Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa
File:                     JS87ukhw8QsHHm-sD7BAa61ZkmI.roa (raw, json)
Hash identifier:          AyeWdAs8ys3iaGtNwDdpWkWWM1HuGiXi4Z01tKkbf30=
Subject key identifier:   25:2F:3B:BA:48:70:F1:0B:07:1E:6F:AC:0F:B0:40:6B:AD:59:92:62
Certificate issuer:       /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial:       1DF85780
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa
Signing time:             Wed 22 Jun 2022 13:18:22 +0000
ROA not before:           Wed 22 Jun 2022 13:18:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34354
IP address blocks:        89.221.112.0/23 maxlen: 23
                          89.221.114.0/23 maxlen: 23
                          89.221.116.0/23 maxlen: 23
                          89.221.118.0/23 maxlen: 23
                          85.158.72.0/23 maxlen: 23
                          85.158.74.0/23 maxlen: 23
                          85.158.76.0/23 maxlen: 23
                          85.158.78.0/23 maxlen: 23
                          89.221.120.0/23 maxlen: 23
                          89.221.122.0/23 maxlen: 23
                          89.221.124.0/23 maxlen: 23
                          89.221.126.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 502814592 (0x1df85780)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
        Validity
            Not Before: Jun 22 13:18:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=252f3bba4870f10b071e6fac0fb0406bad599262
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:95:6c:67:79:0b:4f:a7:74:b6:cd:f9:18:08:
                    d8:74:da:cc:88:00:c8:72:7a:7b:54:dd:1e:53:f7:
                    9a:8b:9b:69:24:8a:8d:02:fb:fd:92:5b:f6:79:31:
                    61:fe:52:39:a0:67:dc:4c:76:d2:de:00:53:d0:a6:
                    71:b0:a0:ea:36:ca:7a:23:fc:ad:f9:66:19:43:fb:
                    81:82:f2:f0:38:16:45:c5:56:26:b4:97:f1:55:ef:
                    81:c8:ec:54:76:34:89:90:d9:b8:7d:d0:41:e6:ba:
                    8c:35:c2:28:a6:45:e0:42:38:63:5f:16:83:98:13:
                    47:57:97:20:b2:e6:a0:d6:b9:e5:a5:73:e1:60:cb:
                    b3:30:47:3e:d1:eb:a8:ec:a3:9b:42:9d:a3:b1:72:
                    67:87:43:02:4c:30:61:4d:45:a2:fe:a8:8b:d2:9b:
                    79:cd:6d:00:a6:b4:ce:25:cd:fd:87:f0:f4:f4:05:
                    9b:48:5c:6c:a6:0b:48:d2:6c:83:a3:58:d0:c1:28:
                    88:65:fc:78:80:3e:b7:2b:2d:37:88:b5:4f:6c:fd:
                    28:2d:24:e5:90:53:25:6b:5e:55:8e:65:96:ac:be:
                    11:e2:41:56:53:68:28:2b:7e:ec:c2:dd:31:ea:23:
                    0d:b7:aa:59:49:0e:f2:06:1b:1e:97:19:01:d5:14:
                    ce:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:2F:3B:BA:48:70:F1:0B:07:1E:6F:AC:0F:B0:40:6B:AD:59:92:62
            X509v3 Authority Key Identifier:
                keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.158.72.0/21
                  89.221.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         30:41:47:0c:a4:d9:5a:cc:4e:fa:2f:56:4e:b3:9d:c1:41:c6:
         90:93:37:15:55:90:75:42:21:85:74:73:0a:58:61:6d:0a:b5:
         b8:6e:d6:62:9a:65:28:cd:61:7f:0c:b5:34:fa:5a:26:4f:bd:
         3f:a3:1e:2f:5a:b7:36:fb:8e:26:3a:f5:60:ad:b7:05:02:39:
         0e:37:22:33:93:b5:97:f2:38:32:fb:15:09:26:6a:1a:e9:a0:
         49:42:a6:4a:ed:83:aa:01:e3:1d:6a:20:94:cf:85:69:0e:c9:
         93:34:a7:43:f4:5d:b6:74:60:87:83:67:c8:f9:94:5a:26:da:
         b1:db:05:52:46:7e:15:93:e3:85:4b:9d:4d:2f:54:38:2d:f9:
         3d:ec:11:73:04:a1:40:19:a2:c0:d9:87:d2:49:c7:ca:40:d4:
         26:0c:ab:6e:37:3c:b2:3f:19:90:6b:f1:08:50:df:ca:31:2f:
         48:47:77:6a:6d:91:05:32:f4:04:0c:90:1b:98:ef:77:ff:93:
         c2:53:6d:a1:cf:f9:3e:98:6b:72:14:96:aa:25:ab:7a:53:67:
         4b:e0:5a:5b:1e:22:10:35:d1:13:95:51:77:50:fb:45:5c:37:
         ea:c4:c8:c4:79:6e:6c:fa:34:09:95:42:86:b6:bd:82:fd:30:
         a6:24:35:ae
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHfhXgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWExYjM2NTUyZjlkYWNjYjkyYWM1YzNiNDRiNDI2ZDY0Mzc0OWUyMB4XDTIyMDYy
MjEzMTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUyZjNiYmE0ODcw
ZjEwYjA3MWU2ZmFjMGZiMDQwNmJhZDU5OTI2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuVbGd5C0+ndLbN+RgI2HTazIgAyHJ6e1TdHlP3moubaSSK
jQL7/ZJb9nkxYf5SOaBn3Ex20t4AU9CmcbCg6jbKeiP8rflmGUP7gYLy8DgWRcVW
JrSX8VXvgcjsVHY0iZDZuH3QQea6jDXCKKZF4EI4Y18Wg5gTR1eXILLmoNa55aVz
4WDLszBHPtHrqOyjm0Kdo7FyZ4dDAkwwYU1Fov6oi9Kbec1tAKa0ziXN/Yfw9PQF
m0hcbKYLSNJsg6NY0MEoiGX8eIA+tystN4i1T2z9KC0k5ZBTJWteVY5llqy+EeJB
VlNoKCt+7MLdMeojDbeqWUkO8gYbHpcZAdUUzhsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQlLzu6SHDxCwceb6wPsEBrrVmSYjAfBgNVHSMEGDAWgBTlobNlUvnazLkq
xcO0S0JtZDdJ4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhR3paVkw1MnN5NUtzWER0RXRDYldRM1NlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8x
L0pTODd1a2h3OFFzSEhtLXNEN0JBYTYxWmttSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8xLzVhR3paVkw1MnN5
NUtzWER0RXRDYldRM1NlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1WeSAMEBFndcDANBgkqhkiG9w0B
AQsFAAOCAQEAMEFHDKTZWsxO+i9WTrOdwUHGkJM3FVWQdUIhhXRzClhhbQq1uG7W
YpplKM1hfwy1NPpaJk+9P6MeL1q3NvuOJjr1YK23BQI5DjciM5O1l/I4MvsVCSZq
GumgSUKmSu2DqgHjHWoglM+FaQ7JkzSnQ/RdtnRgh4NnyPmUWibasdsFUkZ+FZPj
hUudTS9UOC35PewRcwShQBmiwNmH0knHykDUJgyrbjc8sj8ZkGvxCFDfyjEvSEd3
am2RBTL0BAyQG5jvd/+TwlNtoc/5PphrchSWqiWrelNnS+BaWx4iEDXRE5VRd1D7
RVw36sTIxHlubPo0CZVChra9gv0wpiQ1rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:06 2024 by rpki-client on console-ams.rpki-client.org