Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/jqntqZoHgMieRWWPek0NzFlOOe8.roa
File:                     jqntqZoHgMieRWWPek0NzFlOOe8.roa (raw, json)
Hash identifier:          Ut5bQJVAovHQUxXPjWhUTpkYSC5VNHrI/8PEo7uKKB0=
Subject key identifier:   8E:A9:ED:A9:9A:07:80:C8:9E:45:65:8F:7A:4D:0D:CC:59:4E:39:EF
Certificate issuer:       /CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
Certificate serial:       0183C24C32CA51789B1D92E585C7DBB74CB1
Authority key identifier: AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/jqntqZoHgMieRWWPek0NzFlOOe8.roa
Signing time:             Mon 10 Oct 2022 14:28:37 +0000
ROA not before:           Mon 10 Oct 2022 14:28:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20910
IP address blocks:        178.213.48.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c2:4c:32:ca:51:78:9b:1d:92:e5:85:c7:db:b7:4c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
        Validity
            Not Before: Oct 10 14:28:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8ea9eda99a0780c89e45658f7a4d0dcc594e39ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:85:8f:d5:15:11:c2:46:5f:c4:0e:60:0d:87:
                    0e:46:9b:b4:0e:f7:c8:7b:69:91:73:62:e4:ac:6e:
                    77:a5:79:54:54:c8:37:ee:be:4c:e9:f3:1f:8a:df:
                    2d:81:c5:9a:37:ed:f1:fc:4d:94:c2:ae:44:d4:31:
                    85:1c:92:ae:0f:98:73:d0:f0:fc:98:6d:c2:0a:06:
                    9c:93:c2:d9:a3:01:29:e6:2c:f8:3e:bf:62:8a:39:
                    f9:63:a5:77:54:fe:23:e1:a7:52:0c:2f:44:b2:1e:
                    ba:94:d5:c6:25:97:54:ab:e2:8c:1e:4b:df:e6:39:
                    d0:95:eb:ea:9e:04:f3:cc:e5:08:03:a8:31:f7:cc:
                    6c:ab:d5:f3:e9:7a:70:3e:0a:13:b0:a4:1c:48:46:
                    1d:7b:03:d3:c7:71:97:af:eb:3b:3d:1b:ab:48:fe:
                    d2:0d:fa:4e:6a:05:39:b7:14:8a:eb:22:2b:49:92:
                    70:b1:4d:09:34:1b:a1:3e:dc:1b:47:79:e3:8f:2a:
                    fd:2b:12:fa:01:27:39:62:34:1c:ff:e5:4a:16:49:
                    01:70:02:07:74:c4:2d:b7:51:1e:da:00:ae:3d:77:
                    bd:0e:53:25:0c:82:83:2e:05:0d:df:25:22:9a:4a:
                    0a:67:e5:8a:01:41:95:6a:78:05:5b:a0:7f:a4:0e:
                    f0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A9:ED:A9:9A:07:80:C8:9E:45:65:8F:7A:4D:0D:CC:59:4E:39:EF
            X509v3 Authority Key Identifier:
                keyid:AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/jqntqZoHgMieRWWPek0NzFlOOe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/ro7TO3C-bMIMifu6x3pZyjtMCTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.213.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         07:5e:32:34:03:52:7f:36:df:30:7d:e4:e4:e6:79:0e:5c:4c:
         fd:31:60:77:77:37:c4:a1:d0:1f:2f:10:f0:7d:aa:e0:00:c4:
         66:8b:2f:89:79:07:6d:25:06:63:5c:1a:65:44:52:92:c7:4c:
         1f:31:79:10:0c:54:e1:14:76:08:e8:cb:ab:bc:74:f2:22:0f:
         8b:af:7b:db:94:18:e6:fe:eb:c1:32:78:42:4b:36:6e:4d:b2:
         b1:bd:f4:c6:ad:84:33:da:e6:41:8b:2f:6e:cf:02:4f:9f:cb:
         98:b0:2f:f0:63:6a:14:ca:17:e9:90:a3:93:ca:02:3a:16:00:
         11:63:7f:e1:a0:c2:bc:49:65:06:8c:00:25:bf:e1:50:4a:23:
         2f:24:39:be:19:c2:18:58:d2:d7:43:d4:fa:68:f1:b2:23:06:
         1e:55:f4:da:eb:41:ba:b2:12:aa:f0:64:2b:41:83:4a:ec:29:
         99:cc:23:e3:ba:db:07:08:b2:89:6e:ff:62:be:87:e7:5d:39:
         89:0d:2c:4b:40:4e:53:d2:d6:5c:5a:ea:5c:1d:ca:1c:87:51:
         9a:a7:28:bd:c4:20:d9:ff:a3:7b:01:dd:be:30:36:67:3c:c5:
         ff:74:e7:ff:23:03:f8:01:8b:62:8a:64:c1:0a:8b:e7:d3:06:
         a4:cf:f8:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPCTDLKUXibHZLlhcfbt0yxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlOGVkMzNiNzBiZTZjYzIwYzg5ZmJiYWM3N2E1OWNhM2I0
YzA5MzQwHhcNMjIxMDEwMTQyODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE5ZWRhOTlhMDc4MGM4OWU0NTY1OGY3YTRkMGRjYzU5NGUzOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYWP1RURwkZfxA5gDYcORpu0DvfI
e2mRc2LkrG53pXlUVMg37r5M6fMfit8tgcWaN+3x/E2Uwq5E1DGFHJKuD5hz0PD8
mG3CCgack8LZowEp5iz4Pr9iijn5Y6V3VP4j4adSDC9Esh66lNXGJZdUq+KMHkvf
5jnQlevqngTzzOUIA6gx98xsq9Xz6XpwPgoTsKQcSEYdewPTx3GXr+s7PRurSP7S
DfpOagU5txSK6yIrSZJwsU0JNBuhPtwbR3njjyr9KxL6ASc5YjQc/+VKFkkBcAIH
dMQtt1Ee2gCuPXe9DlMlDIKDLgUN3yUimkoKZ+WKAUGVangFW6B/pA7wrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6p7amaB4DInkVlj3pNDcxZTjnvMB8GA1UdIwQY
MBaAFK6O0ztwvmzCDIn7usd6Wco7TAk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUt
MDRkYmM5YWMxNDQ0LzEvanFudHFab0hnTWllUldXUGVrME56RmxPT2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUtMDRkYmM5YWMxNDQ0
LzEvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstUwMA0G
CSqGSIb3DQEBCwUAA4IBAQAHXjI0A1J/Nt8wfeTk5nkOXEz9MWB3dzfEodAfLxDw
fargAMRmiy+JeQdtJQZjXBplRFKSx0wfMXkQDFThFHYI6MurvHTyIg+Lr3vblBjm
/uvBMnhCSzZuTbKxvfTGrYQz2uZBiy9uzwJPn8uYsC/wY2oUyhfpkKOTygI6FgAR
Y3/hoMK8SWUGjAAlv+FQSiMvJDm+GcIYWNLXQ9T6aPGyIwYeVfTa60G6shKq8GQr
QYNK7CmZzCPjutsHCLKJbv9ivofnXTmJDSxLQE5T0tZcWupcHcoch1Gapyi9xCDZ
/6N7Ad2+MDZnPMX/dOf/IwP4AYtiimTBCovn0wakz/je
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:54 2024 by rpki-client on console-ams.rpki-client.org