Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa
File:                     jwsk4aAf4YF4mIppbYnjmldnXLg.roa (raw, json)
Hash identifier:          iNuFpKg7p3G6oAQYaRxc6GqfaKJTn6T3vAzpUyhEwMg=
Subject key identifier:   8F:0B:24:E1:A0:1F:E1:81:78:98:8A:69:6D:89:E3:9A:57:67:5C:B8
Certificate issuer:       /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial:       06B59109
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa
Signing time:             Sat 01 Jan 2022 01:53:56 +0000
ROA not before:           Sat 01 Jan 2022 01:53:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209984
IP address blocks:        194.15.219.0/24 maxlen: 24
                          194.26.1.0/24 maxlen: 24
                          194.15.232.0/24 maxlen: 24
                          89.43.72.0/24 maxlen: 24
                          194.15.236.0/24 maxlen: 24
                          89.44.145.0/24 maxlen: 24
                          89.43.198.0/24 maxlen: 24
                          89.40.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112562441 (0x6b59109)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
        Validity
            Not Before: Jan  1 01:53:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f0b24e1a01fe18178988a696d89e39a57675cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:29:89:ab:d5:c6:83:7c:a2:ca:71:5a:ae:31:
                    57:f6:43:68:7e:82:13:cd:bd:74:6f:35:77:c6:26:
                    2a:08:b2:6d:0e:ec:5a:23:88:1e:62:cc:d7:f2:d6:
                    00:06:15:8d:1b:8d:09:5b:4f:b3:c6:ba:c7:78:90:
                    3a:09:a2:24:50:77:8b:e9:44:b6:41:61:c3:e6:03:
                    bd:e4:77:b0:67:25:83:9b:c6:ec:c5:79:be:f7:14:
                    2c:5d:49:ff:49:b7:5a:76:2e:e5:e2:c1:22:28:35:
                    e4:52:04:45:33:67:a2:ad:8a:99:32:e1:a5:67:9f:
                    46:3b:05:a6:ea:f1:a3:6d:a9:f9:d0:30:a6:4e:6e:
                    02:36:b1:f3:d2:59:9f:29:35:e0:b6:99:ec:7e:20:
                    2c:9e:81:c9:a0:db:9a:b6:6a:f6:77:83:66:d7:44:
                    82:f9:7d:ec:b6:98:8a:01:76:9b:c5:e5:77:bb:66:
                    94:78:23:22:7b:1e:3d:77:04:99:bb:da:11:21:41:
                    15:1b:35:95:5d:54:6a:39:e3:a8:e7:fb:55:d9:de:
                    91:37:96:11:6b:e4:c1:3a:0d:c2:47:7b:d7:8c:93:
                    52:cf:e4:e6:db:e5:39:61:0d:57:6f:c2:53:e0:18:
                    4b:bf:4e:f0:23:f5:8e:01:80:23:d6:88:fd:a6:93:
                    80:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:0B:24:E1:A0:1F:E1:81:78:98:8A:69:6D:89:E3:9A:57:67:5C:B8
            X509v3 Authority Key Identifier:
                keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.40.238.0/24
                  89.43.72.0/24
                  89.43.198.0/24
                  89.44.145.0/24
                  194.15.219.0/24
                  194.15.232.0/24
                  194.15.236.0/24
                  194.26.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:e8:8c:8f:42:cf:31:f8:7a:ff:cd:7e:51:7e:20:ec:8d:82:
         3a:0a:0c:9d:e5:0f:d4:3a:8a:94:43:c8:ab:7b:44:90:91:19:
         de:de:64:1c:19:b8:d5:eb:18:db:06:11:fc:26:58:5e:c6:a1:
         a1:99:73:07:b9:9d:56:2b:8a:55:d2:a2:71:46:8c:d1:2b:ab:
         11:3e:7b:4a:3e:7a:2c:f5:c8:11:89:4a:89:54:2d:d0:b7:78:
         ff:a0:0e:eb:4a:e9:1f:cd:fe:48:75:79:74:53:e1:66:bc:f1:
         af:5f:30:27:6f:d3:ee:07:ff:0b:12:eb:f9:b9:24:7e:59:fa:
         39:78:4f:64:e9:9c:bd:60:1d:79:70:06:6d:fb:c8:58:eb:dc:
         2b:8a:e7:4d:64:e8:61:93:e9:70:e2:3a:2c:29:c2:46:88:6c:
         da:16:c4:09:6b:a9:bb:9e:7b:e5:42:47:b8:5d:af:46:17:d0:
         fe:20:e2:8b:22:8d:5c:ac:62:a3:fb:ae:cc:cc:1c:0d:e8:e1:
         2b:96:9a:7b:db:5e:c1:df:09:ee:0e:50:f2:dd:b1:41:c5:6a:
         3e:c5:af:35:2a:77:d1:55:57:01:87:d4:b1:b7:6f:72:7c:a3:
         ac:20:ed:44:66:4d:0b:5b:34:9b:6d:95:4e:e6:da:6d:85:53:
         dd:c4:91:c4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBrWRCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTliODZmOTllMmQ2YmRlMTRmYTg3OTlkZTcxY2U0MWI5ODAyMGI5MB4XDTIyMDEw
MTAxNTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYwYjI0ZTFhMDFm
ZTE4MTc4OTg4YTY5NmQ4OWUzOWE1NzY3NWNiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEpiavVxoN8ospxWq4xV/ZDaH6CE829dG81d8YmKgiybQ7s
WiOIHmLM1/LWAAYVjRuNCVtPs8a6x3iQOgmiJFB3i+lEtkFhw+YDveR3sGclg5vG
7MV5vvcULF1J/0m3WnYu5eLBIig15FIERTNnoq2KmTLhpWefRjsFpurxo22p+dAw
pk5uAjax89JZnyk14LaZ7H4gLJ6ByaDbmrZq9neDZtdEgvl97LaYigF2m8Xld7tm
lHgjInsePXcEmbvaESFBFRs1lV1UajnjqOf7VdnekTeWEWvkwToNwkd714yTUs/k
5tvlOWENV2/CU+AYS79O8CP1jgGAI9aI/aaTgH0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSPCyThoB/hgXiYimltieOaV2dcuDAfBgNVHSMEGDAWgBQFm4b5ni1r3hT6
h5necc5BuYAguTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JadUctWjR0YTk0VS1vZVozbkhPUWJtQUlMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMzU4NDE2LTI3NTItNDE1OS1hZGQ2LWNjM2ZiMzUxZTMzNi8x
L2p3c2s0YUFmNFlGNG1JcHBiWW5qbWxkblhMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MzU4NDE2LTI3NTItNDE1OS1hZGQ2LWNjM2ZiMzUxZTMzNi8xL0JadUctWjR0YTk0
VS1vZVozbkhPUWJtQUlMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFko7gMEAFkrSAMEAFkrxgMEAFks
kQMEAMIP2wMEAMIP6AMEAMIP7AMEAMIaATANBgkqhkiG9w0BAQsFAAOCAQEAGeiM
j0LPMfh6/81+UX4g7I2COgoMneUP1DqKlEPIq3tEkJEZ3t5kHBm41esY2wYR/CZY
XsahoZlzB7mdViuKVdKicUaM0SurET57Sj56LPXIEYlKiVQt0Ld4/6AO60rpH83+
SHV5dFPhZrzxr18wJ2/T7gf/CxLr+bkkfln6OXhPZOmcvWAdeXAGbfvIWOvcK4rn
TWToYZPpcOI6LCnCRohs2hbECWupu5575UJHuF2vRhfQ/iDiiyKNXKxio/uuzMwc
DejhK5aae9tewd8J7g5Q8t2xQcVqPsWvNSp30VVXAYfUsbdvcnyjrCDtRGZNC1s0
m22VTubabYVT3cSRxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:39 2024 by rpki-client on console-ams.rpki-client.org