Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JimGBUEKGBFoR70TTqDi_oudm4o.roa
File:                     JimGBUEKGBFoR70TTqDi_oudm4o.roa (raw, json)
Hash identifier:          zZvYq6wlh0FP5niP3W/g2Pz8RaO6kZl/qCGrgzkFoOo=
Subject key identifier:   26:29:86:05:41:0A:18:11:68:47:BD:13:4E:A0:E2:FE:8B:9D:9B:8A
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0182210D68E6249F9B9D3004B26101DB0411
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JimGBUEKGBFoR70TTqDi_oudm4o.roa
Signing time:             Thu 21 Jul 2022 13:58:23 +0000
ROA not before:           Thu 21 Jul 2022 13:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41095
IP address blocks:        217.25.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:21:0d:68:e6:24:9f:9b:9d:30:04:b2:61:01:db:04:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Jul 21 13:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=26298605410a18116847bd134ea0e2fe8b9d9b8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c4:92:d8:4e:ce:b1:70:e0:56:07:b0:15:60:
                    c9:8d:2b:be:80:18:26:ee:94:16:bc:f5:04:d5:f2:
                    dc:eb:dd:ea:e9:2e:c9:92:e4:55:b2:2f:13:3c:7e:
                    e5:61:08:1d:65:69:59:ab:b1:00:72:bf:73:99:b0:
                    01:7a:83:3d:1b:25:15:c9:40:46:e2:ea:88:9b:8c:
                    66:da:ab:ea:77:88:7c:f9:fe:46:6c:c1:ac:e7:e5:
                    cc:40:d3:e8:2f:de:72:98:f8:22:f5:a9:e7:84:e0:
                    8a:c6:c9:0b:d2:e3:b1:0a:96:e8:4f:97:8c:1b:a5:
                    56:6f:ac:6a:db:66:44:6f:81:f1:ad:97:e5:c3:0e:
                    e3:b7:32:c0:a6:7e:5a:72:67:96:cc:db:d5:59:b2:
                    04:a4:28:cf:d1:fa:66:bc:35:2e:d6:9b:28:fb:c6:
                    dc:77:8d:6f:c8:a7:68:50:2e:ff:3a:36:a3:53:1f:
                    a0:d3:cb:1e:49:90:dc:5b:18:2f:fa:ee:c0:06:0a:
                    2c:15:65:c7:bc:8e:1e:79:9f:42:c8:04:81:be:5a:
                    04:78:16:f1:64:57:f6:64:71:e1:bc:25:a4:ae:9b:
                    6d:42:80:b2:e5:6e:73:fe:95:a8:85:46:c8:57:0b:
                    87:73:fd:ca:6f:2b:49:42:d5:3c:43:86:0a:ac:1f:
                    42:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:29:86:05:41:0A:18:11:68:47:BD:13:4E:A0:E2:FE:8B:9D:9B:8A
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/JimGBUEKGBFoR70TTqDi_oudm4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.25.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:46:e9:c9:cc:09:bf:86:d2:4f:e4:b9:26:14:e7:e7:b2:83:
         01:fa:09:24:af:53:66:9a:69:66:73:21:b5:be:42:73:a4:2b:
         c5:de:17:8e:ff:4a:a8:35:d6:21:28:dc:9c:87:31:77:8b:f8:
         41:43:16:94:06:eb:f1:27:11:c0:d3:0e:73:3f:50:db:5a:13:
         ef:39:71:41:32:8f:43:38:7b:15:25:60:22:4f:29:5a:5c:ca:
         0f:fd:ed:76:81:d9:23:a6:4d:94:73:d3:79:27:6f:8c:b9:2e:
         fe:1e:51:63:b3:7a:9f:54:a4:ed:ea:c7:25:78:81:db:72:5b:
         8c:76:62:61:81:42:d9:21:46:0f:21:68:b7:19:31:89:a0:ab:
         4f:31:fd:38:56:3d:3a:74:22:1f:6f:40:96:d6:e3:8c:03:3e:
         70:dc:63:c8:ad:ab:67:ba:b9:9e:e8:c8:9f:3b:43:0a:14:98:
         9d:ec:31:a8:92:2b:c2:ad:b4:6f:37:50:38:e0:f6:68:6a:5d:
         01:fd:5f:c1:77:56:3a:8d:4f:0e:ec:f7:d4:1d:b2:e7:f3:3f:
         8b:9b:15:54:25:7e:67:b9:ca:35:61:04:fd:54:84:a9:c5:5b:
         66:7e:70:2e:79:e2:8e:f2:6a:cf:af:f8:21:e6:14:d4:a2:6d:
         69:f2:a5:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIhDWjmJJ+bnTAEsmEB2wQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwNzIxMTM1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjI5ODYwNTQxMGExODExNjg0N2JkMTM0ZWEwZTJmZThiOWQ5YjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncSS2E7OsXDgVgewFWDJjSu+gBgm
7pQWvPUE1fLc693q6S7JkuRVsi8TPH7lYQgdZWlZq7EAcr9zmbABeoM9GyUVyUBG
4uqIm4xm2qvqd4h8+f5GbMGs5+XMQNPoL95ymPgi9annhOCKxskL0uOxCpboT5eM
G6VWb6xq22ZEb4HxrZflww7jtzLApn5acmeWzNvVWbIEpCjP0fpmvDUu1pso+8bc
d41vyKdoUC7/OjajUx+g08seSZDcWxgv+u7ABgosFWXHvI4eeZ9CyASBvloEeBbx
ZFf2ZHHhvCWkrpttQoCy5W5z/pWohUbIVwuHc/3KbytJQtU8Q4YKrB9CWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYphgVBChgRaEe9E06g4v6LnZuKMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSmltR0JVRUtHQkZvUjcwVFRxRGlfb3VkbTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkEMA0G
CSqGSIb3DQEBCwUAA4IBAQCMRunJzAm/htJP5LkmFOfnsoMB+gkkr1NmmmlmcyG1
vkJzpCvF3heO/0qoNdYhKNychzF3i/hBQxaUBuvxJxHA0w5zP1DbWhPvOXFBMo9D
OHsVJWAiTylaXMoP/e12gdkjpk2Uc9N5J2+MuS7+HlFjs3qfVKTt6scleIHbcluM
dmJhgULZIUYPIWi3GTGJoKtPMf04Vj06dCIfb0CW1uOMAz5w3GPIratnurme6Mif
O0MKFJid7DGokivCrbRvN1A44PZoal0B/V/Bd1Y6jU8O7PfUHbLn8z+LmxVUJX5n
uco1YQT9VISpxVtmfnAueeKO8mrPr/gh5hTUom1p8qUb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:21 2024 by rpki-client on console-ams.rpki-client.org