Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/jvlLLx6kiaLhbljdbf7x7Oghh1g.roa
File:                     jvlLLx6kiaLhbljdbf7x7Oghh1g.roa (raw, json)
Hash identifier:          Plmisjm9sD+94OK91ftX9j35pvUVeYJRto+Ft2GpQ40=
Subject key identifier:   8E:F9:4B:2F:1E:A4:89:A2:E1:6E:58:DD:6D:FE:F1:EC:E8:21:87:58
Certificate issuer:       /CN=1a4f8001c30cac546e3f92103b4b12732dfcbf52
Certificate serial:       0617477A
Authority key identifier: 1A:4F:80:01:C3:0C:AC:54:6E:3F:92:10:3B:4B:12:73:2D:FC:BF:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk-AAcMMrFRuP5IQO0sScy38v1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/jvlLLx6kiaLhbljdbf7x7Oghh1g.roa
Signing time:             Sat 01 Jan 2022 14:58:41 +0000
ROA not before:           Sat 01 Jan 2022 14:58:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12735
IP address blocks:        195.49.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102188922 (0x617477a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4f8001c30cac546e3f92103b4b12732dfcbf52
        Validity
            Not Before: Jan  1 14:58:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ef94b2f1ea489a2e16e58dd6dfef1ece8218758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b0:8b:9c:ff:9c:59:52:44:ce:47:3d:e4:a2:
                    68:07:a1:da:40:0d:20:5e:85:51:c8:46:45:40:c1:
                    e8:a4:5f:87:db:5c:27:60:b7:95:3e:ea:b1:57:11:
                    c8:6c:52:3e:b7:79:9d:b0:18:80:01:68:b1:a8:45:
                    c7:b9:97:21:35:a3:00:ff:68:48:22:cf:0c:e1:a6:
                    a5:4b:73:b1:cc:a7:b6:d9:b0:4d:88:53:52:4e:74:
                    e3:0d:66:69:b3:c7:bc:fb:20:8b:ba:6a:0e:e3:0c:
                    8f:a4:90:ca:62:be:3d:16:1c:1a:07:12:bd:18:eb:
                    2a:c6:fe:62:72:86:dc:f5:31:72:e7:da:3c:50:c1:
                    6e:b2:be:3e:6e:ac:f7:81:fd:df:fa:9a:43:f2:de:
                    db:3f:df:cc:74:bd:4a:8b:c4:83:ab:bc:e4:6b:03:
                    83:9e:e0:ff:3f:5e:0d:4f:0a:1f:b9:51:45:b6:65:
                    b1:ff:80:fb:d1:f3:c1:e4:f7:8d:3b:bb:be:6f:4c:
                    ee:4e:72:3e:64:b4:cd:2d:46:10:40:ef:17:5e:9c:
                    6a:6e:d5:86:ff:3d:0c:5b:4d:d6:42:d5:a2:26:81:
                    3c:c7:18:a1:b6:90:1c:81:48:fc:f5:64:ee:cd:be:
                    4d:d1:90:94:ea:e2:53:20:2b:da:72:21:c0:1e:49:
                    95:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:F9:4B:2F:1E:A4:89:A2:E1:6E:58:DD:6D:FE:F1:EC:E8:21:87:58
            X509v3 Authority Key Identifier:
                keyid:1A:4F:80:01:C3:0C:AC:54:6E:3F:92:10:3B:4B:12:73:2D:FC:BF:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk-AAcMMrFRuP5IQO0sScy38v1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/jvlLLx6kiaLhbljdbf7x7Oghh1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/Gk-AAcMMrFRuP5IQO0sScy38v1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.49.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:ec:38:0f:82:ef:26:dd:5c:18:d5:85:bc:00:78:52:ec:99:
         f4:8e:ea:cc:d9:b8:16:6c:a0:83:d8:7e:d9:70:26:8b:59:9b:
         28:04:77:a4:98:ac:47:83:bd:ba:de:0d:97:01:87:b3:2d:ed:
         d4:6f:03:4c:01:b1:ac:be:c7:12:b5:73:7e:34:00:09:12:bb:
         9d:f7:63:a3:84:3b:1e:81:74:84:fb:5d:ff:ac:f2:fb:28:df:
         48:d0:23:c6:d0:a1:d9:f0:e1:82:21:a8:95:f5:b9:81:c5:c2:
         ea:29:d9:e0:3d:66:07:77:98:aa:f3:0b:1a:9b:19:95:93:bd:
         a8:2e:f8:b1:db:6b:26:9b:94:bf:d0:f9:8a:9f:52:8c:36:76:
         fc:d4:40:f8:20:f5:83:f1:53:68:a5:89:f6:c8:48:ff:df:ad:
         32:c9:21:ce:d4:47:ff:9a:0a:fe:8f:ae:9e:f6:b8:11:0f:ca:
         4e:07:7d:6a:28:c6:ef:fe:b2:20:ec:5c:72:a3:74:2c:62:c6:
         4c:22:a9:3f:3b:24:b8:ef:4b:06:c7:c4:63:33:5e:a7:cb:e9:
         6f:5c:25:ac:64:46:e1:eb:e4:c1:8e:02:3d:89:2e:29:e4:ba:
         15:97:90:d3:bd:a4:6c:83:bd:76:e7:16:23:91:71:a1:d5:fa:
         90:5a:fd:26
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBhdHejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTRmODAwMWMzMGNhYzU0NmUzZjkyMTAzYjRiMTI3MzJkZmNiZjUyMB4XDTIyMDEw
MTE0NTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVmOTRiMmYxZWE0
ODlhMmUxNmU1OGRkNmRmZWYxZWNlODIxODc1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiwi5z/nFlSRM5HPeSiaAeh2kANIF6FUchGRUDB6KRfh9tc
J2C3lT7qsVcRyGxSPrd5nbAYgAFosahFx7mXITWjAP9oSCLPDOGmpUtzscynttmw
TYhTUk504w1mabPHvPsgi7pqDuMMj6SQymK+PRYcGgcSvRjrKsb+YnKG3PUxcufa
PFDBbrK+Pm6s94H93/qaQ/Le2z/fzHS9SovEg6u85GsDg57g/z9eDU8KH7lRRbZl
sf+A+9HzweT3jTu7vm9M7k5yPmS0zS1GEEDvF16cam7Vhv89DFtN1kLVoiaBPMcY
obaQHIFI/PVk7s2+TdGQlOriUyAr2nIhwB5JlW8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSO+UsvHqSJouFuWN1t/vHs6CGHWDAfBgNVHSMEGDAWgBQaT4ABwwysVG4/
khA7SxJzLfy/UjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0drLUFBY01NckZSdVA1SVFPMHNTY3kzOHYxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZDZjODZkLTZjNjUtNGEyNS1hOGZhLTM4ZDRmMzIxMTg5Ni8x
L2p2bExMeDZraWFMaGJsamRiZjd4N09naGgxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZDZjODZkLTZjNjUtNGEyNS1hOGZhLTM4ZDRmMzIxMTg5Ni8xL0drLUFBY01NckZS
dVA1SVFPMHNTY3kzOHYxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMx7zANBgkqhkiG9w0BAQsFAAOC
AQEAN+w4D4LvJt1cGNWFvAB4UuyZ9I7qzNm4Fmygg9h+2XAmi1mbKAR3pJisR4O9
ut4NlwGHsy3t1G8DTAGxrL7HErVzfjQACRK7nfdjo4Q7HoF0hPtd/6zy+yjfSNAj
xtCh2fDhgiGolfW5gcXC6inZ4D1mB3eYqvMLGpsZlZO9qC74sdtrJpuUv9D5ip9S
jDZ2/NRA+CD1g/FTaKWJ9shI/9+tMskhztRH/5oK/o+unva4EQ/KTgd9aijG7/6y
IOxccqN0LGLGTCKpPzskuO9LBsfEYzNep8vpb1wlrGRG4evkwY4CPYkuKeS6FZeQ
072kbIO9ducWI5FxodX6kFr9Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:05 2024 by rpki-client on console-fra.rpki-client.org