Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/JV47iSxahPfKwySs58cw3_IPvDU.roa
File:                     JV47iSxahPfKwySs58cw3_IPvDU.roa (raw, json)
Hash identifier:          Dq1mYTRix1uLrSB3eyA2xWc0uHnLPtH9pi4swpIQgTs=
Subject key identifier:   25:5E:3B:89:2C:5A:84:F7:CA:C3:24:AC:E7:C7:30:DF:F2:0F:BC:35
Certificate issuer:       /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial:       0184BCEB0C573BF3207CEA9929DE4B90C6B2
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/JV47iSxahPfKwySs58cw3_IPvDU.roa
Signing time:             Mon 28 Nov 2022 06:27:11 +0000
ROA not before:           Mon 28 Nov 2022 06:27:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29405
IP address blocks:        185.176.72.0/22 maxlen: 22
                          46.229.230.0/24 maxlen: 24
                          81.89.48.0/20 maxlen: 20
                          86.110.224.0/19 maxlen: 19
                          176.109.56.0/21 maxlen: 21
                          86.110.229.0/24 maxlen: 24
                          92.240.230.0/24 maxlen: 24
                          92.240.229.0/24 maxlen: 24
                          92.240.228.0/24 maxlen: 24
                          92.240.231.0/24 maxlen: 24
                          92.240.234.0/24 maxlen: 24
                          92.240.237.0/24 maxlen: 24
                          92.240.236.0/24 maxlen: 24
                          92.240.235.0/24 maxlen: 24
                          92.240.241.0/24 maxlen: 24
                          92.240.244.0/24 maxlen: 24
                          92.240.242.0/24 maxlen: 24
                          92.240.245.0/24 maxlen: 24
                          92.240.253.0/24 maxlen: 24
                          92.240.249.0/24 maxlen: 24
                          92.240.254.0/24 maxlen: 24
                          217.73.16.0/24 maxlen: 24
                          217.73.16.0/20 maxlen: 20
                          93.184.64.0/20 maxlen: 20
                          46.229.224.0/20 maxlen: 20
                          109.74.144.0/20 maxlen: 20
                          2a01:390::/32 maxlen: 32
                          2a00:10d8::/32 maxlen: 32
                          2a00:10d8:10::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bc:eb:0c:57:3b:f3:20:7c:ea:99:29:de:4b:90:c6:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
        Validity
            Not Before: Nov 28 06:27:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=255e3b892c5a84f7cac324ace7c730dff20fbc35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:78:b9:30:47:a2:43:b8:3a:10:63:d8:28:51:
                    31:63:fb:75:c1:1b:35:8b:98:38:30:2b:c5:52:ed:
                    ae:12:28:07:90:42:bb:19:36:8d:cf:67:1d:15:89:
                    e5:14:46:39:4d:85:d7:7c:0f:9c:99:c6:6b:30:d9:
                    cf:aa:ea:2f:ad:18:39:ad:31:00:80:02:a7:d4:d8:
                    f0:c5:07:72:78:39:e5:b3:88:d2:ed:e5:ab:47:81:
                    13:88:ad:65:c4:e5:59:07:d7:04:e0:68:c4:33:b4:
                    20:66:71:89:69:f0:d4:cf:66:6d:a8:08:76:31:d7:
                    f3:e7:46:23:73:81:f8:9a:30:01:d5:41:d9:8b:c9:
                    70:85:18:4c:99:c8:23:98:37:02:2b:b1:8a:f6:fb:
                    b2:8f:91:77:e6:0a:06:7a:f0:18:08:68:52:30:fc:
                    0a:04:a7:1b:98:a6:fa:80:33:5b:d6:87:2c:b2:33:
                    9c:60:39:da:50:8f:79:f3:f8:55:af:a0:3b:6e:40:
                    77:aa:7e:cf:d3:d1:48:06:3e:ef:2b:1e:6c:0d:3c:
                    47:c3:aa:37:b7:00:a5:5a:2a:21:c8:2a:66:01:95:
                    6a:e6:0a:4e:e4:e1:bb:d2:1e:8e:37:22:0d:8a:68:
                    f0:95:af:69:9d:69:ee:f9:a3:7f:95:f5:70:c1:81:
                    5d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:5E:3B:89:2C:5A:84:F7:CA:C3:24:AC:E7:C7:30:DF:F2:0F:BC:35
            X509v3 Authority Key Identifier:
                keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/JV47iSxahPfKwySs58cw3_IPvDU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.224.0/20
                  81.89.48.0/20
                  86.110.224.0/19
                  92.240.228.0/22
                  92.240.234.0-92.240.237.255
                  92.240.241.0-92.240.242.255
                  92.240.244.0/23
                  92.240.249.0/24
                  92.240.253.0-92.240.254.255
                  93.184.64.0/20
                  109.74.144.0/20
                  176.109.56.0/21
                  185.176.72.0/22
                  217.73.16.0/20
                IPv6:
                  2a00:10d8::/32
                  2a01:390::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:99:32:c7:2b:9a:0c:9f:22:52:56:46:53:95:9b:f0:79:a0:
         5c:44:7e:c8:f6:76:fb:39:1d:8b:1b:2c:e2:fe:31:29:93:a8:
         c7:00:e6:5e:76:c2:15:03:5b:6b:a8:64:db:1a:11:46:34:32:
         e0:79:31:62:8e:06:f4:1a:e1:a5:63:6f:40:af:6e:19:00:a0:
         d6:e7:6c:2f:7e:e7:74:53:ac:44:52:31:78:58:82:e9:4e:4e:
         f6:56:81:da:e6:a2:28:ab:a2:ef:28:b0:7b:c4:84:44:8f:bb:
         94:86:45:1c:e9:07:b5:7c:d8:74:3c:da:c2:7c:26:83:e4:2d:
         50:cd:cb:6e:60:1c:b3:7e:44:28:ee:44:dc:ce:bd:74:ed:b3:
         17:af:09:32:3b:87:b0:24:76:51:11:67:ef:c5:f9:64:8f:20:
         26:38:12:dc:d2:28:1f:07:ef:a1:72:f3:f6:14:ab:c4:b4:ab:
         f3:a1:06:de:bb:0f:7f:71:73:c2:d6:8b:9f:97:58:76:c5:29:
         06:d0:ed:d4:ce:66:27:b4:94:57:3a:a0:39:b0:ea:14:d3:fa:
         7d:31:a4:73:22:7e:00:0a:e3:fc:0f:a2:50:5f:78:54:e5:39:
         48:e5:52:6c:e7:59:41:2a:19:07:8d:b7:cd:2b:d0:48:70:a6:
         4a:a0:86:8e
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYS86wxXO/MgfOqZKd5LkMayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjIxMTI4MDYyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVlM2I4OTJjNWE4NGY3Y2FjMzI0YWNlN2M3MzBkZmYyMGZiYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXi5MEeiQ7g6EGPYKFExY/t1wRs1
i5g4MCvFUu2uEigHkEK7GTaNz2cdFYnlFEY5TYXXfA+cmcZrMNnPquovrRg5rTEA
gAKn1NjwxQdyeDnls4jS7eWrR4ETiK1lxOVZB9cE4GjEM7QgZnGJafDUz2ZtqAh2
Mdfz50Yjc4H4mjAB1UHZi8lwhRhMmcgjmDcCK7GK9vuyj5F35goGevAYCGhSMPwK
BKcbmKb6gDNb1ocssjOcYDnaUI958/hVr6A7bkB3qn7P09FIBj7vKx5sDTxHw6o3
twClWiohyCpmAZVq5gpO5OG70h6ONyINimjwla9pnWnu+aN/lfVwwYFdbQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCVeO4ksWoT3ysMkrOfHMN/yD7w1MB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvSlY0N2lTeGFoUGZLd3lTczU4Y3czX0lQdkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
f5kyxyuaDJ8iUlZGU5Wb8HmgXER+yPZ2+zkdixss4v4xKZOoxwDmXnbCFQNba6hk
2xoRRjQy4HkxYo4G9BrhpWNvQK9uGQCg1udsL37ndFOsRFIxeFiC6U5O9laB2uai
KKui7yiwe8SERI+7lIZFHOkHtXzYdDzawnwmg+QtUM3LbmAcs35EKO5E3M69dO2z
F68JMjuHsCR2URFn78X5ZI8gJjgS3NIoHwfvoXLz9hSrxLSr86EG3rsPf3FzwtaL
n5dYdsUpBtDt1M5mJ7SUVzqgObDqFNP6fTGkcyJ+AArj/A+iUF94VOU5SOVSbOdZ
QSoZB423zSvQSHCmSqCGjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:30 2024 by rpki-client on console-ams.rpki-client.org