Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jzg-PDioGM6TnUwy-brVsqz9P1A.roa
File:                     jzg-PDioGM6TnUwy-brVsqz9P1A.roa (raw, json)
Hash identifier:          ZcvNt9qfhtOWUr6wPqrasq8Vwbr1oiw3Tinf6pL5b4I=
Subject key identifier:   8F:38:3E:3C:38:A8:18:CE:93:9D:4C:32:F9:BA:D5:B2:AC:FD:3F:50
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       172BAA63
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jzg-PDioGM6TnUwy-brVsqz9P1A.roa
Signing time:             Thu 10 Mar 2022 20:37:10 +0000
ROA not before:           Thu 10 Mar 2022 20:37:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        185.104.12.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 388737635 (0x172baa63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Mar 10 20:37:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f383e3c38a818ce939d4c32f9bad5b2acfd3f50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9a:c4:6d:b2:1c:aa:b5:42:2c:15:87:b2:8a:
                    e7:03:f2:76:11:d0:d4:69:28:9e:7a:12:a1:4d:2c:
                    28:53:49:22:7d:a3:7f:15:ad:c9:14:fa:97:a7:11:
                    a8:5f:55:9b:05:83:b5:60:6a:6b:ed:ad:9b:2f:81:
                    7b:fc:7b:8b:24:11:60:d2:ba:7e:c7:89:53:3a:9b:
                    76:3d:49:7b:8d:c5:bd:e6:b0:b5:e7:72:80:65:05:
                    f7:86:47:1a:e8:3e:71:d9:97:33:7c:41:c8:c5:54:
                    6d:58:20:62:d5:96:ae:e1:87:21:77:3b:74:66:0b:
                    c9:f6:3b:22:f7:27:dc:06:16:5e:81:92:29:0b:25:
                    96:84:9e:75:05:16:5a:95:f2:ab:80:20:64:a7:58:
                    6e:45:5a:27:a7:03:ba:37:bf:21:42:d7:da:2b:49:
                    d3:96:c2:5f:90:3f:d3:c5:01:05:1a:d9:a4:79:8b:
                    6c:b6:b5:35:34:be:4f:41:30:16:8f:28:8b:96:8f:
                    89:7c:f1:d0:3d:65:8c:12:6a:a6:08:65:e6:fb:54:
                    33:87:a9:74:e9:d6:20:9a:b9:22:6e:3c:49:60:47:
                    98:7f:4b:ab:20:0d:34:1b:7f:c2:fe:6f:0b:02:65:
                    f4:33:11:cd:d5:b7:74:4d:dc:dc:28:41:33:8d:f4:
                    36:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:38:3E:3C:38:A8:18:CE:93:9D:4C:32:F9:BA:D5:B2:AC:FD:3F:50
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/jzg-PDioGM6TnUwy-brVsqz9P1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:f9:eb:d1:18:4e:8f:0f:1b:09:52:9e:25:5a:c2:35:8a:d6:
         7e:17:d7:37:1c:3a:96:4e:6c:86:0a:05:d8:14:6f:7b:5d:52:
         85:3b:0d:d3:df:df:9c:62:71:be:1e:7e:65:1a:4d:77:dd:a2:
         d6:2f:32:fa:18:dc:6e:54:76:7e:bb:1d:20:cd:65:35:76:13:
         a0:6d:2f:6c:f0:fc:78:01:22:18:9d:3d:ce:13:45:83:6f:0c:
         02:bc:3c:ed:45:b2:19:27:12:88:a0:a2:c6:f9:cb:d5:bc:d6:
         14:63:04:cc:06:d3:0f:f2:47:99:2e:ad:82:dd:14:51:ae:6b:
         21:9d:5c:f2:96:9b:bf:a2:e7:03:11:97:97:20:6f:75:6e:9c:
         b8:ef:a6:2e:ce:91:cf:af:dc:a3:24:36:75:3e:31:c6:6e:65:
         de:ac:62:97:32:e3:a1:16:ea:69:a8:f2:00:50:ab:dc:42:06:
         46:99:0e:ef:c4:03:ac:21:88:0e:dd:09:84:78:59:e9:ab:fe:
         ba:5e:31:cb:d0:8e:b3:07:eb:b6:a7:42:15:e8:2a:7b:75:dc:
         0c:65:2f:4d:64:e3:4a:73:84:ac:be:5a:9a:82:c3:f4:0e:b1:
         4d:7f:69:dc:44:4d:52:68:5e:cd:f6:cc:77:fb:3e:92:6c:27:
         ea:a0:ac:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFyuqYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MB4XDTIyMDMx
MDIwMzcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYzODNlM2MzOGE4
MThjZTkzOWQ0YzMyZjliYWQ1YjJhY2ZkM2Y1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyaxG2yHKq1QiwVh7KK5wPydhHQ1GkonnoSoU0sKFNJIn2j
fxWtyRT6l6cRqF9VmwWDtWBqa+2tmy+Be/x7iyQRYNK6fseJUzqbdj1Je43Fveaw
tedygGUF94ZHGug+cdmXM3xByMVUbVggYtWWruGHIXc7dGYLyfY7Ivcn3AYWXoGS
KQslloSedQUWWpXyq4AgZKdYbkVaJ6cDuje/IULX2itJ05bCX5A/08UBBRrZpHmL
bLa1NTS+T0EwFo8oi5aPiXzx0D1ljBJqpghl5vtUM4epdOnWIJq5Im48SWBHmH9L
qyANNBt/wv5vCwJl9DMRzdW3dE3c3ChBM430Nk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPOD48OKgYzpOdTDL5utWyrP0/UDAfBgNVHSMEGDAWgBQFUWBbZ17OTg/O
cXWuMak/qCcrpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8x
L2p6Zy1QRGlvR002VG5Vd3ktYnJWc3F6OVAxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0
UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArloDDANBgkqhkiG9w0BAQsFAAOC
AQEAgfnr0RhOjw8bCVKeJVrCNYrWfhfXNxw6lk5shgoF2BRve11ShTsN09/fnGJx
vh5+ZRpNd92i1i8y+hjcblR2frsdIM1lNXYToG0vbPD8eAEiGJ09zhNFg28MArw8
7UWyGScSiKCixvnL1bzWFGMEzAbTD/JHmS6tgt0UUa5rIZ1c8pabv6LnAxGXlyBv
dW6cuO+mLs6Rz6/coyQ2dT4xxm5l3qxilzLjoRbqaajyAFCr3EIGRpkO78QDrCGI
Dt0JhHhZ6av+ul4xy9COswfrtqdCFegqe3XcDGUvTWTjSnOErL5amoLD9A6xTX9p
3ERNUmhezfbMd/s+kmwn6qCsyA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org