Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/edaf69-bc5d-494e-9d87-7c740ef8aa95/1/jrDrGQ0nwvsEEEF_KMEnj7D2hiM.roa
File:                     jrDrGQ0nwvsEEEF_KMEnj7D2hiM.roa (raw, json)
Hash identifier:          Qs8Um64AxufZnRVraQiKujtMJOexhBuAJ3hKwsgVV0s=
Subject key identifier:   8E:B0:EB:19:0D:27:C2:FB:04:10:41:7F:28:C1:27:8F:B0:F6:86:23
Certificate issuer:       /CN=74309aa0148cc90fced9943eb1a81946e9adae5e
Certificate serial:       01825EA00B3381DE0C78B7B3183229303D2F
Authority key identifier: 74:30:9A:A0:14:8C:C9:0F:CE:D9:94:3E:B1:A8:19:46:E9:AD:AE:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dDCaoBSMyQ_O2ZQ-sagZRumtrl4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/edaf69-bc5d-494e-9d87-7c740ef8aa95/1/jrDrGQ0nwvsEEEF_KMEnj7D2hiM.roa
Signing time:             Tue 02 Aug 2022 12:55:23 +0000
ROA not before:           Tue 02 Aug 2022 12:55:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34636
IP address blocks:        185.238.140.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:5e:a0:0b:33:81:de:0c:78:b7:b3:18:32:29:30:3d:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74309aa0148cc90fced9943eb1a81946e9adae5e
        Validity
            Not Before: Aug  2 12:55:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8eb0eb190d27c2fb0410417f28c1278fb0f68623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:27:1f:32:85:22:e6:bc:46:12:1f:e1:b2:92:
                    03:7c:5b:b4:6f:39:f0:c2:09:bc:c5:2e:16:32:3d:
                    6e:20:a9:16:05:74:4a:28:8d:a3:e3:fc:43:7c:cf:
                    2c:b1:2f:45:49:5a:d0:0c:98:e0:fb:a6:ae:e2:59:
                    85:70:22:de:32:4d:74:12:ee:03:b5:85:fa:4c:6a:
                    2d:4a:49:ba:0c:58:0f:a6:ba:f6:1c:b9:f9:5f:65:
                    e1:99:55:ec:84:8e:6c:8e:a4:c4:9e:38:88:01:a9:
                    44:17:c3:d1:24:35:40:c1:c0:52:e1:db:b0:0c:9d:
                    b7:1f:b3:ca:e4:e8:05:43:2b:20:55:a1:06:fe:45:
                    c4:70:1e:05:e1:c5:67:24:88:97:97:f8:89:bc:00:
                    fb:30:fe:52:4d:0e:8a:22:26:41:c2:d4:7e:53:b2:
                    ce:cb:b9:4b:4c:bc:96:b6:e4:23:f0:90:4a:d7:82:
                    38:4d:73:58:b2:5a:66:44:ee:3c:1b:f3:87:aa:78:
                    46:00:14:ab:79:71:23:1e:80:e2:e0:68:2b:3f:2e:
                    d5:bd:e8:5c:8f:4a:d7:f8:75:df:c0:66:df:a8:0b:
                    fa:a1:f1:02:8e:60:1a:6c:47:bc:11:d9:62:9a:c4:
                    04:cf:35:d5:d8:5b:78:86:75:b9:03:34:06:d8:5c:
                    2a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B0:EB:19:0D:27:C2:FB:04:10:41:7F:28:C1:27:8F:B0:F6:86:23
            X509v3 Authority Key Identifier:
                keyid:74:30:9A:A0:14:8C:C9:0F:CE:D9:94:3E:B1:A8:19:46:E9:AD:AE:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dDCaoBSMyQ_O2ZQ-sagZRumtrl4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/edaf69-bc5d-494e-9d87-7c740ef8aa95/1/jrDrGQ0nwvsEEEF_KMEnj7D2hiM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/edaf69-bc5d-494e-9d87-7c740ef8aa95/1/dDCaoBSMyQ_O2ZQ-sagZRumtrl4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:28:9e:b6:e1:a5:fb:cf:96:58:a4:d4:0a:97:ee:53:af:42:
         71:9f:a0:6a:ea:b4:c8:61:f9:d6:c8:f9:7c:90:6b:5d:e8:1d:
         ef:77:8c:ac:f5:ec:fc:8d:c8:1a:42:2e:cf:74:08:20:d3:f0:
         ad:ab:27:8b:f7:77:45:99:b4:98:89:7f:b3:ac:3e:e9:95:bc:
         01:32:0a:9c:10:08:4e:36:19:fa:84:11:02:c7:55:21:00:10:
         f2:fd:b0:a0:3c:aa:ea:1a:3f:cc:79:b3:1d:b5:57:2e:b7:60:
         e3:15:f3:bc:54:e5:46:9e:34:13:42:bd:0d:fb:f3:d6:00:31:
         fd:bd:33:16:50:66:3b:d9:0a:68:75:e2:7c:14:03:f6:43:55:
         23:eb:1c:c6:39:e2:c8:f2:2b:b1:e1:c9:c4:2b:a8:5b:02:eb:
         94:2a:49:a4:fb:72:08:1d:6d:71:33:5f:53:30:7a:48:27:52:
         7e:e4:75:3b:7a:df:09:6e:a0:1c:41:42:4c:72:9a:31:c0:8f:
         0d:49:7c:79:a7:6f:6d:1e:20:51:f5:66:78:1c:4e:c4:b5:3d:
         c8:e9:4e:38:e8:3d:df:88:87:d3:f6:85:8e:fc:c4:92:8c:b1:
         7e:03:cd:fa:34:7f:67:a8:62:00:5e:d9:97:47:f3:c4:cf:94:
         fe:56:5b:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJeoAszgd4MeLezGDIpMD0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MzA5YWEwMTQ4Y2M5MGZjZWQ5OTQzZWIxYTgxOTQ2ZTlh
ZGFlNWUwHhcNMjIwODAyMTI1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIwZWIxOTBkMjdjMmZiMDQxMDQxN2YyOGMxMjc4ZmIwZjY4NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiycfMoUi5rxGEh/hspIDfFu0bznw
wgm8xS4WMj1uIKkWBXRKKI2j4/xDfM8ssS9FSVrQDJjg+6au4lmFcCLeMk10Eu4D
tYX6TGotSkm6DFgPprr2HLn5X2XhmVXshI5sjqTEnjiIAalEF8PRJDVAwcBS4duw
DJ23H7PK5OgFQysgVaEG/kXEcB4F4cVnJIiXl/iJvAD7MP5STQ6KIiZBwtR+U7LO
y7lLTLyWtuQj8JBK14I4TXNYslpmRO48G/OHqnhGABSreXEjHoDi4GgrPy7Vvehc
j0rX+HXfwGbfqAv6ofECjmAabEe8EdlimsQEzzXV2Ft4hnW5AzQG2FwqwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6w6xkNJ8L7BBBBfyjBJ4+w9oYjMB8GA1UdIwQY
MBaAFHQwmqAUjMkPztmUPrGoGUbpra5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZERDYW9CU015UV9PMlpRLXNhZ1pSdW10cmw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lZGFmNjktYmM1ZC00OTRlLTlkODct
N2M3NDBlZjhhYTk1LzEvanJEckdRMG53dnNFRUVGX0tNRW5qN0QyaGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lZGFmNjktYmM1ZC00OTRlLTlkODctN2M3NDBlZjhhYTk1
LzEvZERDYW9CU015UV9PMlpRLXNhZ1pSdW10cmw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6MMA0G
CSqGSIb3DQEBCwUAA4IBAQCPKJ624aX7z5ZYpNQKl+5Tr0Jxn6Bq6rTIYfnWyPl8
kGtd6B3vd4ys9ez8jcgaQi7PdAgg0/CtqyeL93dFmbSYiX+zrD7plbwBMgqcEAhO
Nhn6hBECx1UhABDy/bCgPKrqGj/MebMdtVcut2DjFfO8VOVGnjQTQr0N+/PWADH9
vTMWUGY72QpodeJ8FAP2Q1Uj6xzGOeLI8iux4cnEK6hbAuuUKkmk+3IIHW1xM19T
MHpIJ1J+5HU7et8JbqAcQUJMcpoxwI8NSXx5p29tHiBR9WZ4HE7EtT3I6U446D3f
iIfT9oWO/MSSjLF+A836NH9nqGIAXtmXR/PEz5T+Vltj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:58 2024 by rpki-client on console-ams.rpki-client.org