Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/JAXAgoNQORe75y23b02lc0YGeUg.roa
File:                     JAXAgoNQORe75y23b02lc0YGeUg.roa (raw, json)
Hash identifier:          bc/hGJ3BKT2ILPLj14DRUHkY+84kEGCUotVgqI5MLEQ=
Subject key identifier:   24:05:C0:82:83:50:39:17:BB:E7:2D:B7:6F:4D:A5:73:46:06:79:48
Certificate issuer:       /CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Certificate serial:       0A45F0E9
Authority key identifier: B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/JAXAgoNQORe75y23b02lc0YGeUg.roa
Signing time:             Sat 01 Jan 2022 05:53:40 +0000
ROA not before:           Sat 01 Jan 2022 05:53:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57724
IP address blocks:        185.178.208.0/24 maxlen: 24
                          185.178.209.0/24 maxlen: 24
                          185.178.210.0/24 maxlen: 24
                          45.10.243.0/24 maxlen: 24
                          45.10.241.0/24 maxlen: 24
                          45.10.242.0/24 maxlen: 24
                          45.10.240.0/24 maxlen: 24
                          45.10.240.0/22 maxlen: 24
                          91.215.40.0/24 maxlen: 24
                          91.215.41.0/24 maxlen: 24
                          91.215.42.0/24 maxlen: 24
                          91.215.43.0/24 maxlen: 24
                          185.129.102.0/24 maxlen: 24
                          185.129.103.0/24 maxlen: 24
                          185.129.100.0/24 maxlen: 24
                          185.129.101.0/24 maxlen: 24
                          2a0a:4180::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 172355817 (0xa45f0e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
        Validity
            Not Before: Jan  1 05:53:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2405c08283503917bbe72db76f4da57346067948
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:81:a3:e7:78:30:4a:ca:8a:e4:73:dc:87:
                    46:9f:9c:57:b9:1a:26:69:70:a7:33:89:86:b0:5c:
                    ef:d7:8b:b2:f5:60:58:66:e9:26:30:90:66:8c:38:
                    e8:78:3c:b4:67:41:73:2a:13:ea:a5:d5:2d:b4:8e:
                    28:87:36:0e:e0:b0:de:51:72:66:f7:07:3e:b3:cc:
                    47:51:52:d9:f0:4e:4d:83:67:e3:b4:ae:d9:67:06:
                    53:2e:60:83:cd:1e:a1:a6:2d:1e:9c:00:d3:0b:57:
                    f0:76:29:90:b9:73:e7:aa:16:d9:dc:92:9c:3f:e8:
                    ec:53:5f:83:2a:f2:74:61:64:a1:9e:c8:a9:b7:ce:
                    ac:9f:40:49:2c:f8:5b:55:fc:b8:d9:1a:3c:89:a3:
                    a2:83:3d:f4:50:3a:ef:16:9c:74:b6:66:26:b8:69:
                    05:ab:4c:33:3b:7f:1a:c8:5f:0e:d1:cb:da:01:08:
                    c4:44:9b:a2:36:92:49:5b:be:69:34:d6:b3:f8:47:
                    4d:10:33:e9:86:1f:f7:85:58:a3:08:75:17:ac:ea:
                    6d:2a:16:08:44:93:e2:b3:c4:ca:ba:98:2f:00:42:
                    86:fe:89:75:37:be:35:6b:42:33:cc:c6:b1:a9:f7:
                    0a:57:ef:64:e5:01:ae:62:1e:78:17:38:95:b9:75:
                    d5:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:05:C0:82:83:50:39:17:BB:E7:2D:B7:6F:4D:A5:73:46:06:79:48
            X509v3 Authority Key Identifier:
                keyid:B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/JAXAgoNQORe75y23b02lc0YGeUg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.240.0/22
                  91.215.40.0/22
                  185.129.100.0/22
                  185.178.208.0-185.178.210.255
                IPv6:
                  2a0a:4180::/48

    Signature Algorithm: sha256WithRSAEncryption
         b4:ce:98:02:6a:c2:4b:64:97:1c:3f:7c:b6:d4:5c:49:ad:5d:
         e4:ff:7d:66:2e:1b:58:d6:85:60:34:83:11:05:58:8d:16:48:
         0e:e2:e3:5e:55:e2:e3:f0:d3:01:63:a6:e4:91:09:76:05:ed:
         69:a7:7d:25:39:e5:f1:db:e7:7a:24:dd:d6:a5:a5:12:ff:35:
         5b:bc:1a:a8:9e:d4:1e:c3:d6:32:a0:8e:8c:ab:66:a3:2f:f0:
         8b:ed:e6:17:11:8d:dd:16:6e:51:1d:a0:b9:31:32:2a:fa:da:
         3f:10:c8:49:89:3a:dc:a5:1c:05:15:c3:d5:c5:6c:4b:16:70:
         23:95:81:de:7d:22:19:20:6d:f8:34:30:1f:e2:5c:ad:fe:a4:
         3b:bb:da:4b:1f:eb:0c:12:aa:5d:4d:4e:43:7b:a2:65:67:57:
         98:96:7f:5c:b2:07:d1:6d:2f:c3:b8:8e:ed:4c:1b:72:28:ec:
         a0:9e:4b:95:6f:25:ec:df:08:66:50:cc:2e:43:89:ef:6b:c0:
         5b:7a:ae:d1:24:80:87:7f:f4:40:61:52:c8:d1:cc:5f:cb:fe:
         32:6f:6b:f7:3c:23:a7:5a:85:54:c3:f7:68:07:be:33:0a:c4:
         a5:fd:0d:ee:c8:8a:e9:c8:8c:b3:8e:ec:b4:94:1b:d0:a5:72:
         01:13:a2:f9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIECkXw6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Mjg1M2FhMWViMzJiZmVlMGZlYjE0ODNjMTQ5MzZkMTAxZjE2ZWRmMB4XDTIyMDEw
MTA1NTM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQwNWMwODI4MzUw
MzkxN2JiZTcyZGI3NmY0ZGE1NzM0NjA2Nzk0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNvgaPneDBKyorkc9yHRp+cV7kaJmlwpzOJhrBc79eLsvVg
WGbpJjCQZow46Hg8tGdBcyoT6qXVLbSOKIc2DuCw3lFyZvcHPrPMR1FS2fBOTYNn
47Su2WcGUy5gg80eoaYtHpwA0wtX8HYpkLlz56oW2dySnD/o7FNfgyrydGFkoZ7I
qbfOrJ9ASSz4W1X8uNkaPImjooM99FA67xacdLZmJrhpBatMMzt/GshfDtHL2gEI
xESbojaSSVu+aTTWs/hHTRAz6YYf94VYowh1F6zqbSoWCEST4rPEyrqYLwBChv6J
dTe+NWtCM8zGsan3ClfvZOUBrmIeeBc4lbl11Y0CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBQkBcCCg1A5F7vnLbdvTaVzRgZ5SDAfBgNVHSMEGDAWgBSyhTqh6zK/7g/r
FIPBSTbRAfFu3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NvVTZvZXN5di00UDZ4U0R3VWsyMFFIeGJ0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvMzFjODE1LWQ5NmEtNGJiNi04Y2NmLWYyYjgxMDc5Yjc0Ni8x
L0pBWEFnb05RT1JlNzV5MjNiMDJsYzBZR2VVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
MzFjODE1LWQ5NmEtNGJiNi04Y2NmLWYyYjgxMDc5Yjc0Ni8xL3NvVTZvZXN5di00
UDZ4U0R3VWsyMFFIeGJ0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEAi0K8AMEAlvXKAMEArmBZDAMAwQE
ubLQAwQAubLSMA8EAgACMAkDBwAqCkGAAAAwDQYJKoZIhvcNAQELBQADggEBALTO
mAJqwktklxw/fLbUXEmtXeT/fWYuG1jWhWA0gxEFWI0WSA7i415V4uPw0wFjpuSR
CXYF7WmnfSU55fHb53ok3dalpRL/NVu8Gqie1B7D1jKgjoyrZqMv8Ivt5hcRjd0W
blEdoLkxMir62j8QyEmJOtylHAUVw9XFbEsWcCOVgd59Ihkgbfg0MB/iXK3+pDu7
2ksf6wwSql1NTkN7omVnV5iWf1yyB9FtL8O4ju1MG3Io7KCeS5VvJezfCGZQzC5D
ie9rwFt6rtEkgId/9EBhUsjRzF/L/jJva/c8I6dahVTD92gHvjMKxKX9De7IiunI
jLOO7LSUG9ClcgETovk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:35 2024 by rpki-client on console-fra.rpki-client.org