Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa
File:                     J1ZHofnvyzP6FV77wRZvFcQoyzo.roa (raw, json)
Hash identifier:          tFtPgAZ7ivuPDXsp9LLvfZi8jwJqRR9ui6WMadlnx9Y=
Subject key identifier:   27:56:47:A1:F9:EF:CB:33:FA:15:5E:FB:C1:16:6F:15:C4:28:CB:3A
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01853AC0D7B5CD1D4B45545E966A1FAF6980
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa
Signing time:             Thu 22 Dec 2022 16:53:14 +0000
ROA not before:           Thu 22 Dec 2022 16:53:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30738
IP address blocks:        195.211.53.0/24 maxlen: 24
                          188.130.254.0/24 maxlen: 24
                          188.130.182.0/24 maxlen: 24
                          2001:1468:8000::/36 maxlen: 36
                          2001:1468::/32 maxlen: 33

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3a:c0:d7:b5:cd:1d:4b:45:54:5e:96:6a:1f:af:69:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Dec 22 16:53:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=275647a1f9efcb33fa155efbc1166f15c428cb3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:04:5b:c7:9e:5c:a5:95:52:10:75:af:43:17:
                    b1:9d:fe:c1:a1:17:b6:40:e6:0b:ad:8e:be:eb:97:
                    5b:72:87:a9:c6:74:fe:63:4e:12:e5:b8:ee:47:14:
                    27:8c:21:9c:6f:90:85:da:14:f7:3e:2a:08:d1:42:
                    7e:b8:b8:a4:8f:58:c6:d2:64:77:ed:96:53:5a:ad:
                    bc:c5:46:21:ae:65:bb:99:c6:d1:45:0f:7a:85:dc:
                    3e:a8:18:21:b7:d0:c7:4d:b3:7d:5a:53:b2:ed:65:
                    c4:ce:63:72:14:46:0b:e5:5c:fd:f6:c8:39:f4:ee:
                    31:f7:6d:0a:f7:28:9a:10:89:7a:4e:b9:5d:9f:26:
                    19:2a:c2:a5:18:92:5d:bf:b2:ac:da:c8:34:1c:19:
                    34:59:80:51:85:a1:27:02:ff:21:e6:bd:f0:ac:7e:
                    f1:eb:95:13:9c:ea:02:6c:d7:6f:9b:6d:73:67:01:
                    8d:2d:7d:f2:4b:21:60:c5:81:10:dc:60:1e:d2:38:
                    88:1d:83:f9:59:94:8e:b9:8c:03:58:b4:a6:1a:f0:
                    6b:96:25:77:ab:cb:c4:42:9a:05:72:9c:c1:66:28:
                    fd:93:f7:81:d8:44:fe:35:1d:07:3b:c4:30:95:16:
                    35:5e:af:f5:52:45:40:70:4d:7e:bf:de:50:10:7b:
                    84:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:56:47:A1:F9:EF:CB:33:FA:15:5E:FB:C1:16:6F:15:C4:28:CB:3A
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.182.0/24
                  188.130.254.0/24
                  195.211.53.0/24
                IPv6:
                  2001:1468::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:21:3c:97:bf:70:fe:3a:8a:50:49:5d:3a:57:14:fe:99:dd:
         87:6d:b0:4d:ac:ee:41:98:d2:4b:7e:06:8a:e6:54:3b:bc:35:
         28:17:ac:86:7d:93:fe:5b:05:ca:e6:97:91:f7:e8:7c:15:8d:
         94:db:69:3f:91:60:48:76:13:96:98:a8:be:a6:ce:8c:07:e3:
         12:06:b3:0e:1b:6b:a9:74:82:48:66:7b:c6:77:c1:10:dd:9b:
         5d:5f:36:98:3a:a1:64:ee:c0:a3:14:bf:8c:eb:62:84:a1:e2:
         0c:69:46:a7:d8:4a:41:71:72:09:b1:d4:79:86:cc:f4:22:c4:
         be:21:bf:fa:0c:e7:0c:94:de:a7:e6:f1:6e:03:6b:d4:2b:90:
         68:ed:37:5d:d4:e8:ee:a2:cc:87:dd:be:43:43:cc:7c:fe:3e:
         12:39:ba:93:0f:a4:97:a5:3a:d2:91:73:d8:cb:e3:bc:bb:4a:
         73:de:c0:4b:97:3d:59:aa:f2:7b:f4:ff:c2:04:05:61:5e:a9:
         95:25:8a:f7:f6:b7:cd:c1:00:ae:12:28:7e:59:d0:2d:b2:bc:
         41:d6:14:d9:99:f4:7d:7a:a5:8b:cc:b2:ca:fd:e8:b8:17:5b:
         f5:43:81:82:9f:a4:fb:ac:9e:3f:60:25:d3:04:8f:52:6f:09:
         3e:80:24:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYU6wNe1zR1LRVRelmofr2mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjIyMTY1MzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU2NDdhMWY5ZWZjYjMzZmExNTVlZmJjMTE2NmYxNWM0MjhjYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswRbx55cpZVSEHWvQxexnf7BoRe2
QOYLrY6+65dbcoepxnT+Y04S5bjuRxQnjCGcb5CF2hT3PioI0UJ+uLikj1jG0mR3
7ZZTWq28xUYhrmW7mcbRRQ96hdw+qBght9DHTbN9WlOy7WXEzmNyFEYL5Vz99sg5
9O4x920K9yiaEIl6TrldnyYZKsKlGJJdv7Ks2sg0HBk0WYBRhaEnAv8h5r3wrH7x
65UTnOoCbNdvm21zZwGNLX3ySyFgxYEQ3GAe0jiIHYP5WZSOuYwDWLSmGvBrliV3
q8vEQpoFcpzBZij9k/eB2ET+NR0HO8QwlRY1Xq/1UkVAcE1+v95QEHuEVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCdWR6H578sz+hVe+8EWbxXEKMs6MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSjFaSG9mbnZ5elA2RlY3N3dSWnZGY1FveXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAvIK2AwQA
vIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAIITyX
v3D+OopQSV06VxT+md2HbbBNrO5BmNJLfgaK5lQ7vDUoF6yGfZP+WwXK5peR9+h8
FY2U22k/kWBIdhOWmKi+ps6MB+MSBrMOG2updIJIZnvGd8EQ3ZtdXzaYOqFk7sCj
FL+M62KEoeIMaUan2EpBcXIJsdR5hsz0IsS+Ib/6DOcMlN6n5vFuA2vUK5Bo7Tdd
1OjuosyH3b5DQ8x8/j4SObqTD6SXpTrSkXPYy+O8u0pz3sBLlz1ZqvJ79P/CBAVh
XqmVJYr39rfNwQCuEih+WdAtsrxB1hTZmfR9eqWLzLLK/ei4F1v1Q4GCn6T7rJ4/
YCXTBI9Sbwk+gCTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org