Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa
File:                     JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa (raw, json)
Hash identifier:          t/QQr9KDxwUxDVBlek3MVAeF5cKGaCEeU7lv23rB7Hw=
Subject key identifier:   25:B5:50:49:BD:9E:1E:22:97:B9:7E:85:74:95:13:67:8A:F1:56:76
Certificate issuer:       /CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
Certificate serial:       0184F15FD526BAF35861858422B266A652E6
Authority key identifier: E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa
Signing time:             Thu 08 Dec 2022 10:55:00 +0000
ROA not before:           Thu 08 Dec 2022 10:55:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8560
IP address blocks:        109.228.0.0/18 maxlen: 24
                          217.174.240.0/20 maxlen: 24
                          93.90.192.0/20 maxlen: 24
                          79.99.40.0/21 maxlen: 24
                          77.68.0.0/17 maxlen: 24
                          185.132.36.0/22 maxlen: 24
                          88.208.192.0/18 maxlen: 24
                          213.171.192.0/19 maxlen: 24
                          185.132.40.0/22 maxlen: 24
                          2a00:da00::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f1:5f:d5:26:ba:f3:58:61:85:84:22:b2:66:a6:52:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
        Validity
            Not Before: Dec  8 10:55:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25b55049bd9e1e2297b97e85749513678af15676
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:26:c8:4b:5f:d1:a8:a6:13:da:a9:68:59:48:
                    1a:ff:39:8b:02:68:84:4f:72:6d:a0:04:b8:ab:69:
                    91:ed:8e:1e:03:ec:eb:a2:27:33:ae:dc:7f:03:42:
                    6a:61:ff:6d:b6:2c:2e:7e:c1:a7:26:ba:43:25:e3:
                    b6:6e:35:83:9d:85:6d:22:97:79:bd:04:f4:05:41:
                    80:65:15:ab:ba:5c:f9:d4:bd:33:e3:4f:29:83:c4:
                    34:72:cb:f3:ea:aa:76:d4:4f:56:6b:2d:40:5f:bf:
                    f6:df:d1:7f:d3:94:5d:e7:ef:5a:36:36:f5:ff:33:
                    1f:5f:40:e9:73:1d:4b:5e:a8:41:70:c1:6d:37:3f:
                    52:c1:61:ae:23:d9:df:b7:4b:a6:a8:10:31:12:a0:
                    89:90:34:ca:d5:bb:be:5c:c0:94:a6:91:3d:74:16:
                    3e:ad:ef:1a:b0:46:d6:ca:ce:84:79:4e:51:53:51:
                    d9:11:47:9e:89:84:68:da:d0:00:8e:d3:aa:9d:04:
                    48:82:c1:3a:11:aa:e9:59:76:54:69:65:c7:76:c3:
                    5a:2f:a6:dc:4d:63:5a:df:93:ee:ac:67:c9:3b:05:
                    6d:fa:86:93:74:a7:1b:aa:93:6a:a3:80:ff:3c:31:
                    d3:04:22:1d:30:aa:2e:42:19:01:60:72:17:21:29:
                    fe:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B5:50:49:BD:9E:1E:22:97:B9:7E:85:74:95:13:67:8A:F1:56:76
            X509v3 Authority Key Identifier:
                keyid:E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/55b_u99E78Ho4QIA1J2o7tCjtx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.68.0.0/17
                  79.99.40.0/21
                  88.208.192.0/18
                  93.90.192.0/20
                  109.228.0.0/18
                  185.132.36.0-185.132.43.255
                  213.171.192.0/19
                  217.174.240.0/20
                IPv6:
                  2a00:da00::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:ba:58:c7:fa:e2:ec:da:1c:f2:e0:25:93:bb:52:bf:24:05:
         b6:3c:6d:f0:6e:76:da:10:a1:4c:2d:9b:53:cc:d4:03:c1:c7:
         90:13:cd:92:36:6c:42:5f:c0:ea:b9:c6:56:48:97:7b:ce:78:
         5e:4c:43:2c:33:5c:9b:f5:f8:1c:1e:34:05:35:4b:c8:c0:0d:
         d0:53:60:74:bb:b3:76:db:34:63:dc:a1:ff:af:e2:e3:ec:da:
         51:c8:b2:1c:8a:1c:ff:f5:9d:86:34:3d:de:34:95:06:73:82:
         f7:3f:b7:84:0c:cc:56:f5:06:5d:22:4f:d8:90:99:91:9d:98:
         8b:29:e4:3c:df:a7:93:dc:a3:fd:72:ae:13:c8:6f:5f:7b:57:
         f3:18:58:da:e3:37:89:02:08:ba:ab:9d:1f:33:c5:10:55:6a:
         34:35:22:08:ab:93:6a:9e:c0:3e:e4:4c:3a:2b:13:7b:b1:6b:
         e8:37:81:38:75:b2:d1:1e:26:86:21:87:9c:73:5e:cc:a0:e5:
         b3:87:3a:38:e1:c4:97:93:ff:51:8d:17:17:7e:d9:64:6f:fd:
         31:0e:d2:56:44:b9:6a:6f:ed:c3:22:ee:ab:e1:64:3c:5b:91:
         40:cf:3b:c5:ae:0d:ce:ef:3b:37:c2:6f:43:bd:fc:99:66:77:
         f6:68:0a:6c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYTxX9UmuvNYYYWEIrJmplLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTZmZmJiZGY0NGVmYzFlOGUxMDIwMGQ0OWRhOGVlZDBh
M2I3MWUwHhcNMjIxMjA4MTA1NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWI1NTA0OWJkOWUxZTIyOTdiOTdlODU3NDk1MTM2NzhhZjE1Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCbIS1/RqKYT2qloWUga/zmLAmiE
T3JtoAS4q2mR7Y4eA+zroiczrtx/A0JqYf9ttiwufsGnJrpDJeO2bjWDnYVtIpd5
vQT0BUGAZRWrulz51L0z408pg8Q0csvz6qp21E9Way1AX7/239F/05Rd5+9aNjb1
/zMfX0Dpcx1LXqhBcMFtNz9SwWGuI9nft0umqBAxEqCJkDTK1bu+XMCUppE9dBY+
re8asEbWys6EeU5RU1HZEUeeiYRo2tAAjtOqnQRIgsE6EarpWXZUaWXHdsNaL6bc
TWNa35PurGfJOwVt+oaTdKcbqpNqo4D/PDHTBCIdMKouQhkBYHIXISn+3wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCW1UEm9nh4il7l+hXSVE2eK8VZ2MB8GA1UdIwQY
MBaAFOeW/7vfRO/B6OECANSdqO7Qo7ceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAt
ZTQzMjJjOWRkZTljLzEvSmJWUVNiMmVIaUtYdVg2RmRKVVRaNHJ4Vm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAtZTQzMjJjOWRkZTlj
LzEvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQHTUQAAwQD
T2MoAwQGWNDAAwQEXVrAAwQGbeQAMAwDBAK5hCQDBAK5hCgDBAXVq8ADBATZrvAw
DQQCAAIwBwMFACoA2gAwDQYJKoZIhvcNAQELBQADggEBAFK6WMf64uzaHPLgJZO7
Ur8kBbY8bfBudtoQoUwtm1PM1APBx5ATzZI2bEJfwOq5xlZIl3vOeF5MQywzXJv1
+BweNAU1S8jADdBTYHS7s3bbNGPcof+v4uPs2lHIshyKHP/1nYY0Pd40lQZzgvc/
t4QMzFb1Bl0iT9iQmZGdmIsp5Dzfp5Pco/1yrhPIb197V/MYWNrjN4kCCLqrnR8z
xRBVajQ1Igirk2qewD7kTDorE3uxa+g3gTh1stEeJoYhh5xzXsyg5bOHOjjhxJeT
/1GNFxd+2WRv/TEO0lZEuWpv7cMi7qvhZDxbkUDPO8WuDc7vOzfCb0O9/Jlmd/Zo
Cmw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:46 2024 by rpki-client on console-ams.rpki-client.org