Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/jIMMrbNfU4MXg5w-slgOkH4Qjxw.roa
File:                     jIMMrbNfU4MXg5w-slgOkH4Qjxw.roa (raw, json)
Hash identifier:          jKplCrjDJ2X5a7BNC1V+J+Y4ksf3m+EOfhWRlkCxf3w=
Subject key identifier:   8C:83:0C:AD:B3:5F:53:83:17:83:9C:3E:B2:58:0E:90:7E:10:8F:1C
Certificate issuer:       /CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
Certificate serial:       091DAD74
Authority key identifier: BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/jIMMrbNfU4MXg5w-slgOkH4Qjxw.roa
Signing time:             Sat 01 Jan 2022 00:57:17 +0000
ROA not before:           Sat 01 Jan 2022 00:57:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21269
IP address blocks:        195.95.132.0/24 maxlen: 24
                          92.118.240.0/22 maxlen: 24
                          2a09:b240::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152939892 (0x91dad74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
        Validity
            Not Before: Jan  1 00:57:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c830cadb35f538317839c3eb2580e907e108f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3b:90:12:4b:1a:3b:f8:b1:a0:34:ac:c5:10:
                    43:23:ea:2a:08:99:67:31:77:da:1c:dc:f0:83:15:
                    12:67:23:28:8a:e5:0d:a9:9b:32:35:88:10:03:14:
                    e8:84:77:26:43:33:c5:51:d6:ff:ef:2f:e9:bb:00:
                    43:98:b3:f2:7a:c6:85:39:be:ad:c8:86:b1:f5:51:
                    d3:8e:81:10:5a:20:32:e0:62:0e:aa:2d:7d:e1:04:
                    6a:93:2b:29:f0:87:27:e4:40:ba:b9:fd:19:84:f8:
                    6b:a1:6a:ae:74:a2:6d:93:e6:58:f3:0f:f4:dc:47:
                    52:58:1a:20:e6:c9:a7:50:52:03:66:3c:8e:72:3f:
                    e1:47:65:15:6c:1f:31:4f:07:96:34:b5:73:d9:b4:
                    5b:46:a6:e2:d5:9a:75:19:4d:83:de:41:5c:0e:21:
                    cd:00:00:5c:7b:41:5a:e3:f4:d5:61:bb:d0:2e:32:
                    c3:22:3a:6a:e2:3a:89:c9:63:1a:5f:f8:db:38:b7:
                    37:9e:08:46:1e:ce:b9:69:17:f6:c9:52:e3:36:66:
                    55:40:20:91:1f:10:b8:51:10:fa:53:6c:9c:3c:92:
                    2a:4a:e5:72:c4:43:8d:18:79:a4:31:e9:e9:e0:25:
                    69:5c:1d:03:8d:89:a6:a7:7a:cc:75:66:b6:51:69:
                    97:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:83:0C:AD:B3:5F:53:83:17:83:9C:3E:B2:58:0E:90:7E:10:8F:1C
            X509v3 Authority Key Identifier:
                keyid:BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/jIMMrbNfU4MXg5w-slgOkH4Qjxw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/u9zIw3chdOR7rIuTLlvse0ex2Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.118.240.0/22
                  195.95.132.0/24
                IPv6:
                  2a09:b240::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:1a:69:55:14:60:0d:0a:e8:58:1f:32:c2:2a:a1:c9:8a:fd:
         5e:21:21:9a:17:68:0b:ea:05:62:f4:fc:e1:e4:66:5a:12:35:
         bf:2e:f4:f5:a7:e7:51:32:c9:07:c2:02:8d:dd:97:a8:66:d5:
         5e:43:e9:ca:4d:4f:50:d1:3b:34:c2:90:5e:61:76:9c:f6:e0:
         10:54:3c:26:16:4b:b5:85:73:46:57:40:3f:f3:7a:a0:4e:58:
         74:46:cc:61:1d:23:bd:82:76:45:1c:a5:47:08:d3:66:7f:09:
         89:5a:57:1b:bf:e3:69:9e:cc:35:1f:eb:3e:e0:7d:09:4c:a9:
         84:16:8e:81:fb:7d:cc:b1:d3:1c:01:0b:d9:60:b5:9e:33:d2:
         9a:01:53:d6:9b:fa:e1:67:aa:8f:df:c7:20:27:11:0c:8b:5f:
         7b:c9:e9:65:b3:b1:10:20:89:79:d8:0d:be:54:dc:fb:16:23:
         85:0c:31:49:0f:e1:19:33:26:e6:2a:c7:a4:52:ac:33:e3:d1:
         97:c3:50:4f:ee:e2:00:d1:c7:15:52:8a:41:83:e6:5b:63:3f:
         13:02:5f:3b:23:15:37:e6:59:4f:b9:97:76:01:c3:e2:6d:27:
         8d:db:ff:4b:35:aa:c6:4f:e8:43:9b:99:ba:57:5d:74:f4:ff:
         5c:7f:5a:47
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECR2tdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmRjYzhjMzc3MjE3NGU0N2JhYzhiOTMyZTViZWM3YjQ3YjFkOTJiMB4XDTIyMDEw
MTAwNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM4MzBjYWRiMzVm
NTM4MzE3ODM5YzNlYjI1ODBlOTA3ZTEwOGYxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk7kBJLGjv4saA0rMUQQyPqKgiZZzF32hzc8IMVEmcjKIrl
DambMjWIEAMU6IR3JkMzxVHW/+8v6bsAQ5iz8nrGhTm+rciGsfVR046BEFogMuBi
DqotfeEEapMrKfCHJ+RAurn9GYT4a6FqrnSibZPmWPMP9NxHUlgaIObJp1BSA2Y8
jnI/4UdlFWwfMU8HljS1c9m0W0am4tWadRlNg95BXA4hzQAAXHtBWuP01WG70C4y
wyI6auI6icljGl/42zi3N54IRh7OuWkX9slS4zZmVUAgkR8QuFEQ+lNsnDySKkrl
csRDjRh5pDHp6eAlaVwdA42Jpqd6zHVmtlFpl6ECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSMgwyts19TgxeDnD6yWA6QfhCPHDAfBgNVHSMEGDAWgBS73MjDdyF05Hus
i5MuW+x7R7HZKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U5ekl3M2NoZE9SN3JJdVRMbHZzZTBleDJTcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvYjYyYzMzLWNjOWMtNGJhZi1hMGVlLWVkMTQyZTQ2NDMzNS8x
L2pJTU1yYk5mVTRNWGc1dy1zbGdPa0g0UWp4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
YjYyYzMzLWNjOWMtNGJhZi1hMGVlLWVkMTQyZTQ2NDMzNS8xL3U5ekl3M2NoZE9S
N3JJdVRMbHZzZTBleDJTcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlx28AMEAMNfhDANBAIAAjAHAwUD
KgmyQDANBgkqhkiG9w0BAQsFAAOCAQEAVBppVRRgDQroWB8ywiqhyYr9XiEhmhdo
C+oFYvT84eRmWhI1vy709afnUTLJB8ICjd2XqGbVXkPpyk1PUNE7NMKQXmF2nPbg
EFQ8JhZLtYVzRldAP/N6oE5YdEbMYR0jvYJ2RRylRwjTZn8JiVpXG7/jaZ7MNR/r
PuB9CUyphBaOgft9zLHTHAEL2WC1njPSmgFT1pv64Weqj9/HICcRDItfe8npZbOx
ECCJedgNvlTc+xYjhQwxSQ/hGTMm5irHpFKsM+PRl8NQT+7iANHHFVKKQYPmW2M/
EwJfOyMVN+ZZT7mXdgHD4m0njdv/SzWqxk/oQ5uZuldddPT/XH9aRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:14 2024 by rpki-client on console-ams.rpki-client.org