Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/KZ-JGAySJDme3v3e84VrPXX_Jeo.roa
File:                     KZ-JGAySJDme3v3e84VrPXX_Jeo.roa (raw, json)
Hash identifier:          2QirVjAMEHTw8MOzYFh+noAMN34vYM9SW1V18jQ3TVQ=
Subject key identifier:   29:9F:89:18:0C:92:24:39:9E:DE:FD:DE:F3:85:6B:3D:75:FF:25:EA
Certificate issuer:       /CN=7ec5d4828dc34199ef717cc03a48a0074c1443b8
Certificate serial:       13F79E6D
Authority key identifier: 7E:C5:D4:82:8D:C3:41:99:EF:71:7C:C0:3A:48:A0:07:4C:14:43:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fsXUgo3DQZnvcXzAOkigB0wUQ7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/KZ-JGAySJDme3v3e84VrPXX_Jeo.roa
Signing time:             Sat 01 Jan 2022 08:56:39 +0000
ROA not before:           Sat 01 Jan 2022 08:56:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24610
IP address blocks:        193.110.124.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 334995053 (0x13f79e6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ec5d4828dc34199ef717cc03a48a0074c1443b8
        Validity
            Not Before: Jan  1 08:56:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=299f89180c9224399edefddef3856b3d75ff25ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:11:1c:41:69:84:61:2a:90:3e:89:f8:57:b4:
                    3e:13:31:9f:15:e2:c0:c1:68:a4:df:9c:62:f7:b3:
                    84:9f:15:1b:3e:92:f3:34:91:3c:d5:4e:d3:e3:69:
                    cc:c2:9c:a0:01:66:a7:8f:4f:8e:45:60:da:e2:dc:
                    9f:01:aa:e2:82:f9:a6:2f:17:79:42:55:06:96:8b:
                    b8:cc:88:8a:cd:97:02:2a:37:e0:97:9a:f5:10:ec:
                    e5:e2:cb:a1:61:b4:67:ff:3b:8f:5c:7a:f5:7c:77:
                    34:06:bd:13:14:63:2e:63:40:7e:57:d1:9b:a4:fe:
                    09:d5:fd:43:64:77:d6:22:e7:67:bc:28:af:20:23:
                    b4:da:c1:f3:a1:f2:cf:0a:ec:49:ca:43:13:f1:4f:
                    48:9d:a5:e5:35:92:ce:6c:2c:dd:3f:9d:2b:f0:39:
                    be:06:0a:d8:fc:e8:ad:ea:16:66:94:1d:8e:a8:17:
                    fb:b7:cb:b3:f3:8d:ca:75:b3:45:de:00:e2:c5:e7:
                    4b:d8:c4:14:01:4a:eb:3a:c0:e9:e6:ca:94:ca:0a:
                    ad:b3:03:16:7b:3d:05:75:e2:c3:5f:11:cd:c2:4a:
                    4b:c3:73:70:de:ca:21:0e:e9:bf:bb:73:08:f9:a2:
                    57:c8:b5:11:26:e2:63:9e:06:9a:26:fd:9e:65:8e:
                    e3:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9F:89:18:0C:92:24:39:9E:DE:FD:DE:F3:85:6B:3D:75:FF:25:EA
            X509v3 Authority Key Identifier:
                keyid:7E:C5:D4:82:8D:C3:41:99:EF:71:7C:C0:3A:48:A0:07:4C:14:43:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsXUgo3DQZnvcXzAOkigB0wUQ7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/KZ-JGAySJDme3v3e84VrPXX_Jeo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/fsXUgo3DQZnvcXzAOkigB0wUQ7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:7a:2c:39:71:a5:0a:83:a9:fa:cf:68:e6:32:e2:9e:ec:43:
         00:47:77:55:ee:5a:7a:7b:b7:a5:1f:1c:b9:23:27:ea:6c:91:
         b4:a0:03:1a:99:7b:12:8f:65:56:02:0b:5b:31:60:03:08:dd:
         24:fe:3d:97:09:bd:03:9a:e3:e5:38:68:23:80:d9:69:fb:b6:
         6b:f3:38:f3:06:63:51:71:bc:ab:8f:51:2d:61:38:d4:97:d2:
         51:71:aa:83:21:11:19:a0:ef:0c:07:f0:08:33:fb:67:45:16:
         89:6e:9f:52:50:54:2d:98:9d:d3:ad:b8:42:15:83:8b:1b:7c:
         0b:56:c0:80:88:7c:0a:9a:ef:71:da:ce:5e:9d:86:db:3d:c3:
         e9:88:54:37:d3:ee:36:16:27:f1:fa:41:e5:3b:37:52:6d:a4:
         d6:e4:ae:eb:a2:95:a8:bf:05:4d:da:89:9c:82:3c:df:8d:83:
         70:bd:37:73:ef:ec:da:98:64:7c:a0:a5:06:04:8a:b2:44:20:
         63:54:ae:04:29:e7:56:2e:d8:f8:e8:68:6b:7c:c0:0f:e8:ec:
         ee:b7:b2:e0:b3:c8:09:12:05:96:7f:44:bd:8b:32:f5:e4:30:
         b9:67:94:af:8d:ea:98:a3:f8:5d:25:c0:ae:91:6c:fe:8a:2d:
         6a:42:33:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE/eebTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWM1ZDQ4MjhkYzM0MTk5ZWY3MTdjYzAzYTQ4YTAwNzRjMTQ0M2I4MB4XDTIyMDEw
MTA4NTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5Zjg5MTgwYzky
MjQzOTllZGVmZGRlZjM4NTZiM2Q3NWZmMjVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8RHEFphGEqkD6J+Fe0PhMxnxXiwMFopN+cYvezhJ8VGz6S
8zSRPNVO0+NpzMKcoAFmp49PjkVg2uLcnwGq4oL5pi8XeUJVBpaLuMyIis2XAio3
4Jea9RDs5eLLoWG0Z/87j1x69Xx3NAa9ExRjLmNAflfRm6T+CdX9Q2R31iLnZ7wo
ryAjtNrB86HyzwrsScpDE/FPSJ2l5TWSzmws3T+dK/A5vgYK2PzoreoWZpQdjqgX
+7fLs/ONynWzRd4A4sXnS9jEFAFK6zrA6ebKlMoKrbMDFns9BXXiw18RzcJKS8Nz
cN7KIQ7pv7tzCPmiV8i1ESbiY54Gmib9nmWO43cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpn4kYDJIkOZ7e/d7zhWs9df8l6jAfBgNVHSMEGDAWgBR+xdSCjcNBme9x
fMA6SKAHTBRDuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZzWFVnbzNEUVpudmNYekFPa2lnQjB3VVE3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvYTAwYjg5LWIzOTgtNDBkOS1iZGI1LTQyN2IyZDRmOWM4Mi8x
L0taLUpHQXlTSkRtZTN2M2U4NFZyUFhYX0plby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
YTAwYjg5LWIzOTgtNDBkOS1iZGI1LTQyN2IyZDRmOWM4Mi8xL2ZzWFVnbzNEUVpu
dmNYekFPa2lnQjB3VVE3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsFufDANBgkqhkiG9w0BAQsFAAOC
AQEAL3osOXGlCoOp+s9o5jLinuxDAEd3Ve5aenu3pR8cuSMn6myRtKADGpl7Eo9l
VgILWzFgAwjdJP49lwm9A5rj5ThoI4DZafu2a/M48wZjUXG8q49RLWE41JfSUXGq
gyERGaDvDAfwCDP7Z0UWiW6fUlBULZid0624QhWDixt8C1bAgIh8CprvcdrOXp2G
2z3D6YhUN9PuNhYn8fpB5Ts3Um2k1uSu66KVqL8FTdqJnII8342DcL03c+/s2phk
fKClBgSKskQgY1SuBCnnVi7Y+Ohoa3zAD+js7rey4LPICRIFln9EvYsy9eQwuWeU
r43qmKP4XSXArpFs/ootakIzDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:10 2024 by rpki-client on console-ams.rpki-client.org