Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JOVKo9sIpIvRhIsar-rHKTFpCHc.roa
File:                     JOVKo9sIpIvRhIsar-rHKTFpCHc.roa (raw, json)
Hash identifier:          sU6O3TmKdV15CnNbgmOqNJI/vuaCPTmLH6v/aykdIME=
Subject key identifier:   24:E5:4A:A3:DB:08:A4:8B:D1:84:8B:1A:AF:EA:C7:29:31:69:08:77
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0183D108215A76E36D69DF904973C8CBF027
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JOVKo9sIpIvRhIsar-rHKTFpCHc.roa
Signing time:             Thu 13 Oct 2022 11:08:34 +0000
ROA not before:           Thu 13 Oct 2022 11:08:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203639
IP address blocks:        5.105.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:d1:08:21:5a:76:e3:6d:69:df:90:49:73:c8:cb:f0:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Oct 13 11:08:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24e54aa3db08a48bd1848b1aafeac72931690877
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:18:d4:05:34:ad:fe:4e:e9:84:8d:b8:30:8d:
                    ba:15:54:8c:fa:14:a2:69:6a:ae:96:9d:10:e4:fa:
                    66:ed:e9:ac:0c:4b:cd:7d:13:8f:13:7e:89:a9:b4:
                    1d:99:58:19:e7:3a:a4:46:14:48:15:20:e2:f3:4d:
                    8c:a7:01:64:f2:5f:58:fa:0a:d4:b0:78:be:c7:d0:
                    46:34:48:86:92:bb:12:9e:bf:da:4e:05:7d:85:bb:
                    ef:7f:c1:4c:f3:71:b9:ab:14:be:57:9c:7f:4f:45:
                    d9:b0:0f:f3:92:ad:c9:9c:af:b5:d1:bc:cc:70:11:
                    74:8f:e8:43:9a:64:26:fb:d5:90:96:aa:55:0b:e7:
                    cf:e8:30:e7:2e:43:6a:f3:4f:22:bc:8b:e8:fa:c0:
                    64:f7:24:b0:44:bc:f8:d8:e0:92:57:84:21:00:fa:
                    ab:f0:4f:9b:a1:34:01:e0:fa:7b:e4:35:1b:9c:85:
                    be:7e:86:fb:fa:b3:73:9f:45:b0:48:ff:b8:89:07:
                    57:00:56:6d:10:ef:d4:27:f4:34:55:55:da:10:48:
                    f5:76:91:d2:48:86:4b:79:f6:4c:3e:fa:41:03:75:
                    6a:af:ad:7d:2f:12:c1:a4:8f:b7:8f:b7:f8:97:8e:
                    f7:a5:b2:b0:cd:6e:ab:1d:0d:d8:ba:e9:2f:ff:cf:
                    91:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E5:4A:A3:DB:08:A4:8B:D1:84:8B:1A:AF:EA:C7:29:31:69:08:77
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/JOVKo9sIpIvRhIsar-rHKTFpCHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:5b:92:76:f4:87:e1:36:9c:be:f1:cf:10:35:9b:ea:f8:47:
         a0:81:46:24:4e:7f:10:2d:01:6e:9b:31:d3:2a:3e:12:d0:5f:
         57:20:09:ab:80:e9:dc:93:05:ab:ae:bb:36:b6:f1:ba:8c:be:
         60:d0:f5:a2:36:a3:02:57:58:b1:08:00:b5:46:22:54:55:74:
         40:ea:90:a0:2a:cd:8d:22:04:ad:16:15:b2:d4:76:41:18:3d:
         da:da:89:46:e1:d1:94:cd:6f:78:60:99:50:b0:6a:c8:0c:2d:
         f9:31:b0:1a:04:15:db:0b:30:7a:57:7b:5f:8d:82:ce:9c:f8:
         bf:84:2b:d3:c1:f7:41:19:dc:5c:d5:99:9e:d2:63:36:46:a8:
         6b:58:00:d4:6a:f4:ca:5a:61:59:aa:4a:8f:b0:e2:17:9d:0c:
         4a:b9:0b:11:90:6c:6e:1e:36:d9:85:9b:64:f5:98:5d:eb:89:
         b3:19:92:bb:30:8b:74:58:cd:3f:fa:00:c3:02:fc:6c:14:c2:
         71:11:07:b1:96:9b:27:26:63:67:8b:ac:33:38:4a:76:4e:64:
         4b:13:8b:1b:0d:65:86:3b:03:de:7b:20:67:ed:66:76:63:34:
         63:50:70:88:e0:a8:e9:ad:27:ee:37:61:f2:02:41:29:db:0c:
         be:0b:a1:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPRCCFaduNtad+QSXPIy/AnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMDEzMTEwODM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU1NGFhM2RiMDhhNDhiZDE4NDhiMWFhZmVhYzcyOTMxNjkwODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRjUBTSt/k7phI24MI26FVSM+hSi
aWqulp0Q5Ppm7emsDEvNfROPE36JqbQdmVgZ5zqkRhRIFSDi802MpwFk8l9Y+grU
sHi+x9BGNEiGkrsSnr/aTgV9hbvvf8FM83G5qxS+V5x/T0XZsA/zkq3JnK+10bzM
cBF0j+hDmmQm+9WQlqpVC+fP6DDnLkNq808ivIvo+sBk9ySwRLz42OCSV4QhAPqr
8E+boTQB4Pp75DUbnIW+fob7+rNzn0WwSP+4iQdXAFZtEO/UJ/Q0VVXaEEj1dpHS
SIZLefZMPvpBA3Vqr619LxLBpI+3j7f4l473pbKwzW6rHQ3Yuukv/8+RdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTlSqPbCKSL0YSLGq/qxykxaQh3MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSk9WS285c0lwSXZSaElzYXItckhLVEZwQ0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkOMA0G
CSqGSIb3DQEBCwUAA4IBAQCxW5J29IfhNpy+8c8QNZvq+EeggUYkTn8QLQFumzHT
Kj4S0F9XIAmrgOnckwWrrrs2tvG6jL5g0PWiNqMCV1ixCAC1RiJUVXRA6pCgKs2N
IgStFhWy1HZBGD3a2olG4dGUzW94YJlQsGrIDC35MbAaBBXbCzB6V3tfjYLOnPi/
hCvTwfdBGdxc1Zme0mM2RqhrWADUavTKWmFZqkqPsOIXnQxKuQsRkGxuHjbZhZtk
9Zhd64mzGZK7MIt0WM0/+gDDAvxsFMJxEQexlpsnJmNni6wzOEp2TmRLE4sbDWWG
OwPeeyBn7WZ2YzRjUHCI4KjprSfuN2HyAkEp2wy+C6FK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org