Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JBSzCJk1s9KN6LT_3uGeXDhfh5A.roa
File:                     JBSzCJk1s9KN6LT_3uGeXDhfh5A.roa (raw, json)
Hash identifier:          XjJwBVfrbgJyv3zv/rlT238WHtBn005X8TVwOuaydRw=
Subject key identifier:   24:14:B3:08:99:35:B3:D2:8D:E8:B4:FF:DE:E1:9E:5C:38:5F:87:90
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       12BB2486
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JBSzCJk1s9KN6LT_3uGeXDhfh5A.roa
Signing time:             Sat 01 Jan 2022 12:59:26 +0000
ROA not before:           Sat 01 Jan 2022 12:59:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     132399
IP address blocks:        57.191.64.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 314254470 (0x12bb2486)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 12:59:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2414b3089935b3d28de8b4ffdee19e5c385f8790
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9f:8c:2a:d2:1f:09:ce:29:3b:c0:88:0c:36:
                    7b:ef:eb:b2:40:92:24:09:bf:14:69:ce:55:64:fe:
                    2d:13:e7:0b:a1:cf:66:90:44:f6:1d:22:f0:d0:e9:
                    19:8e:c3:04:a7:a9:6f:32:eb:b1:d3:7d:1b:5c:c0:
                    09:c7:14:f3:18:92:1a:9f:01:aa:3a:b9:f5:07:5f:
                    11:7a:8e:35:db:ed:95:d9:d7:fa:1f:d3:e1:d1:89:
                    ff:20:1e:dd:46:d6:c7:43:26:06:e0:1b:1b:8f:f5:
                    d4:3a:7f:14:ca:6c:1b:8f:18:21:5a:98:5b:99:ca:
                    d2:ba:ba:87:dd:8d:7a:8d:d3:42:cf:9c:e3:20:44:
                    1b:e8:ef:61:0c:5b:8d:ac:33:e2:50:a6:cd:b3:4f:
                    83:f4:d6:b7:89:94:53:ac:01:52:07:f5:be:64:0f:
                    87:04:31:90:ce:3e:c5:05:f4:ca:b6:ba:ac:de:80:
                    5e:25:6c:d5:8b:22:2a:58:dd:04:88:d7:23:98:cc:
                    ec:df:3e:c2:5c:da:5a:3b:9d:7e:de:3c:29:18:ff:
                    3c:ad:43:fb:14:40:83:04:ff:d5:e0:40:99:36:e9:
                    64:ef:14:e9:ec:e6:63:e7:31:0b:8b:94:eb:c4:f8:
                    0f:1d:e6:cf:46:83:03:fe:fd:25:6a:29:0c:f1:d3:
                    6d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:14:B3:08:99:35:B3:D2:8D:E8:B4:FF:DE:E1:9E:5C:38:5F:87:90
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/JBSzCJk1s9KN6LT_3uGeXDhfh5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5c:2e:16:48:c1:62:da:3b:93:4b:c5:df:b2:fd:91:b5:f9:a4:
         16:b3:02:82:1e:de:f6:16:0a:04:de:41:96:ab:ea:7f:45:7e:
         1e:b1:33:86:ad:4e:ce:ad:d5:bf:b5:d1:26:e2:29:27:3e:f8:
         67:e9:57:c5:ce:62:b7:0e:77:5e:2c:cc:d7:98:ac:49:31:14:
         e3:73:c8:15:5e:e0:8a:3e:0f:d3:94:5e:cb:ad:9a:ed:70:a3:
         29:a1:cc:2f:4c:b1:c0:2d:d3:c5:f0:64:92:ed:9f:e9:11:7e:
         11:27:af:00:53:a5:64:82:73:f3:15:e1:53:e4:30:96:77:c4:
         ba:52:9e:3a:0c:99:67:75:4e:f4:bf:cc:f9:b9:41:0e:77:77:
         9b:c5:24:d7:1a:d8:33:d2:09:44:0a:ff:e7:4a:37:b6:bc:fd:
         17:fa:79:17:86:6e:58:25:69:0e:31:ba:27:e0:2e:56:82:2c:
         74:ae:7f:4d:53:c9:9d:3c:14:57:b2:b2:3d:d7:e8:91:50:6a:
         2a:86:2c:96:c9:00:23:5d:8f:9e:d6:62:9f:8a:08:5c:a1:8d:
         95:48:b8:f7:c7:f3:2f:1c:a0:68:bb:2b:b8:3d:73:f8:2d:01:
         cb:22:c2:5f:94:de:fe:44:18:59:87:72:84:0a:e7:30:04:c3:
         a2:ab:00:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEErskhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2Q1YmEwODE1YzlmNTE5M2Y4MDk4OWVlODkzYWNhY2M0YmE4ODQ5MB4XDTIyMDEw
MTEyNTkyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQxNGIzMDg5OTM1
YjNkMjhkZThiNGZmZGVlMTllNWMzODVmODc5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2fjCrSHwnOKTvAiAw2e+/rskCSJAm/FGnOVWT+LRPnC6HP
ZpBE9h0i8NDpGY7DBKepbzLrsdN9G1zACccU8xiSGp8Bqjq59QdfEXqONdvtldnX
+h/T4dGJ/yAe3UbWx0MmBuAbG4/11Dp/FMpsG48YIVqYW5nK0rq6h92Neo3TQs+c
4yBEG+jvYQxbjawz4lCmzbNPg/TWt4mUU6wBUgf1vmQPhwQxkM4+xQX0yra6rN6A
XiVs1YsiKljdBIjXI5jM7N8+wlzaWjudft48KRj/PK1D+xRAgwT/1eBAmTbpZO8U
6ezmY+cxC4uU68T4Dx3mz0aDA/79JWopDPHTbVcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkFLMImTWz0o3otP/e4Z5cOF+HkDAfBgNVHSMEGDAWgBRD1boIFcn1GT+A
mJ7ok6ysxLqISTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5VzZDQlhKOVJrX2dKaWU2Sk9zck1TNmlFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8x
L0pCU3pDSmsxczlLTjZMVF8zdUdlWERoZmg1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzI4MmI0LTdmMTEtNGVlMC1hYmVhLWUxM2U1NTc5YzVkYy8xL1E5VzZDQlhKOVJr
X2dKaWU2Sk9zck1TNmlFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjm/QDANBgkqhkiG9w0BAQsFAAOC
AQEAXC4WSMFi2juTS8Xfsv2RtfmkFrMCgh7e9hYKBN5Blqvqf0V+HrEzhq1Ozq3V
v7XRJuIpJz74Z+lXxc5itw53XizM15isSTEU43PIFV7gij4P05Rey62a7XCjKaHM
L0yxwC3TxfBkku2f6RF+ESevAFOlZIJz8xXhU+QwlnfEulKeOgyZZ3VO9L/M+blB
Dnd3m8Uk1xrYM9IJRAr/50o3trz9F/p5F4ZuWCVpDjG6J+AuVoIsdK5/TVPJnTwU
V7KyPdfokVBqKoYslskAI12PntZin4oIXKGNlUi498fzLxygaLsruD1z+C0ByyLC
X5Te/kQYWYdyhArnMATDoqsAAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org