Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa
File:                     JLAkxdbdkMpELresS3XXjpeWUwY.roa (raw, json)
Hash identifier:          D++vYWPP5k8D5UWQPyIZolLJtKr0cV5CYfEveI2BhcA=
Subject key identifier:   24:B0:24:C5:D6:DD:90:CA:44:2E:B7:AC:4B:75:D7:8E:97:96:53:06
Certificate issuer:       /CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Certificate serial:       091FDB82
Authority key identifier: A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa
Signing time:             Sat 01 Jan 2022 09:56:41 +0000
ROA not before:           Sat 01 Jan 2022 09:56:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207063
IP address blocks:        193.177.129.0/24 maxlen: 24
                          193.177.128.0/24 maxlen: 24
                          193.177.128.0/22 maxlen: 24
                          2a0c:dec0:3008::/48 maxlen: 48
                          2a0c:dec0:f100::/48 maxlen: 48
                          2a0c:dec0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153082754 (0x91fdb82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
        Validity
            Not Before: Jan  1 09:56:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24b024c5d6dd90ca442eb7ac4b75d78e97965306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:1a:ce:3a:d3:f7:04:37:0c:40:85:bf:af:04:
                    4a:bf:94:a9:27:06:ea:54:84:09:3b:d9:e1:d7:c8:
                    11:b2:a1:43:94:f3:32:fc:fb:d9:ff:22:a8:a1:b3:
                    f8:f3:25:50:d5:61:ec:b0:54:e8:c4:d5:94:5a:1b:
                    57:2e:fc:61:92:35:b2:61:a8:3d:46:f8:5e:12:2f:
                    59:9f:2b:5b:64:70:c2:5f:29:3e:29:5a:4e:89:89:
                    7c:b8:d8:68:41:03:fd:e5:c8:fe:9f:ae:ec:25:91:
                    1c:e6:f8:82:1e:73:33:df:af:5d:b2:45:98:b9:d9:
                    8c:e0:96:fe:aa:21:fa:08:78:b4:cb:f8:1e:46:71:
                    70:b0:f8:b7:58:44:32:76:af:7f:cc:be:6c:20:fe:
                    20:ec:93:1e:3e:e0:60:6c:1d:a9:fd:f9:a5:b3:49:
                    24:e5:1e:f7:b4:2d:85:fa:14:6f:bb:44:a7:fe:50:
                    cf:d2:a7:be:09:8f:ce:03:5c:71:3d:bc:b7:4c:de:
                    c4:20:d5:f6:8c:e0:1e:d2:fd:7b:3c:1f:38:a9:16:
                    59:05:26:fb:1c:23:e3:ac:76:60:c6:b3:93:15:37:
                    f0:2b:cc:c1:3d:bb:48:0d:80:6a:a3:cd:54:f0:63:
                    74:77:99:d8:5d:17:be:c1:d9:17:84:05:8c:3e:75:
                    ed:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B0:24:C5:D6:DD:90:CA:44:2E:B7:AC:4B:75:D7:8E:97:96:53:06
            X509v3 Authority Key Identifier:
                keyid:A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.177.128.0/22
                IPv6:
                  2a0c:dec0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4c:36:db:27:48:4a:af:0d:87:fe:d5:91:78:eb:5f:a9:31:15:
         11:70:aa:24:e3:da:71:42:ed:20:ba:75:08:6c:3b:e4:7f:73:
         ed:fa:5b:ff:c3:c9:33:ce:59:ad:06:05:07:97:df:a8:0a:cc:
         e2:dd:5a:61:ac:30:80:be:bd:f6:9f:96:5a:5b:26:00:ce:44:
         6c:c0:30:28:bd:fe:a5:60:f2:5e:d0:0a:05:fd:45:bc:e9:0a:
         e7:40:5c:27:99:39:cf:b5:81:5e:40:d9:ba:30:6c:f4:e2:e2:
         b3:76:6b:98:71:cd:ee:fe:f0:ca:bc:9d:a9:bc:34:a8:42:a1:
         98:45:14:86:7a:c9:4d:5f:88:f6:3d:58:c7:f7:fb:7c:35:47:
         b5:f9:24:95:e8:8c:49:6d:b3:a6:d7:1c:33:da:95:c9:73:34:
         d2:62:8b:f9:37:f6:a4:a4:2b:bf:20:c9:f5:cc:6e:e1:10:dc:
         f3:83:69:43:3a:ad:87:59:2f:24:cb:42:c9:03:33:6e:6a:20:
         a7:23:e9:ae:10:6e:b3:a5:1f:ee:a8:c2:63:9d:8b:94:c7:e7:
         f5:80:a5:62:99:10:59:47:ba:d4:04:f3:ed:0f:51:f3:ba:4a:
         95:13:a2:79:ea:b0:8d:3a:61:9b:5f:65:c4:0e:86:ec:52:a2:
         9f:1c:d2:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECR/bgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBmNmZiNmY1YzgwY2E0YTYwMzgyN2M5NmIzYmRmNjBhZDU2M2FhMB4XDTIyMDEw
MTA5NTY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRiMDI0YzVkNmRk
OTBjYTQ0MmViN2FjNGI3NWQ3OGU5Nzk2NTMwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPkazjrT9wQ3DECFv68ESr+UqScG6lSECTvZ4dfIEbKhQ5Tz
Mvz72f8iqKGz+PMlUNVh7LBU6MTVlFobVy78YZI1smGoPUb4XhIvWZ8rW2Rwwl8p
PilaTomJfLjYaEED/eXI/p+u7CWRHOb4gh5zM9+vXbJFmLnZjOCW/qoh+gh4tMv4
HkZxcLD4t1hEMnavf8y+bCD+IOyTHj7gYGwdqf35pbNJJOUe97QthfoUb7tEp/5Q
z9KnvgmPzgNccT28t0zexCDV9ozgHtL9ezwfOKkWWQUm+xwj46x2YMazkxU38CvM
wT27SA2AaqPNVPBjdHeZ2F0XvsHZF4QFjD517Y8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQksCTF1t2QykQut6xLddeOl5ZTBjAfBgNVHSMEGDAWgBSjD2+29cgMpKYD
gnyWs732CtVjqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293OXZ0dlhJREtTbUE0Sjhsck85OWdyVlk2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZDdlNjY4LWYwN2UtNDM4Yi05ZmE4LTgwYWI3NzllZWQxMC8x
L0pMQWt4ZGJka01wRUxyZXNTM1hYanBlV1V3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZDdlNjY4LWYwN2UtNDM4Yi05ZmE4LTgwYWI3NzllZWQxMC8xL293OXZ0dlhJREtT
bUE0Sjhsck85OWdyVlk2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsGxgDANBAIAAjAHAwUDKgzewDAN
BgkqhkiG9w0BAQsFAAOCAQEATDbbJ0hKrw2H/tWReOtfqTEVEXCqJOPacULtILp1
CGw75H9z7fpb/8PJM85ZrQYFB5ffqArM4t1aYawwgL699p+WWlsmAM5EbMAwKL3+
pWDyXtAKBf1FvOkK50BcJ5k5z7WBXkDZujBs9OLis3ZrmHHN7v7wyrydqbw0qEKh
mEUUhnrJTV+I9j1Yx/f7fDVHtfkkleiMSW2zptccM9qVyXM00mKL+Tf2pKQrvyDJ
9cxu4RDc84NpQzqth1kvJMtCyQMzbmogpyPprhBus6Uf7qjCY52LlMfn9YClYpkQ
WUe61ATz7Q9R87pKlROieeqwjTphm19lxA6G7FKinxzSHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:40 2024 by rpki-client on console-fra.rpki-client.org