Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/JLkXU8fblhTHuzQJY084ImySbiQ.roa
File:                     JLkXU8fblhTHuzQJY084ImySbiQ.roa (raw, json)
Hash identifier:          cl2p4VWuv6qV1w3lgvgL/teCAdtQGo3/oeh/c3gXgTY=
Subject key identifier:   24:B9:17:53:C7:DB:96:14:C7:BB:34:09:63:4F:38:22:6C:92:6E:24
Certificate issuer:       /CN=118ba4ef901aac10876ccf976a5f7d16c4ca79f0
Certificate serial:       07B57D30
Authority key identifier: 11:8B:A4:EF:90:1A:AC:10:87:6C:CF:97:6A:5F:7D:16:C4:CA:79:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EYuk75AarBCHbM-Xal99FsTKefA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/JLkXU8fblhTHuzQJY084ImySbiQ.roa
Signing time:             Sat 01 Jan 2022 01:54:20 +0000
ROA not before:           Sat 01 Jan 2022 01:54:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        2a03:5640:f000::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129334576 (0x7b57d30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=118ba4ef901aac10876ccf976a5f7d16c4ca79f0
        Validity
            Not Before: Jan  1 01:54:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24b91753c7db9614c7bb3409634f38226c926e24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:32:22:f3:f8:52:1a:3b:7e:7c:2a:9d:8e:53:
                    81:b5:54:5d:b6:f1:4d:8e:cf:29:9a:91:0f:1a:34:
                    5b:9f:be:9e:6d:e1:38:19:12:9b:cb:93:4c:16:90:
                    93:60:21:ff:e6:5e:cb:6e:9e:da:c0:53:a2:0a:78:
                    35:3c:dc:19:f3:bd:d6:30:d3:a1:05:77:84:7b:fb:
                    23:db:91:99:e3:39:0d:4d:1d:15:ed:66:86:23:f3:
                    10:fb:58:6a:94:02:f6:0e:67:7e:83:71:e5:b6:0c:
                    da:fa:95:0e:61:7b:44:9a:16:ad:ca:86:f5:54:a1:
                    bb:cf:43:01:ea:cf:0e:21:8d:94:ba:09:c0:99:be:
                    87:39:a9:09:6d:0c:84:48:47:c2:a2:91:b2:a3:9d:
                    b9:f8:43:d8:f2:d3:5b:a5:3a:63:0b:1d:50:3e:e4:
                    e6:2f:7d:80:82:48:50:1c:02:54:1e:78:22:5a:25:
                    47:02:40:1c:75:8d:65:a3:cd:f0:47:33:3a:a2:ba:
                    a9:c9:44:13:d6:3b:81:13:71:90:b5:24:ba:ca:59:
                    2b:6e:a7:f9:7b:5d:22:43:30:13:7b:a6:39:4e:bc:
                    e9:25:e2:8a:4b:de:27:5b:4b:70:7e:88:9e:8d:7a:
                    ee:ed:48:f7:f0:a3:b2:b7:6d:ac:52:17:23:e9:bb:
                    6a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B9:17:53:C7:DB:96:14:C7:BB:34:09:63:4F:38:22:6C:92:6E:24
            X509v3 Authority Key Identifier:
                keyid:11:8B:A4:EF:90:1A:AC:10:87:6C:CF:97:6A:5F:7D:16:C4:CA:79:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EYuk75AarBCHbM-Xal99FsTKefA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/JLkXU8fblhTHuzQJY084ImySbiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bd4d8d-9380-40e9-8142-f2b4efba59bc/1/EYuk75AarBCHbM-Xal99FsTKefA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5640:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         0d:67:ad:85:4b:d4:da:a9:be:e7:ad:3b:83:87:34:a8:3e:d2:
         97:56:d2:59:e0:48:b8:14:f0:bf:9d:ef:3e:e1:80:43:9f:76:
         f4:79:99:b9:80:8f:65:8b:5d:0f:01:d1:a6:9f:41:aa:a2:06:
         c2:65:68:d1:d8:70:71:5f:a1:49:94:23:7a:86:d5:26:e6:f5:
         57:b2:f0:2d:39:99:7a:15:e2:a7:fa:fa:92:a2:38:cc:b3:1e:
         aa:a6:73:36:41:89:c1:34:8f:5e:46:1e:00:10:a3:91:47:4b:
         c7:79:a6:30:13:93:e8:1a:34:74:22:20:b9:f5:c1:7c:2d:c8:
         f8:63:03:43:66:cb:eb:39:36:81:b9:0b:aa:50:26:e3:2f:82:
         95:bc:91:01:0f:f8:5d:ae:53:df:ca:5f:09:74:ff:8b:d5:6f:
         a5:0d:ac:49:92:93:fb:ee:5a:44:ef:fe:d3:12:d9:b0:6b:93:
         73:61:d6:31:1e:1b:cb:78:91:bb:30:83:0f:de:62:56:91:32:
         51:a3:5d:63:bd:57:2b:8e:52:c6:da:b5:30:21:b0:34:8b:c8:
         3b:67:58:04:17:0e:ef:1a:42:01:36:c1:27:ef:83:05:17:07:
         ba:bd:c7:09:84:2c:a2:07:a0:8c:af:23:47:1e:9c:fc:3e:eb:
         06:2f:86:d6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB7V9MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MThiYTRlZjkwMWFhYzEwODc2Y2NmOTc2YTVmN2QxNmM0Y2E3OWYwMB4XDTIyMDEw
MTAxNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRiOTE3NTNjN2Ri
OTYxNGM3YmIzNDA5NjM0ZjM4MjI2YzkyNmUyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8yIvP4Uho7fnwqnY5TgbVUXbbxTY7PKZqRDxo0W5++nm3h
OBkSm8uTTBaQk2Ah/+Zey26e2sBTogp4NTzcGfO91jDToQV3hHv7I9uRmeM5DU0d
Fe1mhiPzEPtYapQC9g5nfoNx5bYM2vqVDmF7RJoWrcqG9VShu89DAerPDiGNlLoJ
wJm+hzmpCW0MhEhHwqKRsqOdufhD2PLTW6U6YwsdUD7k5i99gIJIUBwCVB54Ilol
RwJAHHWNZaPN8EczOqK6qclEE9Y7gRNxkLUkuspZK26n+XtdIkMwE3umOU686SXi
ikveJ1tLcH6Ino167u1I9/CjsrdtrFIXI+m7aikCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQkuRdTx9uWFMe7NAljTzgibJJuJDAfBgNVHSMEGDAWgBQRi6TvkBqsEIds
z5dqX30WxMp58DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VZdWs3NUFhckJDSGJNLVhhbDk5RnNUS2VmQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYmQ0ZDhkLTkzODAtNDBlOS04MTQyLWYyYjRlZmJhNTliYy8x
L0pMa1hVOGZibGhUSHV6UUpZMDg0SW15U2JpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YmQ0ZDhkLTkzODAtNDBlOS04MTQyLWYyYjRlZmJhNTliYy8xL0VZdWs3NUFhckJD
SGJNLVhhbDk5RnNUS2VmQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoDVkDwMA0GCSqGSIb3DQEBCwUA
A4IBAQANZ62FS9Taqb7nrTuDhzSoPtKXVtJZ4Ei4FPC/ne8+4YBDn3b0eZm5gI9l
i10PAdGmn0GqogbCZWjR2HBxX6FJlCN6htUm5vVXsvAtOZl6FeKn+vqSojjMsx6q
pnM2QYnBNI9eRh4AEKORR0vHeaYwE5PoGjR0IiC59cF8Lcj4YwNDZsvrOTaBuQuq
UCbjL4KVvJEBD/hdrlPfyl8JdP+L1W+lDaxJkpP77lpE7/7TEtmwa5NzYdYxHhvL
eJG7MIMP3mJWkTJRo11jvVcrjlLG2rUwIbA0i8g7Z1gEFw7vGkIBNsEn74MFFwe6
vccJhCyiB6CMryNHHpz8PusGL4bW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:22 2024 by rpki-client on console-ams.rpki-client.org