Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/j0JurmbYRLAVbzOpC7pYM5cFnXc.roa
File:                     j0JurmbYRLAVbzOpC7pYM5cFnXc.roa (raw, json)
Hash identifier:          I6lmf4RLwZiUrq0UB+//DEDTYxXw9PSzUGqIwPr8MxQ=
Subject key identifier:   8F:42:6E:AE:66:D8:44:B0:15:6F:33:A9:0B:BA:58:33:97:05:9D:77
Certificate issuer:       /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial:       0453E174
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/j0JurmbYRLAVbzOpC7pYM5cFnXc.roa
Signing time:             Thu 06 Jan 2022 13:44:00 +0000
ROA not before:           Thu 06 Jan 2022 13:44:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211970
IP address blocks:        131.117.230.0/24 maxlen: 24
                          131.117.231.0/24 maxlen: 24
                          131.117.233.0/24 maxlen: 24
                          185.21.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72606068 (0x453e174)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
        Validity
            Not Before: Jan  6 13:44:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f426eae66d844b0156f33a90bba583397059d77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:7b:f2:f4:7a:e8:87:f0:0e:14:3b:e6:5a:
                    5a:d6:fa:9f:d9:47:74:66:52:ee:6b:f1:9b:eb:8c:
                    27:82:26:8c:ee:86:72:e0:fa:bf:25:26:e1:06:f9:
                    87:a3:93:6a:37:ee:55:68:bf:dd:88:3e:5d:9b:15:
                    12:31:7b:63:54:b9:c9:cd:80:1a:4e:64:f2:d3:18:
                    8b:70:e1:ca:ed:d8:82:3b:20:34:fb:30:87:e4:ca:
                    ad:30:aa:46:27:2a:cd:be:38:b7:9b:24:5b:18:e6:
                    50:cd:fe:1c:f1:36:87:3e:5f:ea:20:70:42:be:da:
                    e6:a3:87:41:0f:c7:12:dd:c4:a3:4f:e4:f4:cb:6d:
                    54:dc:8d:d0:08:a9:45:f1:eb:e5:07:cb:ba:5d:68:
                    78:a5:7d:a8:1e:0c:b4:6e:41:e9:60:8f:2e:f6:6f:
                    c3:6f:f8:4d:be:b4:80:a5:b3:b7:f4:0a:e9:8f:ed:
                    ff:0c:85:21:3c:ea:1c:37:9e:1f:a1:9d:2d:6b:0b:
                    38:01:19:32:e0:26:21:ec:03:82:57:28:c4:52:ff:
                    a5:01:a7:ac:61:67:68:d2:72:12:66:3a:95:23:b4:
                    e4:38:92:30:98:f2:01:e0:34:c3:26:c1:de:35:48:
                    28:58:12:3c:1b:bc:31:49:2b:66:1d:73:c9:6d:f6:
                    b8:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:42:6E:AE:66:D8:44:B0:15:6F:33:A9:0B:BA:58:33:97:05:9D:77
            X509v3 Authority Key Identifier:
                keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/j0JurmbYRLAVbzOpC7pYM5cFnXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.117.230.0/23
                  131.117.233.0/24
                  185.21.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:6e:96:65:08:26:19:91:53:f5:57:7e:c1:86:39:e4:d2:82:
         ce:56:cf:bd:bc:a1:79:ba:a4:99:dd:89:22:ee:98:be:bd:fc:
         1c:a9:1a:db:54:5a:2b:75:09:69:f8:13:f1:7b:f4:50:be:6d:
         44:fc:f5:0f:3b:82:e7:65:9d:ff:e2:d5:a2:f3:0f:75:d1:4e:
         6d:f6:79:25:71:b7:ae:7e:7f:03:77:55:17:1f:5c:c4:bd:c7:
         9a:21:42:63:ec:46:27:0b:33:ee:a0:c8:e3:94:6d:ee:c5:6d:
         98:1b:72:72:91:80:39:1b:41:f9:a3:48:d6:a5:40:07:fc:63:
         54:33:47:a6:c5:96:e9:42:71:7b:5d:31:94:fd:d1:05:b1:2c:
         6f:a5:99:fa:f3:10:63:33:44:73:6f:da:cf:f8:95:6a:60:90:
         10:59:58:4c:67:10:b1:59:52:56:04:79:6e:39:d3:17:af:84:
         ca:14:a7:95:a6:4e:f1:2c:d6:ec:a6:66:59:e3:8b:7e:eb:f0:
         55:27:03:99:b4:25:4e:f5:87:25:02:e1:66:4b:74:31:df:e7:
         ca:89:b5:59:46:86:f3:dd:f4:7b:a3:0b:6b:f2:99:bf:84:75:
         36:9d:b9:29:d6:71:ab:80:5b:23:e4:c6:f8:04:40:37:a6:3e:
         8f:81:3e:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBFPhdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OThhMDJkMjBjNmI3ZGUzNTcxMjVmMzhiMTczNWNhMWI5MWY4N2IzMB4XDTIyMDEw
NjEzNDQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY0MjZlYWU2NmQ4
NDRiMDE1NmYzM2E5MGJiYTU4MzM5NzA1OWQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYLe/L0euiH8A4UO+ZaWtb6n9lHdGZS7mvxm+uMJ4ImjO6G
cuD6vyUm4Qb5h6OTajfuVWi/3Yg+XZsVEjF7Y1S5yc2AGk5k8tMYi3Dhyu3Ygjsg
NPswh+TKrTCqRicqzb44t5skWxjmUM3+HPE2hz5f6iBwQr7a5qOHQQ/HEt3Eo0/k
9MttVNyN0AipRfHr5QfLul1oeKV9qB4MtG5B6WCPLvZvw2/4Tb60gKWzt/QK6Y/t
/wyFITzqHDeeH6GdLWsLOAEZMuAmIewDglcoxFL/pQGnrGFnaNJyEmY6lSO05DiS
MJjyAeA0wybB3jVIKFgSPBu8MUkrZh1zyW32uA8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSPQm6uZthEsBVvM6kLulgzlwWddzAfBgNVHSMEGDAWgBT5igLSDGt941cS
Xzixc1yhuR+HszAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzdiL2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2Qv
MS9qMEp1cm1iWVJMQVZiek9wQzdwWU01Y0ZuWGMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdi
L2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2QvMS8xLVlvQzBneHJm
ZU5YRWw4NHNYTmNvYmtmaDdNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBg3XmAwQAg3XpAwQAuRWIMA0G
CSqGSIb3DQEBCwUAA4IBAQDMbpZlCCYZkVP1V37Bhjnk0oLOVs+9vKF5uqSZ3Yki
7pi+vfwcqRrbVFordQlp+BPxe/RQvm1E/PUPO4LnZZ3/4tWi8w910U5t9nklcbeu
fn8Dd1UXH1zEvceaIUJj7EYnCzPuoMjjlG3uxW2YG3JykYA5G0H5o0jWpUAH/GNU
M0emxZbpQnF7XTGU/dEFsSxvpZn68xBjM0Rzb9rP+JVqYJAQWVhMZxCxWVJWBHlu
OdMXr4TKFKeVpk7xLNbspmZZ44t+6/BVJwOZtCVO9YclAuFmS3Qx3+fKibVZRobz
3fR7owtr8pm/hHU2nbkp1nGrgFsj5Mb4BEA3pj6PgT54
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org