Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/JUt8WlPVSVB_W2__CA4bx501KUk.roa
File:                     JUt8WlPVSVB_W2__CA4bx501KUk.roa (raw, json)
Hash identifier:          TLI1CfhUXBx7g0niOCKA+YPV8i5pIWOXnqsJ29ja5zk=
Subject key identifier:   25:4B:7C:5A:53:D5:49:50:7F:5B:6F:FF:08:0E:1B:C7:9D:35:29:49
Certificate issuer:       /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial:       2C9EB9C3
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/JUt8WlPVSVB_W2__CA4bx501KUk.roa
Signing time:             Sat 01 Jan 2022 04:59:34 +0000
ROA not before:           Sat 01 Jan 2022 04:59:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29272
IP address blocks:        85.232.255.128/25 maxlen: 25
                          2001:1a68:2b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 748599747 (0x2c9eb9c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
        Validity
            Not Before: Jan  1 04:59:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=254b7c5a53d549507f5b6fff080e1bc79d352949
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:99:12:1b:98:2d:f0:3c:6e:c9:5e:d7:7e:99:
                    50:e4:a5:8c:3d:fc:34:4e:87:68:ed:3c:79:0f:95:
                    a8:1c:33:c9:3a:65:cc:ff:f5:37:96:f5:77:d6:25:
                    ec:43:32:9b:83:f8:a1:60:84:9c:b8:35:aa:1c:1a:
                    fa:68:7d:cb:52:4c:88:e3:08:d5:66:48:09:b1:91:
                    4c:ad:ad:a6:43:e9:f0:27:40:b5:67:5e:25:c6:a7:
                    34:a8:8b:67:ca:76:0c:b5:cb:57:49:dd:24:36:30:
                    0e:22:67:61:1e:bd:42:2f:90:b4:cd:a6:28:d2:88:
                    ea:e6:50:19:2b:23:c7:07:e8:c5:68:c5:0e:c1:32:
                    2f:3b:ad:3b:c2:9e:34:20:c0:14:27:9d:c8:a6:37:
                    a4:20:f7:13:a1:32:e9:b9:14:0f:e4:e8:04:72:fc:
                    0a:95:68:ac:b1:e9:c4:b0:d8:fc:2c:79:87:6c:95:
                    59:b0:01:ed:29:2b:e3:de:d7:1b:5e:b6:39:85:e8:
                    29:c9:a0:fa:85:03:58:37:ac:a0:96:52:42:a8:84:
                    dc:f4:a2:0b:e3:fb:84:64:78:57:bf:6f:84:7e:db:
                    f7:b0:ef:7c:75:6e:f8:33:8d:8b:bc:7e:8d:e0:ae:
                    5e:50:bb:89:9c:3e:c9:92:88:2a:ad:94:4b:24:bf:
                    f5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4B:7C:5A:53:D5:49:50:7F:5B:6F:FF:08:0E:1B:C7:9D:35:29:49
            X509v3 Authority Key Identifier:
                keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/JUt8WlPVSVB_W2__CA4bx501KUk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.232.255.128/25
                IPv6:
                  2001:1a68:2b::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:c5:77:e9:ac:86:0e:10:1a:78:91:06:83:57:65:d9:ce:ee:
         4f:b9:cd:be:0d:67:76:10:05:d7:7b:51:3b:07:3b:68:f6:b7:
         9a:0a:31:3d:22:b2:4c:79:97:57:ba:02:4b:cb:07:ea:e9:47:
         46:1f:87:00:fc:bf:12:8a:1a:f1:c3:7a:42:2d:32:ba:53:a0:
         78:e5:85:e3:d3:a9:ad:e6:1e:a6:94:1a:84:78:2d:9a:03:11:
         1d:24:d1:50:38:7f:cc:97:75:6b:dd:d5:86:7e:d9:ec:ed:48:
         01:b4:4a:f1:b7:5d:14:90:04:00:74:44:ce:75:25:b9:7e:f9:
         e8:9c:1d:fe:e5:40:13:ce:7e:a2:05:55:57:9e:a7:55:d5:df:
         ab:95:da:ac:8c:4d:04:0e:42:16:b7:db:b5:b8:f0:29:ca:ac:
         37:2f:78:c8:bf:41:c9:98:7b:a3:29:c2:02:61:00:eb:a3:3e:
         17:5f:96:f0:5e:7b:d9:68:48:57:b9:19:f8:e4:a8:a6:68:54:
         66:33:d9:53:37:2c:56:49:22:06:cd:c0:07:f1:e0:f6:eb:4b:
         40:c2:e8:91:3d:34:a5:2b:9d:09:06:46:d6:ba:20:f9:f6:1d:
         bd:8a:78:dd:a5:53:bb:79:fe:81:66:b2:16:9b:6a:63:fc:b0:
         43:92:cc:47
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIELJ65wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU0YjdjNWE1M2Q1
NDk1MDdmNWI2ZmZmMDgwZTFiYzc5ZDM1Mjk0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOZEhuYLfA8bsle136ZUOSljD38NE6HaO08eQ+VqBwzyTpl
zP/1N5b1d9Yl7EMym4P4oWCEnLg1qhwa+mh9y1JMiOMI1WZICbGRTK2tpkPp8CdA
tWdeJcanNKiLZ8p2DLXLV0ndJDYwDiJnYR69Qi+QtM2mKNKI6uZQGSsjxwfoxWjF
DsEyLzutO8KeNCDAFCedyKY3pCD3E6Ey6bkUD+ToBHL8CpVorLHpxLDY/Cx5h2yV
WbAB7Skr497XG162OYXoKcmg+oUDWDesoJZSQqiE3PSiC+P7hGR4V79vhH7b97Dv
fHVu+DONi7x+jeCuXlC7iZw+yZKIKq2USyS/9fMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQlS3xaU9VJUH9bb/8IDhvHnTUpSTAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L0pVdDhXbFBWU1ZCX1cyX19DQTRieDUwMUtVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwDQQCAAEwBwMFB1Xo/4AwDwQCAAIwCQMHACABGmgA
KzANBgkqhkiG9w0BAQsFAAOCAQEACMV36ayGDhAaeJEGg1dl2c7uT7nNvg1ndhAF
13tROwc7aPa3mgoxPSKyTHmXV7oCS8sH6ulHRh+HAPy/Eooa8cN6Qi0yulOgeOWF
49OpreYeppQahHgtmgMRHSTRUDh/zJd1a93Vhn7Z7O1IAbRK8bddFJAEAHREznUl
uX756Jwd/uVAE85+ogVVV56nVdXfq5XarIxNBA5CFrfbtbjwKcqsNy94yL9ByZh7
oynCAmEA66M+F1+W8F572WhIV7kZ+OSopmhUZjPZUzcsVkkiBs3AB/Hg9utLQMLo
kT00pSudCQZG1rog+fYdvYp43aVTu3n+gWayFptqY/ywQ5LMRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:57 2024 by rpki-client on console-fra.rpki-client.org