Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/jBc-RhOAN9kDMxdmftLBM1_pZW0.roa
File:                     jBc-RhOAN9kDMxdmftLBM1_pZW0.roa (raw, json)
Hash identifier:          EBqV0Iz9XB7OrG7FLUL4mP78wT5x8RfAgojQqU25LX8=
Subject key identifier:   8C:17:3E:46:13:80:37:D9:03:33:17:66:7E:D2:C1:33:5F:E9:65:6D
Certificate issuer:       /CN=60325c21d2fafe743398dc1e5574433280110469
Certificate serial:       01822617656A29AAA1CFBD4E8D5B1F7472B3
Authority key identifier: 60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/jBc-RhOAN9kDMxdmftLBM1_pZW0.roa
Signing time:             Fri 22 Jul 2022 13:27:23 +0000
ROA not before:           Fri 22 Jul 2022 13:27:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47856
IP address blocks:        195.10.217.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:26:17:65:6a:29:aa:a1:cf:bd:4e:8d:5b:1f:74:72:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60325c21d2fafe743398dc1e5574433280110469
        Validity
            Not Before: Jul 22 13:27:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c173e46138037d9033317667ed2c1335fe9656d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7e:08:e4:df:46:f8:94:52:c8:4d:41:1e:cc:
                    96:ed:f8:65:1f:60:0a:11:dc:4a:81:37:a3:b9:27:
                    1e:11:5a:8e:9e:1a:5a:d9:a0:c8:9c:65:b7:e0:34:
                    39:aa:45:83:7f:ff:5a:4a:cb:6a:7e:7b:7c:63:0f:
                    51:5c:8d:e4:a5:15:7d:93:5a:22:4f:09:ac:0a:f2:
                    5d:2e:09:e8:9d:17:8e:09:c4:c6:66:61:f4:3e:ad:
                    bc:ba:6a:32:99:e8:48:81:d9:ca:69:2b:e2:af:e0:
                    ec:2a:51:e1:c0:d4:13:5c:27:8a:dc:68:af:96:ce:
                    70:11:2c:a4:b4:4a:2b:a3:63:f6:ae:5a:79:31:51:
                    cb:72:95:3d:79:fe:cf:06:e7:ce:7b:ba:d4:07:f5:
                    11:1e:13:81:ff:d0:b6:65:b5:99:a7:83:5f:6e:3f:
                    76:a4:41:ac:2a:ef:a0:d6:b0:c0:d6:86:82:d0:98:
                    13:02:de:f3:2e:c9:7f:b7:53:db:75:7c:0a:a4:83:
                    4f:e3:0a:2f:37:37:7f:b9:1f:26:67:43:bf:14:66:
                    71:c6:44:f8:e8:cd:e6:15:40:58:ac:1e:5e:8d:3f:
                    b8:d9:bb:41:83:fb:75:5b:f5:b8:2a:e2:d2:28:3f:
                    f4:d3:bb:1a:db:81:64:53:de:02:f6:5a:39:91:23:
                    97:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:17:3E:46:13:80:37:D9:03:33:17:66:7E:D2:C1:33:5F:E9:65:6D
            X509v3 Authority Key Identifier:
                keyid:60:32:5C:21:D2:FA:FE:74:33:98:DC:1E:55:74:43:32:80:11:04:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDJcIdL6_nQzmNweVXRDMoARBGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/jBc-RhOAN9kDMxdmftLBM1_pZW0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f2770b-da19-4790-a494-c58e95cd4277/1/YDJcIdL6_nQzmNweVXRDMoARBGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.10.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:54:0c:9e:87:65:e1:9a:b2:65:fb:b2:52:98:af:3d:3a:92:
         07:76:2e:ac:44:a6:5d:a1:a1:08:6c:e5:45:48:e9:65:66:22:
         ac:74:53:65:eb:5e:3d:ef:bb:75:2e:ef:af:34:9d:79:b5:8c:
         81:f3:72:04:e5:be:ae:de:dd:93:7b:8d:d6:e4:6c:18:3f:dd:
         41:2c:b0:fd:d6:96:49:93:a2:9d:2d:fb:ef:6b:ea:2d:62:1c:
         78:5e:4f:a5:eb:b7:6e:17:cf:fe:4f:4f:e3:42:74:1e:35:fe:
         0d:81:b7:7e:80:87:a9:11:9e:72:6c:46:81:96:d9:ab:e4:b4:
         27:fe:a6:a5:90:98:59:3f:49:1a:ff:1e:08:f7:d2:ed:eb:0b:
         9f:b7:78:01:35:81:89:74:46:77:b0:ff:5e:56:e9:75:e8:62:
         0a:28:9f:4f:f6:50:54:a6:ee:40:34:ff:91:7f:99:7c:77:ac:
         02:32:25:34:1f:98:ba:d8:cc:d0:d2:2e:2c:25:ff:f0:39:3e:
         fc:1d:07:7d:6a:29:2a:e0:8a:00:84:f7:ee:49:68:a9:56:bd:
         66:9a:fc:1b:84:38:6b:fd:f3:ba:08:30:8c:8d:33:e2:67:d9:
         e2:6e:5e:a0:e8:aa:5a:af:eb:df:ca:e7:8a:3c:01:9a:8a:ee:
         f3:86:17:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYImF2VqKaqhz71OjVsfdHKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzI1YzIxZDJmYWZlNzQzMzk4ZGMxZTU1NzQ0MzMyODAx
MTA0NjkwHhcNMjIwNzIyMTMyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE3M2U0NjEzODAzN2Q5MDMzMzE3NjY3ZWQyYzEzMzVmZTk2NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX4I5N9G+JRSyE1BHsyW7fhlH2AK
EdxKgTejuSceEVqOnhpa2aDInGW34DQ5qkWDf/9aSstqfnt8Yw9RXI3kpRV9k1oi
TwmsCvJdLgnonReOCcTGZmH0Pq28umoymehIgdnKaSvir+DsKlHhwNQTXCeK3Giv
ls5wESyktEoro2P2rlp5MVHLcpU9ef7PBufOe7rUB/URHhOB/9C2ZbWZp4Nfbj92
pEGsKu+g1rDA1oaC0JgTAt7zLsl/t1PbdXwKpINP4wovNzd/uR8mZ0O/FGZxxkT4
6M3mFUBYrB5ejT+42btBg/t1W/W4KuLSKD/007sa24FkU94C9lo5kSOXxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwXPkYTgDfZAzMXZn7SwTNf6WVtMB8GA1UdIwQY
MBaAFGAyXCHS+v50M5jcHlV0QzKAEQRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQt
YzU4ZTk1Y2Q0Mjc3LzEvakJjLVJoT0FOOWtETXhkbWZ0TEJNMV9wWlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMjc3MGItZGExOS00NzkwLWE0OTQtYzU4ZTk1Y2Q0Mjc3
LzEvWURKY0lkTDZfblF6bU53ZVZYUkRNb0FSQkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwrZMA0G
CSqGSIb3DQEBCwUAA4IBAQBMVAyeh2XhmrJl+7JSmK89OpIHdi6sRKZdoaEIbOVF
SOllZiKsdFNl614977t1Lu+vNJ15tYyB83IE5b6u3t2Te43W5GwYP91BLLD91pZJ
k6KdLfvva+otYhx4Xk+l67duF8/+T0/jQnQeNf4Ngbd+gIepEZ5ybEaBltmr5LQn
/qalkJhZP0ka/x4I99Lt6wuft3gBNYGJdEZ3sP9eVul16GIKKJ9P9lBUpu5ANP+R
f5l8d6wCMiU0H5i62MzQ0i4sJf/wOT78HQd9aikq4IoAhPfuSWipVr1mmvwbhDhr
/fO6CDCMjTPiZ9nibl6g6Kpar+vfyueKPAGaiu7zhhed
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:08 2024 by rpki-client on console-ams.rpki-client.org