Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/JgfFJNbBuQVm_PWZzrhEKh6lRyE.roa
File:                     JgfFJNbBuQVm_PWZzrhEKh6lRyE.roa (raw, json)
Hash identifier:          Bi8Q8QD/kOAFBxE36Zh8uCFMeRb6Bfy9aSF0oQfqmmw=
Subject key identifier:   26:07:C5:24:D6:C1:B9:05:66:FC:F5:99:CE:B8:44:2A:1E:A5:47:21
Certificate issuer:       /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial:       0182A1EBB3BF3D751417B9874F2D30BC7D99
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/JgfFJNbBuQVm_PWZzrhEKh6lRyE.roa
Signing time:             Mon 15 Aug 2022 14:32:34 +0000
ROA not before:           Mon 15 Aug 2022 14:32:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62371
IP address blocks:        185.70.40.0/24 maxlen: 24
                          185.70.43.0/24 maxlen: 24
                          185.70.41.0/24 maxlen: 24
                          185.70.42.0/24 maxlen: 24
                          2a05:2701:f00::/44 maxlen: 44
                          2a05:2701:f10::/44 maxlen: 44
                          2a05:2701:f30::/44 maxlen: 44
                          2a05:2701:f40::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:a1:eb:b3:bf:3d:75:14:17:b9:87:4f:2d:30:bc:7d:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
        Validity
            Not Before: Aug 15 14:32:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2607c524d6c1b90566fcf599ceb8442a1ea54721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:29:bc:a2:6d:69:e1:f9:b9:e8:af:39:ec:61:
                    a0:79:d5:b9:77:9c:22:8c:88:33:48:0f:75:96:f1:
                    e1:cb:9a:c3:23:50:c5:6b:d0:52:02:bf:7e:d0:01:
                    df:99:06:37:7c:0b:3e:f4:c1:9a:d2:7c:62:50:5f:
                    f3:dc:a8:12:6c:1d:49:64:16:bf:e8:28:aa:e4:25:
                    12:2a:d4:08:2b:52:7c:bf:c1:4a:42:85:80:82:15:
                    9c:42:ac:0c:c8:9c:2b:58:ba:14:1a:8a:a3:76:b9:
                    19:f8:ea:f8:2f:e9:d3:29:5f:21:7c:62:9a:54:dc:
                    4e:b7:09:5a:15:8a:f5:da:37:af:37:e6:bb:05:c2:
                    2d:07:02:af:0d:9e:e3:e2:5f:55:3d:38:a7:e0:fb:
                    b4:40:59:58:44:6c:05:b4:08:96:4d:16:ef:9e:c6:
                    7a:be:5f:b3:24:a1:63:7d:0c:90:40:d2:39:b5:bc:
                    55:36:70:b2:12:2e:d1:5b:17:ab:73:d7:87:c0:6f:
                    22:df:02:bc:d9:fa:1a:87:32:6e:ac:c7:ea:79:d0:
                    e5:87:fc:59:bc:1f:ab:6c:24:51:db:11:53:fa:13:
                    7f:74:5a:e1:e7:8a:e4:1c:f9:a5:4c:6f:0b:35:ae:
                    1a:d3:b6:24:72:3c:be:1f:76:99:76:6e:7d:19:bf:
                    55:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:07:C5:24:D6:C1:B9:05:66:FC:F5:99:CE:B8:44:2A:1E:A5:47:21
            X509v3 Authority Key Identifier:
                keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/JgfFJNbBuQVm_PWZzrhEKh6lRyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.70.40.0/22
                IPv6:
                  2a05:2701:f00::/43
                  2a05:2701:f30::-2a05:2701:f4f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         29:83:67:0b:eb:9e:01:4e:7d:f6:de:cb:de:44:29:2f:f9:8f:
         5d:bb:ba:cd:2f:29:aa:99:de:52:ae:70:57:34:1c:74:d1:d2:
         f8:e6:68:cb:c0:33:2b:70:d2:6c:41:85:f2:15:bf:2b:1c:35:
         98:a0:b0:d4:ef:33:42:35:c4:d6:46:e2:44:76:8b:be:07:ef:
         09:3e:fe:0e:a2:bb:46:fb:cf:3c:1e:30:d6:05:09:89:5e:71:
         77:fc:1a:5c:0b:1d:8a:1c:f7:7f:c3:d6:b4:3d:3f:9c:f1:67:
         d8:33:aa:29:a5:6d:56:bd:12:5a:0e:35:3f:3d:53:04:b8:6f:
         80:f1:fd:15:d3:98:ce:85:a2:83:e8:ce:04:41:f1:a7:59:c2:
         6d:5e:fd:80:ec:db:30:00:86:f5:8e:d3:83:39:3f:8c:70:f7:
         bb:51:4e:61:e2:c3:7d:f9:4a:0d:a0:cb:be:c7:da:c8:ca:b1:
         b3:88:79:fe:7e:e7:d6:08:1b:e3:a0:a9:81:3c:98:53:1b:67:
         63:d9:26:3e:bc:c6:79:81:cf:06:f8:02:c4:16:43:39:e6:3f:
         07:46:82:33:b8:d6:ab:c6:4f:2b:64:53:f0:89:1f:c5:09:f8:
         05:fc:09:43:7f:4f:40:e4:95:d9:ea:01:ee:a1:ce:ba:07:72:
         39:32:85:bb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYKh67O/PXUUF7mHTy0wvH2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjIwODE1MTQzMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjA3YzUyNGQ2YzFiOTA1NjZmY2Y1OTljZWI4NDQyYTFlYTU0NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Cm8om1p4fm56K857GGgedW5d5wi
jIgzSA91lvHhy5rDI1DFa9BSAr9+0AHfmQY3fAs+9MGa0nxiUF/z3KgSbB1JZBa/
6Ciq5CUSKtQIK1J8v8FKQoWAghWcQqwMyJwrWLoUGoqjdrkZ+Or4L+nTKV8hfGKa
VNxOtwlaFYr12jevN+a7BcItBwKvDZ7j4l9VPTin4Pu0QFlYRGwFtAiWTRbvnsZ6
vl+zJKFjfQyQQNI5tbxVNnCyEi7RWxerc9eHwG8i3wK82foahzJurMfqedDlh/xZ
vB+rbCRR2xFT+hN/dFrh54rkHPmlTG8LNa4a07Ykcjy+H3aZdm59Gb9VdwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCYHxSTWwbkFZvz1mc64RCoepUchMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvSmdmRkpOYkJ1UVZtX1BXWnpyaEVLaDZsUnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQCuUYoMCME
AgACMB0DBwUqBScBDwAwEgMHBCoFJwEPMAMHBCoFJwEPQDANBgkqhkiG9w0BAQsF
AAOCAQEAKYNnC+ueAU599t7L3kQpL/mPXbu6zS8pqpneUq5wVzQcdNHS+OZoy8Az
K3DSbEGF8hW/Kxw1mKCw1O8zQjXE1kbiRHaLvgfvCT7+DqK7RvvPPB4w1gUJiV5x
d/waXAsdihz3f8PWtD0/nPFn2DOqKaVtVr0SWg41Pz1TBLhvgPH9FdOYzoWig+jO
BEHxp1nCbV79gOzbMACG9Y7Tgzk/jHD3u1FOYeLDfflKDaDLvsfayMqxs4h5/n7n
1ggb46CpgTyYUxtnY9kmPrzGeYHPBvgCxBZDOeY/B0aCM7jWq8ZPK2RT8IkfxQn4
BfwJQ39PQOSV2eoB7qHOugdyOTKFuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org