Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/jog4qvdzLRo6fvG0FodeWUPBCSo.roa
File:                     jog4qvdzLRo6fvG0FodeWUPBCSo.roa (raw, json)
Hash identifier:          VYEq1WdlxShGYPOLh+1HPU+OjZonNQ30FT/nRMjMLlk=
Subject key identifier:   8E:88:38:AA:F7:73:2D:1A:3A:7E:F1:B4:16:87:5E:59:43:C1:09:2A
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       0C82E6FE
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/jog4qvdzLRo6fvG0FodeWUPBCSo.roa
Signing time:             Sat 01 Jan 2022 10:57:18 +0000
ROA not before:           Sat 01 Jan 2022 10:57:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41480
IP address blocks:        89.20.64.0/19 maxlen: 19
                          89.20.64.0/20 maxlen: 20
                          212.124.64.0/22 maxlen: 22
                          89.20.80.0/20 maxlen: 20
                          2a02:2170::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209905406 (0xc82e6fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Jan  1 10:57:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e8838aaf7732d1a3a7ef1b416875e5943c1092a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:42:03:22:51:61:0f:8e:dc:86:a8:3b:91:34:
                    f8:8b:58:87:c7:ee:99:7c:44:46:ed:a6:79:ea:d5:
                    ac:e5:16:d7:dd:81:2b:81:81:b6:2e:13:1a:6a:79:
                    21:5f:b9:32:ea:7c:ab:53:f0:83:d6:8e:d4:bc:f3:
                    d8:ff:22:2a:fe:ba:df:3a:e9:cc:dd:a2:c4:84:a7:
                    43:59:04:62:73:89:44:03:1f:fb:70:ba:cb:10:54:
                    0f:cb:23:12:83:38:db:66:66:e1:62:9a:30:09:22:
                    94:4f:56:0e:73:88:7a:9e:cf:04:d2:c9:84:d0:bb:
                    09:ec:03:0f:78:d4:36:54:1e:99:94:ec:ad:2c:ba:
                    d7:a1:8a:86:ed:8c:0f:1e:b7:e4:88:4b:9e:e7:fc:
                    b3:e6:b6:8e:53:2e:a9:6f:4b:08:4b:f0:b8:6b:9f:
                    61:e2:30:78:dc:ff:4c:a9:30:79:d7:97:dd:fd:f4:
                    5d:07:45:e3:6a:11:f1:89:0e:68:c3:41:78:95:1c:
                    16:38:89:ec:85:af:e1:c2:c6:ed:97:94:0f:cb:91:
                    fb:92:04:7e:d8:ad:3f:fe:e1:af:c5:59:e6:97:ef:
                    50:11:26:06:97:c4:ad:74:c0:83:80:62:c9:02:a6:
                    af:8d:bd:c1:ec:b5:21:6b:86:f9:59:95:24:ce:da:
                    1f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:88:38:AA:F7:73:2D:1A:3A:7E:F1:B4:16:87:5E:59:43:C1:09:2A
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/jog4qvdzLRo6fvG0FodeWUPBCSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.20.64.0/19
                  212.124.64.0/22
                IPv6:
                  2a02:2170::/32

    Signature Algorithm: sha256WithRSAEncryption
         0f:12:5c:43:03:e9:d0:08:5e:92:74:70:bf:e3:8a:5e:d2:b9:
         df:3c:24:2a:ec:74:04:d9:fb:6c:de:46:93:16:80:83:73:06:
         b5:03:0a:45:b0:61:ae:15:32:b6:9d:d1:72:f6:bf:d4:47:fd:
         7b:6e:55:7a:3e:a3:74:d9:c4:0f:f3:44:e8:43:66:2a:40:18:
         d4:a5:a0:28:ba:7b:46:3c:5c:e6:67:a9:b4:42:29:00:ff:8e:
         d1:8c:74:5c:6f:ea:b4:72:5d:50:d7:e5:22:9c:c1:af:65:4f:
         fb:f8:fa:ea:2a:a4:27:10:ee:22:ca:4f:2c:b4:c9:22:0f:dc:
         1a:4e:91:5f:b3:e1:f7:21:bb:fc:45:6d:62:5d:bc:14:77:30:
         1f:2c:44:6a:19:7a:e6:95:5b:f5:ff:c4:be:2f:09:6e:d7:94:
         0e:eb:e2:82:3c:ec:1a:dc:80:36:2d:ca:4e:2a:29:d7:78:e3:
         b0:e7:b6:98:c2:f2:dd:8c:b2:e5:6a:54:cb:5b:24:55:35:93:
         8c:de:57:65:1f:4d:e2:48:38:9b:38:e4:ca:88:21:00:3c:64:
         c6:87:84:ed:e0:61:94:28:eb:86:5b:39:c2:3e:80:4a:aa:2a:
         c1:1e:8d:e2:51:68:58:bb:58:cf:63:0f:14:03:14:72:92:98:
         a2:fd:98:53
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDILm/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDEw
MTEwNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU4ODM4YWFmNzcz
MmQxYTNhN2VmMWI0MTY4NzVlNTk0M2MxMDkyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOdCAyJRYQ+O3IaoO5E0+ItYh8fumXxERu2meerVrOUW192B
K4GBti4TGmp5IV+5Mup8q1Pwg9aO1Lzz2P8iKv663zrpzN2ixISnQ1kEYnOJRAMf
+3C6yxBUD8sjEoM422Zm4WKaMAkilE9WDnOIep7PBNLJhNC7CewDD3jUNlQemZTs
rSy616GKhu2MDx635IhLnuf8s+a2jlMuqW9LCEvwuGufYeIweNz/TKkwedeX3f30
XQdF42oR8YkOaMNBeJUcFjiJ7IWv4cLG7ZeUD8uR+5IEftitP/7hr8VZ5pfvUBEm
BpfErXTAg4BiyQKmr429wey1IWuG+VmVJM7aH7UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSOiDiq93MtGjp+8bQWh15ZQ8EJKjAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
L2pvZzRxdmR6TFJvNmZ2RzBGb2RlV1VQQkNTby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVkUQAMEAtR8QDANBAIAAjAHAwUA
KgIhcDANBgkqhkiG9w0BAQsFAAOCAQEADxJcQwPp0AheknRwv+OKXtK53zwkKux0
BNn7bN5GkxaAg3MGtQMKRbBhrhUytp3Rcva/1Ef9e25Vej6jdNnED/NE6ENmKkAY
1KWgKLp7Rjxc5meptEIpAP+O0Yx0XG/qtHJdUNflIpzBr2VP+/j66iqkJxDuIspP
LLTJIg/cGk6RX7Ph9yG7/EVtYl28FHcwHyxEahl65pVb9f/Evi8JbteUDuvigjzs
GtyANi3KTiop13jjsOe2mMLy3Yyy5WpUy1skVTWTjN5XZR9N4kg4mzjkyoghADxk
xoeE7eBhlCjrhls5wj6ASqoqwR6N4lFoWLtYz2MPFAMUcpKYov2YUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org