Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/JmFlvj5cQjDdMO1R49Ye1QsKcxo.roa
File:                     JmFlvj5cQjDdMO1R49Ye1QsKcxo.roa (raw, json)
Hash identifier:          Fn8zDKBBaQ9igROokGW0Q9zQ4xlLihSSsi8y8tHUZSk=
Subject key identifier:   26:61:65:BE:3E:5C:42:30:DD:30:ED:51:E3:D6:1E:D5:0B:0A:73:1A
Certificate issuer:       /CN=787054b167aa98841cdc2c4ba2b86139ab988e7d
Certificate serial:       0183F0A3D5738F225297EE78E2BF2DCBBEDB
Authority key identifier: 78:70:54:B1:67:AA:98:84:1C:DC:2C:4B:A2:B8:61:39:AB:98:8E:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eHBUsWeqmIQc3CxLorhhOauYjn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/JmFlvj5cQjDdMO1R49Ye1QsKcxo.roa
Signing time:             Wed 19 Oct 2022 14:26:52 +0000
ROA not before:           Wed 19 Oct 2022 14:26:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30742
IP address blocks:        2.59.32.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f0:a3:d5:73:8f:22:52:97:ee:78:e2:bf:2d:cb:be:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787054b167aa98841cdc2c4ba2b86139ab988e7d
        Validity
            Not Before: Oct 19 14:26:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=266165be3e5c4230dd30ed51e3d61ed50b0a731a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:18:17:e7:16:c7:1d:0f:4d:24:3f:25:c5:e6:
                    db:a0:17:ad:b6:32:ef:40:8c:37:c8:da:f6:c2:4c:
                    e3:5f:32:4d:16:e0:51:89:ab:ae:e0:97:2e:c5:cb:
                    23:0a:aa:79:e8:a8:59:ee:92:7e:bb:22:b9:ae:aa:
                    69:f9:21:e6:73:3b:ba:4e:70:b8:58:30:6b:35:e2:
                    ce:0c:5e:2a:09:7d:d0:2a:dd:1e:ce:25:5d:d4:47:
                    02:c1:0f:28:64:8b:1b:0b:43:ec:eb:06:e4:b4:7a:
                    b0:f1:e1:7a:bd:19:71:ed:4c:c7:ee:2e:73:dd:4b:
                    a9:c9:f8:c0:6d:ef:e5:3d:c3:6c:71:d8:c0:7e:f1:
                    ec:6c:26:4b:64:d1:6b:0b:f8:43:66:f8:89:07:c9:
                    4b:7e:1c:71:ed:57:99:b2:8c:5a:b3:a7:15:5b:20:
                    15:a9:3f:b5:42:01:e0:38:c7:ad:d0:7a:5d:e9:7e:
                    dd:b7:12:2e:d0:7c:aa:a4:9f:ea:01:8b:b0:31:f8:
                    fd:69:39:b5:69:d1:ab:e7:67:73:3c:b7:6f:01:f9:
                    d1:7e:16:a6:e4:f9:ea:a2:ea:3b:0b:fd:02:4c:44:
                    36:e7:c8:40:a1:6e:56:2a:59:0b:c8:b1:b2:c5:38:
                    96:b6:e6:58:44:e9:13:87:6d:d5:4a:a3:9f:ad:63:
                    07:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:61:65:BE:3E:5C:42:30:DD:30:ED:51:E3:D6:1E:D5:0B:0A:73:1A
            X509v3 Authority Key Identifier:
                keyid:78:70:54:B1:67:AA:98:84:1C:DC:2C:4B:A2:B8:61:39:AB:98:8E:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHBUsWeqmIQc3CxLorhhOauYjn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/JmFlvj5cQjDdMO1R49Ye1QsKcxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/ffa703-b462-4022-9e1e-6d704cda0eb9/1/eHBUsWeqmIQc3CxLorhhOauYjn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:2e:3a:f3:42:60:46:ee:c2:7e:72:05:5b:da:64:44:25:5f:
         05:b3:a5:b7:fa:52:12:56:0f:6c:3a:a9:b4:90:85:3f:06:6e:
         ae:52:ec:6e:4f:c6:99:11:66:d5:4b:3b:8c:4e:c8:f7:3e:d6:
         be:fa:f5:83:97:14:b0:8b:92:c6:a7:c7:87:eb:3a:20:c6:65:
         f6:a5:63:6d:d3:91:45:1b:14:56:8b:b7:c1:98:64:19:60:53:
         3d:c1:2a:5c:32:08:d8:91:a8:4b:87:c7:5e:5d:c6:2e:61:4c:
         4b:9e:ff:61:fe:31:82:a6:d6:8f:5c:9a:81:01:9f:00:cf:c4:
         74:58:06:4b:73:b6:68:60:1c:5c:ae:54:e6:39:30:4b:dc:f0:
         0e:33:95:1f:f1:60:fd:03:0d:01:8d:50:f2:76:5f:18:77:4e:
         06:de:b5:57:ec:cd:7b:f2:12:06:52:9d:1b:8d:c0:71:59:ca:
         2a:f3:fd:dd:da:76:65:48:22:28:b9:a8:e7:89:5c:a2:2a:bc:
         83:6a:23:34:77:73:7e:9a:83:47:1d:47:6f:9e:6a:a2:7f:d8:
         c2:91:4b:f9:5b:5a:78:5b:26:fe:d4:51:16:77:30:16:a7:cd:
         3c:bc:c0:72:2a:42:97:96:46:a5:4a:e0:75:9e:18:1f:ea:37:
         d9:a3:fd:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwo9VzjyJSl+544r8ty77bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzA1NGIxNjdhYTk4ODQxY2RjMmM0YmEyYjg2MTM5YWI5
ODhlN2QwHhcNMjIxMDE5MTQyNjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjYxNjViZTNlNWM0MjMwZGQzMGVkNTFlM2Q2MWVkNTBiMGE3MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RgX5xbHHQ9NJD8lxebboBettjLv
QIw3yNr2wkzjXzJNFuBRiauu4JcuxcsjCqp56KhZ7pJ+uyK5rqpp+SHmczu6TnC4
WDBrNeLODF4qCX3QKt0eziVd1EcCwQ8oZIsbC0Ps6wbktHqw8eF6vRlx7UzH7i5z
3UupyfjAbe/lPcNscdjAfvHsbCZLZNFrC/hDZviJB8lLfhxx7VeZsoxas6cVWyAV
qT+1QgHgOMet0Hpd6X7dtxIu0HyqpJ/qAYuwMfj9aTm1adGr52dzPLdvAfnRfham
5Pnqouo7C/0CTEQ258hAoW5WKlkLyLGyxTiWtuZYROkTh23VSqOfrWMHtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZhZb4+XEIw3TDtUePWHtULCnMaMB8GA1UdIwQY
MBaAFHhwVLFnqpiEHNwsS6K4YTmrmI59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhCVXNXZXFtSVFjM0N4TG9yaGhPYXVZam4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mZmE3MDMtYjQ2Mi00MDIyLTllMWUt
NmQ3MDRjZGEwZWI5LzEvSm1GbHZqNWNRakRkTU8xUjQ5WWUxUXNLY3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mZmE3MDMtYjQ2Mi00MDIyLTllMWUtNmQ3MDRjZGEwZWI5
LzEvZUhCVXNXZXFtSVFjM0N4TG9yaGhPYXVZam4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjsgMA0G
CSqGSIb3DQEBCwUAA4IBAQBQLjrzQmBG7sJ+cgVb2mREJV8Fs6W3+lISVg9sOqm0
kIU/Bm6uUuxuT8aZEWbVSzuMTsj3Pta++vWDlxSwi5LGp8eH6zogxmX2pWNt05FF
GxRWi7fBmGQZYFM9wSpcMgjYkahLh8deXcYuYUxLnv9h/jGCptaPXJqBAZ8Az8R0
WAZLc7ZoYBxcrlTmOTBL3PAOM5Uf8WD9Aw0BjVDydl8Yd04G3rVX7M178hIGUp0b
jcBxWcoq8/3d2nZlSCIouajniVyiKryDaiM0d3N+moNHHUdvnmqif9jCkUv5W1p4
Wyb+1FEWdzAWp808vMByKkKXlkalSuB1nhgf6jfZo/3/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:33 2024 by rpki-client on console-fra.rpki-client.org