9E52EF3F72B40F760C
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/JaYk_8aMWzZD04s772GU6WUWrkM.roa
Signing time:             Thu 15 Dec 2022 02:51:33 +0000
ROA not before:           Thu 15 Dec 2022 02:51:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210538
IP address blocks:        185.93.222.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:13:b1:bc:aa:27:53:cc:9e:52:ef:3f:72:b4:0f:76:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
        Validity
            Not Before: Dec 15 02:51:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25a624ffc68c5b3643d38b3bef6194e96516ae43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9c:af:9e:2a:18:33:e9:d7:da:eb:31:b7:f5:
                    90:43:4f:de:a6:17:f7:26:a9:e9:66:ae:85:5a:a8:
                    5c:56:f0:22:ba:66:b8:3c:fa:88:b2:2f:15:ed:a0:
                    2f:a5:31:a6:c2:46:7d:26:f0:d8:53:e1:2e:0e:d3:
                    ae:e1:3c:89:64:0e:84:ad:ca:65:fe:d4:04:17:9f:
                    71:5b:93:06:0e:cd:94:94:30:ea:d6:0a:de:66:06:
                    24:f1:8b:3d:f7:82:46:b7:51:21:14:ad:a8:96:92:
                    4c:08:88:bf:8b:be:de:95:05:f4:c3:89:33:8f:de:
                    94:69:93:8e:c9:48:32:da:eb:d0:c5:00:b9:ab:a2:
                    e8:53:dd:1a:91:83:d3:13:e6:d3:91:64:7d:18:c3:
                    70:27:20:17:f5:63:53:01:de:bc:99:95:ed:28:87:
                    cf:62:81:8b:da:50:ae:ac:fe:dd:99:dc:e2:e7:6c:
                    9f:d9:c4:b8:5e:9f:ce:0f:71:aa:b6:9e:e8:ef:ac:
                    6f:2f:4c:69:6b:4a:cd:d8:1c:8d:53:de:c7:ee:aa:
                    d8:41:37:9a:2d:30:9a:d8:37:0c:c0:9a:4c:22:8a:
                    03:94:7d:e3:b9:b5:37:c2:12:14:19:87:6c:dd:c8:
                    11:35:11:aa:e7:16:63:0b:31:ba:17:38:28:e0:fc:
                    22:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:A6:24:FF:C6:8C:5B:36:43:D3:8B:3B:EF:61:94:E9:65:16:AE:43
            X509v3 Authority Key Identifier:
                keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/JaYk_8aMWzZD04s772GU6WUWrkM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.93.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:36:d4:25:46:b4:4a:cf:e4:23:b0:5a:d6:42:09:b2:ec:b0:
         1f:3d:37:1f:f2:f4:6d:dd:c6:23:61:fe:3a:aa:01:80:bf:6f:
         bc:7a:03:4e:a1:22:10:f6:5e:b9:a6:f3:63:33:7d:e0:6a:14:
         d9:06:c5:72:2f:67:56:e9:12:6e:4b:42:13:da:fe:50:6d:51:
         35:df:4b:2a:8b:f8:63:b8:85:2b:60:a5:ca:2d:47:bf:88:c0:
         bf:bb:2f:7d:78:92:c7:e1:03:a9:41:f5:29:db:67:8b:ae:e4:
         87:d8:2e:1a:67:a9:2f:44:b6:44:14:ac:2d:84:aa:60:dc:1b:
         c5:63:35:0d:1c:22:7b:a4:12:4f:b9:19:1a:5d:39:e7:bb:7d:
         3f:c8:8c:fa:0e:db:67:2b:87:6a:69:27:fb:a9:0f:46:fd:8a:
         d1:b8:e3:7c:b7:6a:32:2a:65:7e:79:2a:4a:6c:ba:11:6f:74:
         fa:20:d9:a7:b9:ca:2b:33:4c:0c:6c:1d:2f:c7:69:93:7e:41:
         6d:f9:67:51:d6:53:01:14:cb:6c:37:9e:07:c2:d1:c5:83:6e:
         1f:4b:79:44:d1:c4:6b:58:ec:0c:a8:1f:c6:5b:db:b1:19:e7:
         cd:dc:37:b6:a2:50:4a:4e:02:c6:a1:0d:b6:38:f0:00:2e:39:
         22:62:62:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUTsbyqJ1PMnlLvP3K0D3YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjIxMjE1MDI1MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE2MjRmZmM2OGM1YjM2NDNkMzhiM2JlZjYxOTRlOTY1MTZhZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZyvnioYM+nX2usxt/WQQ0/ephf3
JqnpZq6FWqhcVvAiuma4PPqIsi8V7aAvpTGmwkZ9JvDYU+EuDtOu4TyJZA6Ercpl
/tQEF59xW5MGDs2UlDDq1greZgYk8Ys994JGt1EhFK2olpJMCIi/i77elQX0w4kz
j96UaZOOyUgy2uvQxQC5q6LoU90akYPTE+bTkWR9GMNwJyAX9WNTAd68mZXtKIfP
YoGL2lCurP7dmdzi52yf2cS4Xp/OD3Gqtp7o76xvL0xpa0rN2ByNU97H7qrYQTea
LTCa2DcMwJpMIooDlH3jubU3whIUGYds3cgRNRGq5xZjCzG6Fzgo4PwixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWmJP/GjFs2Q9OLO+9hlOllFq5DMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvSmFZa184YU1XelpEMDRzNzcyR1U2V1VXcmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV3eMA0G
CSqGSIb3DQEBCwUAA4IBAQBENtQlRrRKz+QjsFrWQgmy7LAfPTcf8vRt3cYjYf46
qgGAv2+8egNOoSIQ9l65pvNjM33gahTZBsVyL2dW6RJuS0IT2v5QbVE130sqi/hj
uIUrYKXKLUe/iMC/uy99eJLH4QOpQfUp22eLruSH2C4aZ6kvRLZEFKwthKpg3BvF
YzUNHCJ7pBJPuRkaXTnnu30/yIz6DttnK4dqaSf7qQ9G/YrRuON8t2oyKmV+eSpK
bLoRb3T6INmnucorM0wMbB0vx2mTfkFt+WdR1lMBFMtsN54HwtHFg24fS3lE0cRr
WOwMqB/GW9uxGefN3De2olBKTgLGoQ22OPAALjkiYmIt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org