Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/jLlnV1oR2g1BG5aYGF_BjxXVekk.roa
File:                     jLlnV1oR2g1BG5aYGF_BjxXVekk.roa (raw, json)
Hash identifier:          EOE7kMKVkWFkNoVrrlb5fWg1f+0fF6hRYZ2KzmXBAZ8=
Subject key identifier:   8C:B9:67:57:5A:11:DA:0D:41:1B:96:98:18:5F:C1:8F:15:D5:7A:49
Certificate issuer:       /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial:       04526671
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/jLlnV1oR2g1BG5aYGF_BjxXVekk.roa
Signing time:             Thu 06 Jan 2022 13:43:59 +0000
ROA not before:           Thu 06 Jan 2022 13:43:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210016
IP address blocks:        131.117.232.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72509041 (0x4526671)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
        Validity
            Not Before: Jan  6 13:43:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8cb967575a11da0d411b9698185fc18f15d57a49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b5:8f:d2:0b:2f:23:c0:c4:d2:6f:2c:80:3a:
                    17:f9:9f:c6:ed:f5:86:2a:45:c3:6a:06:f7:fd:ae:
                    29:8d:51:da:3b:f9:e8:2d:aa:e9:bf:83:99:63:36:
                    14:e8:93:67:f9:db:2a:b7:94:64:e0:77:a4:c7:94:
                    fa:aa:cc:eb:03:90:5a:0a:63:67:49:4f:bf:a8:b7:
                    de:76:48:7d:0a:48:f6:3a:d1:57:d4:36:e4:11:79:
                    39:5e:b6:30:64:50:13:39:7f:8c:19:3a:13:fd:08:
                    a4:9a:72:7b:ee:8e:45:a6:de:06:e5:00:01:aa:ae:
                    83:0b:fa:ad:8b:55:b1:b4:2c:de:f1:7c:44:72:9c:
                    89:b2:0a:4f:83:67:e0:36:a5:ae:83:1f:40:fe:6e:
                    46:14:d2:dc:84:94:f5:98:db:ea:c3:e5:45:32:bc:
                    91:8a:8c:95:56:51:11:49:2e:cf:b3:47:43:d0:92:
                    c5:61:26:b3:f7:18:f7:c5:76:5b:48:6e:13:4b:b6:
                    a2:60:2b:cb:dc:ad:28:d3:e4:61:75:ae:19:6f:f6:
                    d7:85:6d:96:3d:dc:c0:98:f1:83:b9:c4:43:0c:ed:
                    57:cd:cc:af:ee:20:d2:c2:a5:29:fa:82:29:28:d2:
                    9f:32:7f:c7:a0:07:f9:07:49:29:25:f9:64:df:1e:
                    7e:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:B9:67:57:5A:11:DA:0D:41:1B:96:98:18:5F:C1:8F:15:D5:7A:49
            X509v3 Authority Key Identifier:
                keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/jLlnV1oR2g1BG5aYGF_BjxXVekk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.117.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:41:6f:13:cc:36:ab:07:16:c0:a2:0d:e5:65:b4:ea:16:39:
         43:40:c4:d6:b1:6d:9e:d7:d7:8a:44:b4:57:ad:9e:2d:29:17:
         ea:ad:73:f3:b0:a2:2f:e4:16:98:0b:d3:f4:c2:48:ad:d5:56:
         0c:87:7d:78:21:e5:8e:09:60:09:42:92:f7:d3:66:c1:09:c1:
         f7:3d:f7:fd:d1:9d:f2:5a:9a:12:da:92:d3:1e:f1:0f:10:df:
         f9:5b:3d:36:64:1c:0e:1c:03:7c:f6:bb:be:e8:00:af:71:a0:
         ac:96:13:9d:e4:fa:b2:5e:13:df:d4:1a:64:7c:44:c1:bb:34:
         31:ff:ea:7b:b0:45:08:3d:62:de:9a:f6:b2:7c:70:10:68:f6:
         f8:f7:b0:05:fc:46:29:d8:68:71:ca:d8:8e:f4:50:b6:cb:a2:
         ab:f0:27:86:78:18:e2:7d:d7:6b:4f:57:73:be:1d:c8:bc:57:
         d3:d7:ae:71:ab:cd:a9:88:a5:2f:d1:3e:07:b3:0b:90:b1:9f:
         2c:f1:7d:f2:e4:27:fe:25:33:04:47:67:a4:33:13:50:44:d9:
         be:14:65:ce:03:38:cf:41:0e:26:11:82:ed:6c:96:94:b6:32:
         22:0b:bb:5c:55:61:13:1d:56:ac:ec:f0:84:22:b4:18:fd:16:
         d8:88:2f:3f
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBFJmcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OThhMDJkMjBjNmI3ZGUzNTcxMjVmMzhiMTczNWNhMWI5MWY4N2IzMB4XDTIyMDEw
NjEzNDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNiOTY3NTc1YTEx
ZGEwZDQxMWI5Njk4MTg1ZmMxOGYxNWQ1N2E0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKK1j9ILLyPAxNJvLIA6F/mfxu31hipFw2oG9/2uKY1R2jv5
6C2q6b+DmWM2FOiTZ/nbKreUZOB3pMeU+qrM6wOQWgpjZ0lPv6i33nZIfQpI9jrR
V9Q25BF5OV62MGRQEzl/jBk6E/0IpJpye+6ORabeBuUAAaqugwv6rYtVsbQs3vF8
RHKcibIKT4Nn4DalroMfQP5uRhTS3ISU9Zjb6sPlRTK8kYqMlVZREUkuz7NHQ9CS
xWEms/cY98V2W0huE0u2omAry9ytKNPkYXWuGW/214Vtlj3cwJjxg7nEQwztV83M
r+4g0sKlKfqCKSjSnzJ/x6AH+QdJKSX5ZN8eftECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSMuWdXWhHaDUEblpgYX8GPFdV6STAfBgNVHSMEGDAWgBT5igLSDGt941cS
Xzixc1yhuR+HszAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzdiL2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2Qv
MS9qTGxuVjFvUjJnMUJHNWFZR0ZfQmp4WFZla2sucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdi
L2E5MjA2ZS1jMWUxLTRjMTUtOTUzMy1hY2UzZDY3NWQzY2QvMS8xLVlvQzBneHJm
ZU5YRWw4NHNYTmNvYmtmaDdNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg3XoMA0GCSqGSIb3DQEBCwUA
A4IBAQCAQW8TzDarBxbAog3lZbTqFjlDQMTWsW2e19eKRLRXrZ4tKRfqrXPzsKIv
5BaYC9P0wkit1VYMh314IeWOCWAJQpL302bBCcH3Pff90Z3yWpoS2pLTHvEPEN/5
Wz02ZBwOHAN89ru+6ACvcaCslhOd5PqyXhPf1BpkfETBuzQx/+p7sEUIPWLemvay
fHAQaPb497AF/EYp2GhxytiO9FC2y6Kr8CeGeBjifddrT1dzvh3IvFfT165xq82p
iKUv0T4HswuQsZ8s8X3y5Cf+JTMER2ekMxNQRNm+FGXOAzjPQQ4mEYLtbJaUtjIi
C7tcVWETHVas7PCEIrQY/RbYiC8/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:32 2024 by rpki-client on console-ams.rpki-client.org