Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/649a98-339a-4f4b-8750-6e9d3b732b08/1/JPRwQm1OCpGK6zVFkIyELmcx6t8.roa
File:                     JPRwQm1OCpGK6zVFkIyELmcx6t8.roa (raw, json)
Hash identifier:          bUbmyauQ7oQgAvZyGaK9S1nLCRKr0Y8uW7No12phCns=
Subject key identifier:   24:F4:70:42:6D:4E:0A:91:8A:EB:35:45:90:8C:84:2E:67:31:EA:DF
Certificate issuer:       /CN=b56cb179b3db5c6b36cd3308340801fedb2b7d19
Certificate serial:       0F8A52EC
Authority key identifier: B5:6C:B1:79:B3:DB:5C:6B:36:CD:33:08:34:08:01:FE:DB:2B:7D:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWyxebPbXGs2zTMINAgB_tsrfRk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/649a98-339a-4f4b-8750-6e9d3b732b08/1/JPRwQm1OCpGK6zVFkIyELmcx6t8.roa
Signing time:             Sat 01 Jan 2022 03:54:20 +0000
ROA not before:           Sat 01 Jan 2022 03:54:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     553
IP address blocks:        141.47.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 260723436 (0xf8a52ec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56cb179b3db5c6b36cd3308340801fedb2b7d19
        Validity
            Not Before: Jan  1 03:54:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24f470426d4e0a918aeb3545908c842e6731eadf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e7:e8:d3:55:29:79:ae:fe:cb:4a:46:96:24:
                    60:a4:07:c3:a0:e8:26:fa:56:81:ed:93:6a:17:10:
                    cf:78:c7:96:5f:9c:ea:2e:e0:a5:a1:53:c0:69:0d:
                    78:8a:a1:15:85:9d:11:f5:46:dc:15:f6:c5:35:e2:
                    32:ac:ed:c3:b5:01:4a:d5:52:a1:eb:9d:3e:99:cd:
                    f8:c4:d6:6c:2e:6e:25:33:09:04:6d:e5:ca:bc:c9:
                    1b:65:57:ba:13:2e:4f:83:ec:6d:9f:0e:3b:96:ea:
                    f3:03:ad:f4:2d:69:d0:14:62:2c:9a:c8:21:b6:30:
                    a9:e2:72:9a:86:97:54:29:c7:5c:63:8e:e3:9a:44:
                    3c:7a:e8:43:0e:5d:81:47:20:a9:49:55:38:c6:73:
                    d3:3e:9a:71:2f:9e:88:6d:2c:3c:1d:e2:ca:b2:66:
                    e8:eb:ec:31:fb:49:08:e8:cd:33:e7:e2:05:94:0a:
                    89:5f:d4:12:80:f9:a4:cf:e4:43:f3:8b:b2:c1:79:
                    5a:99:59:2b:4e:25:24:78:39:64:0a:9f:a7:91:9e:
                    fa:00:9d:81:62:84:e2:f3:07:ea:26:c9:d3:df:9d:
                    15:7e:11:09:c6:c7:52:17:4b:25:29:4f:04:25:02:
                    a5:32:2a:08:4d:b1:e2:87:d7:e5:db:78:ae:a4:f1:
                    cd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:F4:70:42:6D:4E:0A:91:8A:EB:35:45:90:8C:84:2E:67:31:EA:DF
            X509v3 Authority Key Identifier:
                keyid:B5:6C:B1:79:B3:DB:5C:6B:36:CD:33:08:34:08:01:FE:DB:2B:7D:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWyxebPbXGs2zTMINAgB_tsrfRk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/649a98-339a-4f4b-8750-6e9d3b732b08/1/JPRwQm1OCpGK6zVFkIyELmcx6t8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/649a98-339a-4f4b-8750-6e9d3b732b08/1/tWyxebPbXGs2zTMINAgB_tsrfRk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.47.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         51:a1:9d:c7:70:a3:7e:87:91:9d:d3:5d:ec:cf:ef:1b:87:e0:
         22:d4:2f:6a:cb:71:60:0f:c2:bc:15:6b:8f:d6:70:78:f2:5c:
         6f:f7:d4:81:6d:4d:5b:6e:9d:a6:46:2a:37:e9:e1:9a:26:d9:
         62:9f:0e:5d:2a:0b:52:c3:1e:b8:1b:0d:5e:a6:71:9c:f6:71:
         ca:8d:85:39:15:25:0b:67:c4:2d:c2:cf:36:8a:30:07:b0:1a:
         95:28:ae:71:53:7c:e5:d0:f2:de:c3:25:30:bb:47:35:b9:0b:
         8d:96:51:46:63:52:c2:52:c8:0e:50:34:52:ac:aa:9f:ac:2d:
         c6:f3:7e:b0:3f:ed:c9:35:21:c0:e6:b7:88:dc:fa:4c:f9:6a:
         f2:c0:40:0c:fe:49:ca:9d:b2:bd:88:34:b0:c8:77:5f:19:47:
         2a:0e:ef:f0:b7:46:25:4e:42:cf:a4:2e:48:dd:ed:72:26:90:
         a7:fe:f1:86:61:34:25:79:4f:17:f1:e7:45:26:55:c3:43:9a:
         fc:5c:08:20:89:b1:2a:19:11:bf:a5:2d:99:33:d4:63:64:61:
         e4:de:96:69:7d:39:5c:2f:b2:88:ac:08:bf:3f:33:f9:c7:e9:
         26:d3:d6:cd:7b:fa:46:8c:da:86:6b:53:ae:5e:b8:71:a2:63:
         6e:f7:1e:64
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIED4pS7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTZjYjE3OWIzZGI1YzZiMzZjZDMzMDgzNDA4MDFmZWRiMmI3ZDE5MB4XDTIyMDEw
MTAzNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRmNDcwNDI2ZDRl
MGE5MThhZWIzNTQ1OTA4Yzg0MmU2NzMxZWFkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHn6NNVKXmu/stKRpYkYKQHw6DoJvpWge2TahcQz3jHll+c
6i7gpaFTwGkNeIqhFYWdEfVG3BX2xTXiMqztw7UBStVSoeudPpnN+MTWbC5uJTMJ
BG3lyrzJG2VXuhMuT4PsbZ8OO5bq8wOt9C1p0BRiLJrIIbYwqeJymoaXVCnHXGOO
45pEPHroQw5dgUcgqUlVOMZz0z6acS+eiG0sPB3iyrJm6OvsMftJCOjNM+fiBZQK
iV/UEoD5pM/kQ/OLssF5WplZK04lJHg5ZAqfp5Ge+gCdgWKE4vMH6ibJ09+dFX4R
CcbHUhdLJSlPBCUCpTIqCE2x4ofX5dt4rqTxzakCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQk9HBCbU4KkYrrNUWQjIQuZzHq3zAfBgNVHSMEGDAWgBS1bLF5s9tcazbN
Mwg0CAH+2yt9GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RXeXhlYlBiWEdzMnpUTUlOQWdCX3RzcmZSay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNjQ5YTk4LTMzOWEtNGY0Yi04NzUwLTZlOWQzYjczMmIwOC8x
L0pQUndRbTFPQ3BHSzZ6VkZrSXlFTG1jeDZ0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NjQ5YTk4LTMzOWEtNGY0Yi04NzUwLTZlOWQzYjczMmIwOC8xL3RXeXhlYlBiWEdz
MnpUTUlOQWdCX3RzcmZSay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAI0vMA0GCSqGSIb3DQEBCwUAA4IB
AQBRoZ3HcKN+h5Gd013sz+8bh+Ai1C9qy3FgD8K8FWuP1nB48lxv99SBbU1bbp2m
Rio36eGaJtlinw5dKgtSwx64Gw1epnGc9nHKjYU5FSULZ8Qtws82ijAHsBqVKK5x
U3zl0PLewyUwu0c1uQuNllFGY1LCUsgOUDRSrKqfrC3G836wP+3JNSHA5reI3PpM
+WrywEAM/knKnbK9iDSwyHdfGUcqDu/wt0YlTkLPpC5I3e1yJpCn/vGGYTQleU8X
8edFJlXDQ5r8XAggibEqGRG/pS2ZM9RjZGHk3pZpfTlcL7KIrAi/PzP5x+km09bN
e/pGjNqGa1OuXrhxomNu9x5k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-fra.rpki-client.org