Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/JTxl97am3MU-KPzxUtIo4bgoNF4.roa
File:                     JTxl97am3MU-KPzxUtIo4bgoNF4.roa (raw, json)
Hash identifier:          ONyOoYA1N6C8+gX6wL5OSauACuinPo4ku6B6uDuRtwo=
Subject key identifier:   25:3C:65:F7:B6:A6:DC:C5:3E:28:FC:F1:52:D2:28:E1:B8:28:34:5E
Certificate issuer:       /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial:       1BB1E30A
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/JTxl97am3MU-KPzxUtIo4bgoNF4.roa
Signing time:             Fri 27 May 2022 08:01:13 +0000
ROA not before:           Fri 27 May 2022 08:01:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34984
IP address blocks:        185.18.120.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 464642826 (0x1bb1e30a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
        Validity
            Not Before: May 27 08:01:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=253c65f7b6a6dcc53e28fcf152d228e1b828345e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8a:2b:03:fa:ce:a3:49:06:ce:68:2b:9b:fd:
                    e2:89:01:6b:97:fb:45:3a:d7:99:6b:3c:07:13:72:
                    83:d5:a1:84:d5:50:b6:cc:73:79:1b:d4:da:a7:ab:
                    34:42:59:c3:57:8a:e2:91:fa:58:7c:78:fd:68:1a:
                    ca:fe:d7:06:59:9d:6f:c1:8f:10:51:f0:52:54:cd:
                    67:2d:c8:be:7d:19:da:1c:a8:4a:55:13:21:44:58:
                    af:f9:bb:8a:74:c5:5e:9e:8e:68:11:00:c0:d7:85:
                    7a:e3:53:83:62:92:0b:15:06:9c:fc:32:d7:b5:01:
                    be:0b:a3:b1:51:db:5e:0a:9a:69:ac:d2:96:63:d0:
                    f7:a2:9c:96:d9:55:f8:d3:f9:76:05:55:f6:e8:40:
                    52:f7:8f:8c:4c:c3:15:da:b9:4c:b6:d2:d4:56:b4:
                    9d:6c:47:36:af:ac:20:ba:16:6a:f7:27:45:ea:6c:
                    60:fc:9c:17:2a:2f:38:c8:1a:bf:e6:31:a4:ac:bf:
                    e6:9c:2d:2e:ae:ed:7e:ac:0d:0b:52:58:0f:aa:58:
                    63:36:54:0d:08:aa:6e:d8:17:28:87:d7:78:70:81:
                    c8:de:09:a0:79:bd:43:28:9c:d9:6b:f9:02:70:df:
                    be:6e:6d:ef:0c:a4:ff:75:4e:17:09:7d:05:5c:c9:
                    87:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:3C:65:F7:B6:A6:DC:C5:3E:28:FC:F1:52:D2:28:E1:B8:28:34:5E
            X509v3 Authority Key Identifier:
                keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/JTxl97am3MU-KPzxUtIo4bgoNF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:97:27:24:0b:b0:30:26:2f:bd:98:90:b6:e0:66:c5:4a:eb:
         24:92:77:0e:57:88:ff:67:41:1c:cc:bd:77:17:cb:1c:0c:6d:
         dc:b8:3d:27:20:9e:1d:6f:53:e3:1b:33:62:b5:48:24:4a:ea:
         3b:6f:00:ec:21:53:67:e6:7b:fe:07:37:b8:17:e3:ad:92:30:
         84:f5:b5:55:61:29:a2:aa:0b:93:8d:14:74:65:85:bb:f0:04:
         b4:ff:11:68:50:c9:9e:f7:88:5d:f5:8e:33:8f:86:1c:b4:55:
         5b:0a:a1:47:53:e1:28:a7:52:e2:74:b1:6d:a1:0a:36:c3:66:
         4c:df:ea:6d:9f:06:61:6d:3a:02:90:9c:a5:a5:db:bc:87:0c:
         57:7b:bc:ff:cf:25:6b:c4:60:6e:6f:61:25:24:3f:cf:39:2c:
         6e:5b:fb:24:f4:da:97:34:96:29:07:4a:43:61:3e:92:e2:99:
         4a:36:12:48:48:60:46:ce:56:4f:6c:20:5e:ee:46:eb:c6:fc:
         85:fe:6e:8e:e0:56:5e:b7:10:49:e7:91:fa:ab:9d:5b:1e:c7:
         12:03:68:d1:19:01:41:1e:6f:54:34:e9:1a:f5:1d:e5:e7:2d:
         d9:c9:84:87:6b:a0:84:fc:6a:9e:0d:0e:95:b1:18:64:8b:e0:
         9d:ab:91:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG7HjCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNjMzlkMTg5OWU2OTliZjUxNzc0MThlZTM4MTQ4OWVkZmY0MzgwMB4XDTIyMDUy
NzA4MDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUzYzY1ZjdiNmE2
ZGNjNTNlMjhmY2YxNTJkMjI4ZTFiODI4MzQ1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2KKwP6zqNJBs5oK5v94okBa5f7RTrXmWs8BxNyg9WhhNVQ
tsxzeRvU2qerNEJZw1eK4pH6WHx4/Wgayv7XBlmdb8GPEFHwUlTNZy3Ivn0Z2hyo
SlUTIURYr/m7inTFXp6OaBEAwNeFeuNTg2KSCxUGnPwy17UBvgujsVHbXgqaaazS
lmPQ96KcltlV+NP5dgVV9uhAUvePjEzDFdq5TLbS1Fa0nWxHNq+sILoWavcnReps
YPycFyovOMgav+YxpKy/5pwtLq7tfqwNC1JYD6pYYzZUDQiqbtgXKIfXeHCByN4J
oHm9Qyic2Wv5AnDfvm5t7wyk/3VOFwl9BVzJh/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlPGX3tqbcxT4o/PFS0ijhuCg0XjAfBgNVHSMEGDAWgBR8PDnRiZ5pm/UX
dBjuOBSJ7f9DgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdzUwWW1lYVp2MUYzUVk3amdVaWUzX1E0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8x
L0pUeGw5N2FtM01VLUtQenhVdElvNGJnb05GNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8xL2ZEdzUwWW1lYVp2
MUYzUVk3amdVaWUzX1E0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkSeDANBgkqhkiG9w0BAQsFAAOC
AQEAM5cnJAuwMCYvvZiQtuBmxUrrJJJ3DleI/2dBHMy9dxfLHAxt3Lg9JyCeHW9T
4xszYrVIJErqO28A7CFTZ+Z7/gc3uBfjrZIwhPW1VWEpoqoLk40UdGWFu/AEtP8R
aFDJnveIXfWOM4+GHLRVWwqhR1PhKKdS4nSxbaEKNsNmTN/qbZ8GYW06ApCcpaXb
vIcMV3u8/88la8Rgbm9hJSQ/zzksblv7JPTalzSWKQdKQ2E+kuKZSjYSSEhgRs5W
T2wgXu5G68b8hf5ujuBWXrcQSeeR+qudWx7HEgNo0RkBQR5vVDTpGvUd5ect2cmE
h2ughPxqng0OlbEYZIvgnauRBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org