Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JHwA9cMquDs5ngEv01_55gw57Dc.roa
File:                     JHwA9cMquDs5ngEv01_55gw57Dc.roa (raw, json)
Hash identifier:          QAz11kW10wJt33V40hDN6s+juugjbsZ2+9xgAJoupDM=
Subject key identifier:   24:7C:00:F5:C3:2A:B8:3B:39:9E:01:2F:D3:5F:F9:E6:0C:39:EC:37
Certificate issuer:       /CN=25a89539520004270d34253bdc16d87784156e1a
Certificate serial:       182E6F7A
Authority key identifier: 25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JHwA9cMquDs5ngEv01_55gw57Dc.roa
Signing time:             Sat 01 Jan 2022 12:06:05 +0000
ROA not before:           Sat 01 Jan 2022 12:06:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39227
IP address blocks:        2a00:1f78:fffe::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405696378 (0x182e6f7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a89539520004270d34253bdc16d87784156e1a
        Validity
            Not Before: Jan  1 12:06:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=247c00f5c32ab83b399e012fd35ff9e60c39ec37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:22:96:07:2e:f7:e4:96:e6:93:8e:c7:24:95:
                    75:91:d7:08:2f:db:6b:70:19:e3:dc:28:e5:09:bf:
                    f6:1a:7f:51:fb:53:86:48:7e:c9:ed:1f:e3:f5:67:
                    b0:15:f6:8f:01:33:7a:e3:03:98:25:18:80:55:ff:
                    95:c6:94:54:4c:98:cf:e8:81:af:68:38:2f:b1:f2:
                    e4:36:15:82:6e:75:68:1e:8a:d4:e4:ba:02:83:71:
                    9b:c4:9a:49:18:58:6a:91:76:b8:42:ed:b0:b1:33:
                    20:19:ac:69:c4:00:8e:a8:e5:20:25:a0:60:a7:dc:
                    1e:ed:73:28:53:45:11:e6:08:0b:c3:58:a8:53:2b:
                    1a:7d:97:69:e5:4b:43:22:56:7d:35:2d:57:e8:3b:
                    4c:fe:5f:aa:0a:a5:98:75:3b:99:cb:d6:6f:e8:0e:
                    ef:5a:d6:cf:b5:6a:3e:d4:69:fc:28:1f:a6:37:6d:
                    6d:12:c4:3a:d7:29:4a:df:3c:36:bc:00:fe:16:93:
                    d5:7e:bb:84:15:78:ed:b7:9e:f9:59:81:1f:48:d3:
                    c2:e3:34:7e:65:2d:2b:f0:d5:60:22:45:5b:28:36:
                    cf:f7:c6:90:5f:1d:1c:96:2f:25:6d:32:4d:77:6c:
                    72:0d:ff:ad:3f:d4:b5:ef:c0:1a:4a:59:29:c4:de:
                    bd:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:7C:00:F5:C3:2A:B8:3B:39:9E:01:2F:D3:5F:F9:E6:0C:39:EC:37
            X509v3 Authority Key Identifier:
                keyid:25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JHwA9cMquDs5ngEv01_55gw57Dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:1f78:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:79:96:8d:83:59:df:10:75:0b:61:e4:5f:01:1e:96:5b:95:
         83:76:e8:67:8f:01:1f:79:db:2f:cc:8f:bd:9b:df:a1:4a:d4:
         70:99:4d:34:75:88:d3:7c:d6:21:76:b8:4e:b3:3a:3a:97:8b:
         e7:8a:6e:de:cb:86:be:c3:d0:ee:27:f3:3f:68:eb:2b:02:c4:
         4a:81:bf:56:d9:fe:57:c0:72:b3:6c:04:ba:b2:3d:f2:06:62:
         b6:35:b5:c7:c1:49:16:41:87:80:30:3d:60:16:1a:af:ad:11:
         b3:58:6f:1b:11:9d:39:76:82:b0:f1:75:bf:5f:b0:bb:e2:f4:
         88:b1:41:bb:86:82:a5:56:76:e8:7d:97:73:27:85:43:37:59:
         63:9e:f5:3b:00:3b:84:c5:e9:c9:d2:ab:4c:ff:89:3c:37:22:
         b9:20:b2:15:be:39:e1:f4:d5:30:50:b6:c3:62:52:47:e8:e4:
         07:13:00:ee:e5:97:2d:98:37:c3:b4:6c:99:da:66:05:86:54:
         fd:82:fc:90:64:5a:e6:6b:23:cd:d4:c6:b4:49:af:b4:86:28:
         bf:0f:0e:4f:23:ef:93:04:6d:b4:c8:82:d9:4b:8a:78:c3:32:
         42:b6:f6:9f:bb:8f:ee:d1:eb:fd:35:a6:6f:a1:da:e3:30:21:
         70:e8:92:d8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGC5vejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWE4OTUzOTUyMDAwNDI3MGQzNDI1M2JkYzE2ZDg3Nzg0MTU2ZTFhMB4XDTIyMDEw
MTEyMDYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ3YzAwZjVjMzJh
YjgzYjM5OWUwMTJmZDM1ZmY5ZTYwYzM5ZWMzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYilgcu9+SW5pOOxySVdZHXCC/ba3AZ49wo5Qm/9hp/UftT
hkh+ye0f4/VnsBX2jwEzeuMDmCUYgFX/lcaUVEyYz+iBr2g4L7Hy5DYVgm51aB6K
1OS6AoNxm8SaSRhYapF2uELtsLEzIBmsacQAjqjlICWgYKfcHu1zKFNFEeYIC8NY
qFMrGn2XaeVLQyJWfTUtV+g7TP5fqgqlmHU7mcvWb+gO71rWz7VqPtRp/Cgfpjdt
bRLEOtcpSt88NrwA/haT1X67hBV47bee+VmBH0jTwuM0fmUtK/DVYCJFWyg2z/fG
kF8dHJYvJW0yTXdscg3/rT/Ute/AGkpZKcTevfUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQkfAD1wyq4OzmeAS/TX/nmDDnsNzAfBgNVHSMEGDAWgBQlqJU5UgAEJw00
JTvcFth3hBVuGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0phaVZPVklBQkNjTk5DVTczQmJZZDRRVmJoby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYmMxNWVjLTZiMGQtNDczNC1hMDg4LWQwMDUyNmI5MTYwNS8x
L0pId0E5Y01xdURzNW5nRXYwMV81NWd3NTdEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YmMxNWVjLTZiMGQtNDczNC1hMDg4LWQwMDUyNmI5MTYwNS8xL0phaVZPVklBQkNj
Tk5DVTczQmJZZDRRVmJoby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAH3j//jANBgkqhkiG9w0BAQsF
AAOCAQEAAnmWjYNZ3xB1C2HkXwEelluVg3boZ48BH3nbL8yPvZvfoUrUcJlNNHWI
03zWIXa4TrM6OpeL54pu3suGvsPQ7ifzP2jrKwLESoG/Vtn+V8Bys2wEurI98gZi
tjW1x8FJFkGHgDA9YBYar60Rs1hvGxGdOXaCsPF1v1+wu+L0iLFBu4aCpVZ26H2X
cyeFQzdZY571OwA7hMXpydKrTP+JPDciuSCyFb454fTVMFC2w2JSR+jkBxMA7uWX
LZg3w7RsmdpmBYZU/YL8kGRa5msjzdTGtEmvtIYovw8OTyPvkwRttMiC2UuKeMMy
Qrb2n7uP7tHr/TWmb6Ha4zAhcOiS2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org