Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/JA8-wXGe5eovNqS2BtH7_HoRSgE.roa
File:                     JA8-wXGe5eovNqS2BtH7_HoRSgE.roa (raw, json)
Hash identifier:          sV9jyXQj0tU8xi14rS5QeBY3jJaAQqqx1+J19v4Sfrc=
Subject key identifier:   24:0F:3E:C1:71:9E:E5:EA:2F:36:A4:B6:06:D1:FB:FC:7A:11:4A:01
Certificate issuer:       /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial:       19DFBA85
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/JA8-wXGe5eovNqS2BtH7_HoRSgE.roa
Signing time:             Sat 01 Jan 2022 04:55:12 +0000
ROA not before:           Sat 01 Jan 2022 04:55:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206986
IP address blocks:        185.169.232.0/22 maxlen: 22
                          2a0a:7107:1af4::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 434092677 (0x19dfba85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
        Validity
            Not Before: Jan  1 04:55:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=240f3ec1719ee5ea2f36a4b606d1fbfc7a114a01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6d:70:30:5d:fe:71:99:2e:78:e4:ab:a0:c2:
                    3e:b1:57:20:70:4d:40:b7:60:d3:a2:6b:68:08:75:
                    d8:8b:39:70:0e:9f:8f:73:50:0a:c4:1e:36:87:2b:
                    36:6f:e3:0f:dd:3f:a8:25:4a:57:69:dd:08:39:4b:
                    7b:7a:6a:84:92:3e:8f:0b:f2:46:64:4d:b1:30:1b:
                    b1:95:e7:ec:86:6a:b3:f2:b4:65:43:4a:0c:a2:ed:
                    7f:82:5d:c9:de:fb:d6:22:68:48:a2:69:d7:56:68:
                    fb:8b:c9:13:7e:e4:5d:35:fd:85:d8:83:3f:a8:ae:
                    5f:37:b2:23:46:b3:79:97:50:9f:ed:a6:01:ac:2c:
                    20:be:39:9f:69:ce:c0:79:63:78:20:9d:b3:1d:dd:
                    d8:0f:e2:cc:a2:46:5e:46:a9:29:1f:8a:67:82:57:
                    90:b5:59:3e:fa:7e:d0:2e:6c:0f:49:34:ba:31:63:
                    73:83:fe:3f:2c:df:6e:57:3c:9e:0f:7c:f9:bd:d1:
                    1a:86:0e:31:59:cc:df:c2:e5:0a:73:7a:fe:5d:72:
                    20:a4:39:d6:6e:e2:da:cf:c2:14:58:28:40:e6:96:
                    83:a9:e7:17:74:0e:99:87:2a:ac:04:34:ea:27:ed:
                    71:b9:fc:96:5d:4a:9e:d3:5e:f6:7b:27:97:83:0d:
                    d2:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:0F:3E:C1:71:9E:E5:EA:2F:36:A4:B6:06:D1:FB:FC:7A:11:4A:01
            X509v3 Authority Key Identifier:
                keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/JA8-wXGe5eovNqS2BtH7_HoRSgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.232.0/22
                IPv6:
                  2a0a:7107:1af4::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:bd:fe:e7:f6:20:e2:d7:3c:2c:0b:50:4f:f0:c2:fc:b0:5e:
         5d:32:61:15:46:3c:49:f1:ce:33:9a:08:36:53:44:fc:f5:41:
         9f:01:be:5e:8a:f3:3e:42:81:4b:81:2b:46:56:29:57:5d:0b:
         c3:c6:ff:96:9d:1e:a8:8f:31:c2:2b:f2:26:2e:b5:e6:28:50:
         64:72:fd:72:bf:1c:7d:cd:93:6e:79:09:2e:a8:47:a3:98:8d:
         12:3f:6d:3b:11:68:6c:66:9a:cc:b2:5a:8b:fe:e3:33:2b:3b:
         07:53:49:4c:cc:5b:e9:a7:2d:91:85:00:29:b1:c1:95:66:00:
         fa:53:e6:2d:ac:e8:cf:7d:b0:ed:f2:9f:75:9a:b3:d7:53:4b:
         1c:74:93:5d:4d:67:12:89:a4:79:98:df:01:84:a5:eb:22:a7:
         65:3b:cc:49:08:9e:6c:ae:8c:92:5e:57:fb:22:a7:14:c2:73:
         a3:41:ad:30:da:b2:a7:db:0b:9d:29:96:98:69:b6:28:53:49:
         db:97:c9:18:d9:c6:d9:59:12:b2:6b:12:36:eb:13:74:9b:4b:
         03:1a:f7:40:62:18:05:64:bd:a8:5b:f9:0b:54:db:0a:9f:6a:
         91:f2:1a:90:b5:ca:c2:84:16:0a:60:63:fc:c2:21:06:09:15:
         dd:65:19:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEGd+6hTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMB4XDTIyMDEw
MTA0NTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQwZjNlYzE3MTll
ZTVlYTJmMzZhNGI2MDZkMWZiZmM3YTExNGEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMltcDBd/nGZLnjkq6DCPrFXIHBNQLdg06JraAh12Is5cA6f
j3NQCsQeNocrNm/jD90/qCVKV2ndCDlLe3pqhJI+jwvyRmRNsTAbsZXn7IZqs/K0
ZUNKDKLtf4Jdyd771iJoSKJp11Zo+4vJE37kXTX9hdiDP6iuXzeyI0azeZdQn+2m
AawsIL45n2nOwHljeCCdsx3d2A/izKJGXkapKR+KZ4JXkLVZPvp+0C5sD0k0ujFj
c4P+Pyzfblc8ng98+b3RGoYOMVnM38LlCnN6/l1yIKQ51m7i2s/CFFgoQOaWg6nn
F3QOmYcqrAQ06iftcbn8ll1KntNe9nsnl4MN0v0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQkDz7BcZ7l6i82pLYG0fv8ehFKATAfBgNVHSMEGDAWgBT/3sSkam5uT5qS
0LouCzq1ZYvhvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L185N0VwR3B1YmstYWt0QzZMZ3M2dFdXTDRiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvMTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8x
L0pBOC13WEdlNWVvdk5xUzJCdEg3X0hvUlNnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
MTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1Ymst
YWt0QzZMZ3M2dFdXTDRiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArmp6DAPBAIAAjAJAwcAKgpxBxr0
MA0GCSqGSIb3DQEBCwUAA4IBAQDAvf7n9iDi1zwsC1BP8ML8sF5dMmEVRjxJ8c4z
mgg2U0T89UGfAb5eivM+QoFLgStGVilXXQvDxv+WnR6ojzHCK/ImLrXmKFBkcv1y
vxx9zZNueQkuqEejmI0SP207EWhsZprMslqL/uMzKzsHU0lMzFvppy2RhQApscGV
ZgD6U+YtrOjPfbDt8p91mrPXU0scdJNdTWcSiaR5mN8BhKXrIqdlO8xJCJ5sroyS
Xlf7IqcUwnOjQa0w2rKn2wudKZaYabYoU0nbl8kY2cbZWRKyaxI26xN0m0sDGvdA
YhgFZL2oW/kLVNsKn2qR8hqQtcrChBYKYGP8wiEGCRXdZRl+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org