Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/JcWu8Edds8ZXKVFlZRn06OdWbOY.roa
File:                     JcWu8Edds8ZXKVFlZRn06OdWbOY.roa (raw, json)
Hash identifier:          KXS297/78SQZgbeONF5dNCPkUTbumpv0RfJV5lbBe6s=
Subject key identifier:   25:C5:AE:F0:47:5D:B3:C6:57:29:51:65:65:19:F4:E8:E7:56:6C:E6
Certificate issuer:       /CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
Certificate serial:       023094E0
Authority key identifier: 79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/JcWu8Edds8ZXKVFlZRn06OdWbOY.roa
Signing time:             Sat 01 Jan 2022 13:58:58 +0000
ROA not before:           Sat 01 Jan 2022 13:58:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59717
IP address blocks:        91.239.72.0/24 maxlen: 24
                          2a0e:4280::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36738272 (0x23094e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
        Validity
            Not Before: Jan  1 13:58:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25c5aef0475db3c6572951656519f4e8e7566ce6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:eb:9f:64:6f:7e:8c:44:4b:5c:7a:77:b1:8f:
                    28:80:fb:d2:27:df:9b:f5:ba:7e:12:b7:69:b7:e4:
                    b2:67:b7:e8:ad:b9:0f:53:05:1f:93:07:dd:9e:4e:
                    99:5b:97:eb:30:66:e0:5f:fe:50:a5:21:0f:c8:7f:
                    81:ef:59:ef:24:18:27:b9:40:25:c7:cc:82:e5:ca:
                    6d:5b:ec:5c:f2:23:cd:c1:61:97:d8:c8:d9:e7:50:
                    af:ea:a9:07:41:f3:a7:a1:db:fb:be:0b:8f:b6:25:
                    76:96:5a:19:d0:ea:7e:7e:19:4c:5e:7c:f9:7d:08:
                    e4:82:d1:64:a6:88:c9:22:a0:34:fc:7a:a7:53:9c:
                    34:88:52:d4:d8:f8:bf:ee:0a:ad:5e:42:cf:99:59:
                    cd:69:47:48:88:d5:a0:ec:a8:a5:ba:50:1d:81:98:
                    bb:36:ac:1f:74:7b:29:50:9a:23:32:40:c7:68:ed:
                    87:d1:ea:08:08:7a:70:8d:86:22:6e:21:c2:7e:5a:
                    a9:bb:35:86:cf:73:76:63:04:98:6e:82:8b:57:ed:
                    bc:7a:5e:55:f8:58:0f:a1:ef:56:2a:56:ab:76:27:
                    f5:de:37:d4:23:1a:04:c5:4e:82:3c:36:05:cd:63:
                    60:5b:49:43:48:d9:31:e6:c5:ac:7e:e3:17:da:f2:
                    ca:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C5:AE:F0:47:5D:B3:C6:57:29:51:65:65:19:F4:E8:E7:56:6C:E6
            X509v3 Authority Key Identifier:
                keyid:79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/JcWu8Edds8ZXKVFlZRn06OdWbOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.239.72.0/24
                IPv6:
                  2a0e:4280::/29

    Signature Algorithm: sha256WithRSAEncryption
         a0:e9:1a:79:d4:3c:cb:05:2f:74:24:30:2e:0d:39:b4:0f:b0:
         7d:a1:c4:4e:56:5c:1c:7e:30:6f:12:77:55:d1:69:82:e7:bb:
         55:c7:71:02:84:0e:f5:93:c1:c7:81:ee:4a:45:4a:f8:44:4a:
         83:7b:23:ef:9e:ef:b6:55:17:c0:4e:f0:7a:40:5d:99:c8:8b:
         0f:f5:c4:db:a7:13:1d:e3:f3:9a:7a:e4:96:8d:ba:30:3e:90:
         d6:ba:30:be:4d:e7:f5:df:8d:52:55:e8:a0:4b:00:6c:a0:39:
         fa:57:1b:91:5c:52:00:0c:86:28:27:38:49:33:92:96:97:fb:
         e9:1e:c3:1c:f2:51:a8:d0:c9:7b:7c:d9:15:c7:48:b3:7a:7d:
         2e:1f:25:14:9b:7a:57:17:b1:0c:8b:63:08:bb:11:c0:c8:74:
         bb:be:3e:c4:b0:db:f4:6d:ea:5e:ab:ee:88:b8:4c:47:59:0f:
         d8:9d:e1:59:be:03:a8:c0:c6:f6:2d:d2:0f:29:e8:9e:3b:62:
         12:7c:81:c0:86:3d:e4:e5:60:b5:d5:51:cc:78:9f:2a:48:57:
         00:a7:c2:d7:70:ea:da:b4:db:d3:86:b8:db:93:6f:ff:e5:77:
         c9:da:96:7f:82:cf:b2:f2:36:39:7a:e4:fd:db:2c:54:60:5b:
         c5:fd:99:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAjCU4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OThkNzAxM2E3ZmRiYjU2NjNmZDM4NGE0ZmVkMTIzMDMxNDVlM2NlMB4XDTIyMDEw
MTEzNTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVjNWFlZjA0NzVk
YjNjNjU3Mjk1MTY1NjUxOWY0ZThlNzU2NmNlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfrn2RvfoxES1x6d7GPKID70iffm/W6fhK3abfksme36K25
D1MFH5MH3Z5OmVuX6zBm4F/+UKUhD8h/ge9Z7yQYJ7lAJcfMguXKbVvsXPIjzcFh
l9jI2edQr+qpB0Hzp6Hb+74Lj7YldpZaGdDqfn4ZTF58+X0I5ILRZKaIySKgNPx6
p1OcNIhS1Nj4v+4KrV5Cz5lZzWlHSIjVoOyopbpQHYGYuzasH3R7KVCaIzJAx2jt
h9HqCAh6cI2GIm4hwn5aqbs1hs9zdmMEmG6Ci1ftvHpeVfhYD6HvVipWq3Yn9d43
1CMaBMVOgjw2Bc1jYFtJQ0jZMebFrH7jF9ryyvMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQlxa7wR12zxlcpUWVlGfTo51Zs5jAfBgNVHSMEGDAWgBR5jXATp/27VmP9
OEpP7RIwMUXjzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VZMXdFNmY5dTFaal9UaEtULTBTTURGRjQ4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvNjdhNGNlLWI4YmEtNDU2Mi05YTM3LTI0ZDgxOGJhN2YyOS8x
L0pjV3U4RWRkczhaWEtWRmxaUm4wNk9kV2JPWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
NjdhNGNlLWI4YmEtNDU2Mi05YTM3LTI0ZDgxOGJhN2YyOS8xL2VZMXdFNmY5dTFa
al9UaEtULTBTTURGRjQ4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvvSDANBAIAAjAHAwUDKg5CgDAN
BgkqhkiG9w0BAQsFAAOCAQEAoOkaedQ8ywUvdCQwLg05tA+wfaHETlZcHH4wbxJ3
VdFpgue7VcdxAoQO9ZPBx4HuSkVK+ERKg3sj757vtlUXwE7wekBdmciLD/XE26cT
HePzmnrklo26MD6Q1rowvk3n9d+NUlXooEsAbKA5+lcbkVxSAAyGKCc4STOSlpf7
6R7DHPJRqNDJe3zZFcdIs3p9Lh8lFJt6VxexDItjCLsRwMh0u74+xLDb9G3qXqvu
iLhMR1kP2J3hWb4DqMDG9i3SDynonjtiEnyBwIY95OVgtdVRzHifKkhXAKfC13Dq
2rTb04a425Nv/+V3ydqWf4LPsvI2OXrk/dssVGBbxf2ZCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org