Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/jjhVBtRqBJRX8QXJ6Gdi4Gcs4SA.roa
File:                     jjhVBtRqBJRX8QXJ6Gdi4Gcs4SA.roa (raw, json)
Hash identifier:          rDn2QZVgpC8ccMEKU03Qtvfu8HDXf5uiTpH5zgsL9Uc=
Subject key identifier:   8E:38:55:06:D4:6A:04:94:57:F1:05:C9:E8:67:62:E0:67:2C:E1:20
Certificate issuer:       /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial:       1B16D6CA
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/jjhVBtRqBJRX8QXJ6Gdi4Gcs4SA.roa
Signing time:             Tue 22 Mar 2022 10:52:07 +0000
ROA not before:           Tue 22 Mar 2022 10:52:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49158
IP address blocks:        212.9.96.0/19 maxlen: 20
                          2a02:2b90::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 454481610 (0x1b16d6ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
        Validity
            Not Before: Mar 22 10:52:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e385506d46a049457f105c9e86762e0672ce120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:01:4e:08:04:e0:94:d2:4e:89:fe:bf:f3:61:
                    2b:fc:fd:6e:e6:0d:28:47:20:1c:86:21:97:be:d1:
                    56:e6:23:60:78:8e:88:18:c4:67:a6:63:ae:60:4d:
                    55:c3:e0:d4:14:ca:73:d2:b0:dd:11:1f:be:b4:28:
                    09:66:cf:f3:b1:cd:e9:2a:02:fb:64:90:6f:b2:82:
                    0b:a9:ad:e8:94:19:66:04:3a:c6:de:02:ae:ec:1f:
                    63:90:c2:28:2a:e8:84:2d:ee:6e:77:41:3b:6d:db:
                    0a:0c:8c:8c:e6:b7:02:7a:13:85:c5:e4:8f:fa:ff:
                    96:3a:b4:6c:7d:f6:47:14:aa:0d:3b:08:28:ac:5b:
                    65:a2:89:03:c9:a7:0c:f6:fd:10:82:e1:70:16:3f:
                    1c:0a:42:5f:a2:8e:68:0f:9d:25:43:c2:08:fa:4b:
                    23:c8:42:40:50:86:6e:14:75:6a:01:0f:fc:18:eb:
                    81:1d:aa:9d:20:92:66:40:1e:dc:17:4a:15:59:21:
                    a0:93:a1:36:1e:63:d8:19:f1:40:20:4b:c0:21:83:
                    06:ae:53:3c:72:72:25:34:1a:09:f5:e9:28:06:20:
                    e3:09:00:e5:62:7e:ba:2b:70:48:a9:f8:4b:ae:d8:
                    d0:98:d6:fc:4f:e0:a3:83:7f:ee:76:35:b9:d1:0a:
                    eb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:38:55:06:D4:6A:04:94:57:F1:05:C9:E8:67:62:E0:67:2C:E1:20
            X509v3 Authority Key Identifier:
                keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/jjhVBtRqBJRX8QXJ6Gdi4Gcs4SA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.9.96.0/19
                IPv6:
                  2a02:2b90::/29

    Signature Algorithm: sha256WithRSAEncryption
         85:02:24:83:0c:b2:fd:20:ac:76:9b:68:1a:39:ee:8e:a0:59:
         be:fb:52:4f:c5:b3:6c:4c:84:6b:4d:51:5d:8d:ae:fb:b6:67:
         43:e2:6e:b3:8f:b2:87:30:04:2b:24:b2:c8:b9:d6:54:6d:e4:
         30:e6:dd:e6:4f:8b:2b:1a:3d:4d:6d:75:82:d5:1c:4a:9e:7f:
         45:5d:ec:2f:52:e0:3b:18:af:4b:7b:f0:df:9f:83:6b:24:f5:
         98:15:30:ce:87:b2:97:1f:07:7f:3f:0a:44:1a:0f:97:e3:5b:
         3a:52:db:89:94:03:09:30:be:fb:8a:e3:a9:5d:34:59:59:0f:
         f9:d9:3c:03:b7:d2:46:d3:74:ad:fc:e6:19:49:ea:08:30:ee:
         d2:b6:44:b8:54:c9:09:28:b4:57:5a:5a:cb:75:de:94:34:52:
         b4:b6:44:dc:25:6c:cb:de:e2:d4:46:94:15:11:af:3d:68:3c:
         fd:32:3e:93:56:68:42:4c:f4:25:8e:fa:d2:e7:14:75:9f:c4:
         87:06:ce:a6:01:47:30:bd:12:4d:ca:be:d6:cf:46:b0:d4:19:
         3a:02:58:59:4d:f8:43:38:6e:bd:f6:63:a3:4c:22:2c:42:86:
         4d:74:12:7a:8c:21:13:a0:48:bc:04:e1:ef:51:63:d2:6b:96:
         96:0a:e1:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGxbWyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzNjMzlkMTg5OWU2OTliZjUxNzc0MThlZTM4MTQ4OWVkZmY0MzgwMB4XDTIyMDMy
MjEwNTIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGUzODU1MDZkNDZh
MDQ5NDU3ZjEwNWM5ZTg2NzYyZTA2NzJjZTEyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEBTggE4JTSTon+v/NhK/z9buYNKEcgHIYhl77RVuYjYHiO
iBjEZ6ZjrmBNVcPg1BTKc9Kw3REfvrQoCWbP87HN6SoC+2SQb7KCC6mt6JQZZgQ6
xt4CruwfY5DCKCrohC3ubndBO23bCgyMjOa3AnoThcXkj/r/ljq0bH32RxSqDTsI
KKxbZaKJA8mnDPb9EILhcBY/HApCX6KOaA+dJUPCCPpLI8hCQFCGbhR1agEP/Bjr
gR2qnSCSZkAe3BdKFVkhoJOhNh5j2BnxQCBLwCGDBq5TPHJyJTQaCfXpKAYg4wkA
5WJ+uitwSKn4S67Y0JjW/E/go4N/7nY1udEK63kCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSOOFUG1GoElFfxBcnoZ2LgZyzhIDAfBgNVHSMEGDAWgBR8PDnRiZ5pm/UX
dBjuOBSJ7f9DgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZEdzUwWW1lYVp2MUYzUVk3amdVaWUzX1E0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8x
L2pqaFZCdFJxQkpSWDhRWEo2R2RpNEdjczRTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzgwMGM5LTUxYjUtNDU4OS05MjYwLTA2M2ZjZGQzYTA1Ny8xL2ZEdzUwWW1lYVp2
MUYzUVk3amdVaWUzX1E0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBdQJYDANBAIAAjAHAwUDKgIrkDAN
BgkqhkiG9w0BAQsFAAOCAQEAhQIkgwyy/SCsdptoGjnujqBZvvtST8WzbEyEa01R
XY2u+7ZnQ+Jus4+yhzAEKySyyLnWVG3kMObd5k+LKxo9TW11gtUcSp5/RV3sL1Lg
OxivS3vw35+DayT1mBUwzoeylx8Hfz8KRBoPl+NbOlLbiZQDCTC++4rjqV00WVkP
+dk8A7fSRtN0rfzmGUnqCDDu0rZEuFTJCSi0V1pay3XelDRStLZE3CVsy97i1EaU
FRGvPWg8/TI+k1ZoQkz0JY760ucUdZ/EhwbOpgFHML0STcq+1s9GsNQZOgJYWU34
QzhuvfZjo0wiLEKGTXQSeowhE6BIvATh71Fj0muWlgrhhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org