Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JzTVCs7IqNhus_WkTu7wyJcsts0.roa
File:                     JzTVCs7IqNhus_WkTu7wyJcsts0.roa (raw, json)
Hash identifier:          v7oeCqZnwz+ZDoa/94Lzat1oYI82e1hm+MqeCkiUnfk=
Subject key identifier:   27:34:D5:0A:CE:C8:A8:D8:6E:B3:F5:A4:4E:EE:F0:C8:97:2C:B6:CD
Certificate issuer:       /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial:       01847F651DC7F82EF425F69AEC3D08CA9C37
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JzTVCs7IqNhus_WkTu7wyJcsts0.roa
Signing time:             Wed 16 Nov 2022 07:44:03 +0000
ROA not before:           Wed 16 Nov 2022 07:44:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4755
IP address blocks:        89.39.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7f:65:1d:c7:f8:2e:f4:25:f6:9a:ec:3d:08:ca:9c:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
        Validity
            Not Before: Nov 16 07:44:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2734d50acec8a8d86eb3f5a44eeef0c8972cb6cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7f:82:38:81:5b:15:82:9f:78:8d:84:06:ea:
                    5e:43:d1:34:69:0c:04:44:d2:77:67:f6:34:6b:bb:
                    e3:b0:fb:3c:1a:8f:c6:30:73:d6:f3:bd:32:f7:c2:
                    73:35:fa:d0:00:6f:ff:68:b7:02:ca:1f:e1:c9:65:
                    a8:ce:51:d7:0b:72:fa:31:15:4f:85:13:eb:8d:cb:
                    ac:bb:a5:cd:78:c0:f0:16:5e:90:2d:95:bc:51:50:
                    70:94:6b:1c:28:3a:83:b1:bb:d2:ea:cc:9e:7f:41:
                    ce:8e:bf:68:8b:27:f8:ec:51:87:e3:1b:52:9f:fe:
                    1c:3d:32:39:b7:e8:a3:ff:5c:42:81:73:f0:15:77:
                    cf:6b:67:fc:6c:6a:67:bc:a7:09:e7:84:fd:f0:e7:
                    05:dd:ee:f1:16:48:5a:ab:c4:78:c2:44:15:1a:bb:
                    a2:9d:4a:4c:ff:50:85:14:51:70:01:77:d5:f2:0d:
                    96:a9:4b:c4:41:e8:a2:6b:48:43:4a:b0:74:1e:01:
                    e9:1f:11:13:54:af:30:38:2a:03:4c:ab:88:d1:14:
                    9a:a3:e4:c6:25:4d:3e:03:ee:49:d3:7c:1c:b4:03:
                    f5:ac:25:22:16:b8:00:72:f4:35:2a:59:55:a6:ec:
                    a9:02:46:01:ed:53:e6:dc:5e:75:00:18:f4:24:57:
                    7c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:34:D5:0A:CE:C8:A8:D8:6E:B3:F5:A4:4E:EE:F0:C8:97:2C:B6:CD
            X509v3 Authority Key Identifier:
                keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/JzTVCs7IqNhus_WkTu7wyJcsts0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.39.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:7f:ce:e8:e0:b9:38:4c:8c:68:ba:57:e0:75:c5:6d:ea:cf:
         38:f3:1a:ad:40:85:14:63:da:dd:02:39:39:8e:ae:26:63:bd:
         6a:61:cd:ce:3d:7c:04:53:21:40:fc:e7:f6:d3:ee:44:54:d9:
         bf:71:21:9d:26:05:ee:f2:d1:48:8b:f7:13:c9:92:31:91:2a:
         2f:51:b2:55:89:ea:75:56:55:a6:52:35:12:f8:fb:5e:49:61:
         63:c4:0f:e3:d2:60:30:7c:a7:71:08:6d:4a:3d:16:c8:2c:d4:
         b2:ca:2f:2a:6f:63:ae:c1:40:41:67:c7:bf:a6:0b:31:1b:fa:
         35:40:f5:d1:81:cd:be:14:4d:8b:1f:05:fe:e7:d0:64:2d:a1:
         df:27:1f:26:4d:31:3a:5b:db:98:dc:05:a2:58:3a:cf:66:44:
         0f:72:a2:69:fd:f5:d5:5c:33:1e:a9:5b:98:42:5b:ae:e8:31:
         0c:b4:28:6d:14:64:8f:3b:52:3f:20:ef:54:c6:94:ef:64:f9:
         17:1e:40:b3:e1:d0:bc:ed:68:3a:ca:7a:a3:46:51:7a:15:a9:
         48:65:ff:f8:b1:80:ef:79:b2:1a:42:9e:fc:d4:9b:06:c3:08:
         75:7a:05:76:19:08:b4:63:61:28:59:be:01:89:f4:78:72:84:
         5f:bc:78:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/ZR3H+C70Jfaa7D0Iypw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjIxMTE2MDc0NDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzM0ZDUwYWNlYzhhOGQ4NmViM2Y1YTQ0ZWVlZjBjODk3MmNiNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3+COIFbFYKfeI2EBupeQ9E0aQwE
RNJ3Z/Y0a7vjsPs8Go/GMHPW870y98JzNfrQAG//aLcCyh/hyWWozlHXC3L6MRVP
hRPrjcusu6XNeMDwFl6QLZW8UVBwlGscKDqDsbvS6syef0HOjr9oiyf47FGH4xtS
n/4cPTI5t+ij/1xCgXPwFXfPa2f8bGpnvKcJ54T98OcF3e7xFkhaq8R4wkQVGrui
nUpM/1CFFFFwAXfV8g2WqUvEQeiia0hDSrB0HgHpHxETVK8wOCoDTKuI0RSao+TG
JU0+A+5J03wctAP1rCUiFrgAcvQ1KllVpuypAkYB7VPm3F51ABj0JFd8FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCc01QrOyKjYbrP1pE7u8MiXLLbNMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvSnpUVkNzN0lxTmh1c19Xa1R1N3d5SmNzdHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWScGMA0G
CSqGSIb3DQEBCwUAA4IBAQAdf87o4Lk4TIxoulfgdcVt6s848xqtQIUUY9rdAjk5
jq4mY71qYc3OPXwEUyFA/Of20+5EVNm/cSGdJgXu8tFIi/cTyZIxkSovUbJViep1
VlWmUjUS+PteSWFjxA/j0mAwfKdxCG1KPRbILNSyyi8qb2OuwUBBZ8e/pgsxG/o1
QPXRgc2+FE2LHwX+59BkLaHfJx8mTTE6W9uY3AWiWDrPZkQPcqJp/fXVXDMeqVuY
Qluu6DEMtChtFGSPO1I/IO9UxpTvZPkXHkCz4dC87Wg6ynqjRlF6FalIZf/4sYDv
ebIaQp781JsGwwh1egV2GQi0Y2EoWb4BifR4coRfvHjw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org