Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9KrSRTb8NbTuQpa0TceXUun2mC4.roa
File:                     9KrSRTb8NbTuQpa0TceXUun2mC4.roa (raw, json)
Hash identifier:          Tz5jvIN8IQaktXHe5h+EUBSXNXMSuP7TBdqLGeSyx6c=
Subject key identifier:   F4:AA:D2:45:36:FC:35:B4:EE:42:96:B4:4D:C7:97:52:E9:F6:98:2E
Certificate issuer:       /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial:       0183A85D099AE9521DE207332D6367E04393
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9KrSRTb8NbTuQpa0TceXUun2mC4.roa
Signing time:             Wed 05 Oct 2022 13:36:53 +0000
ROA not before:           Wed 05 Oct 2022 13:36:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57428
IP address blocks:        109.237.100.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a8:5d:09:9a:e9:52:1d:e2:07:33:2d:63:67:e0:43:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
        Validity
            Not Before: Oct  5 13:36:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f4aad24536fc35b4ee4296b44dc79752e9f6982e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f3:5f:02:88:22:34:4b:88:6c:1f:f5:8a:4e:
                    35:6d:7d:4d:44:89:16:25:21:40:1c:d5:b6:db:af:
                    d7:07:99:43:7d:79:78:b8:b7:d4:40:f5:f5:47:e5:
                    53:58:0a:d6:95:14:4d:f1:30:56:b6:b0:20:c8:48:
                    60:e0:5b:0c:ed:9a:7c:27:be:55:b4:94:3c:47:aa:
                    35:2a:d6:5b:17:1f:17:03:3c:7a:c6:5e:32:a1:56:
                    57:2a:1d:57:22:05:49:60:69:d9:13:82:fc:56:82:
                    df:4a:be:a3:f3:0b:0f:78:99:f1:ef:86:57:64:7d:
                    d7:2c:b1:8d:d2:bd:3d:56:89:8b:dc:2e:c7:0f:e7:
                    11:89:62:95:f1:38:f1:3a:28:49:de:5f:08:49:ce:
                    67:1e:b4:62:2a:7c:81:86:02:39:7c:c8:62:b5:2c:
                    1c:3a:27:6a:93:6e:ce:76:02:27:54:cf:be:c4:11:
                    d3:e8:8c:cf:29:ce:43:2d:05:72:f0:6c:fa:4c:44:
                    81:aa:b0:f2:44:ae:97:a1:99:2a:45:ce:66:19:d8:
                    a2:4b:d5:b8:c1:37:e2:74:3b:b2:11:ce:55:10:92:
                    27:15:46:a9:ea:8d:02:33:e8:b3:c7:c0:91:fd:5e:
                    9b:ff:1f:97:09:6c:24:e2:6e:18:f1:d6:c1:35:c1:
                    4c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:AA:D2:45:36:FC:35:B4:EE:42:96:B4:4D:C7:97:52:E9:F6:98:2E
            X509v3 Authority Key Identifier:
                keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9KrSRTb8NbTuQpa0TceXUun2mC4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.237.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:5c:a2:2e:a2:36:08:cd:87:7c:10:06:e8:24:4d:a5:ff:1e:
         8c:ed:03:48:ec:e4:fe:a0:21:4f:2c:1f:33:1b:b8:7d:9c:a9:
         be:18:ce:f2:31:bc:5d:b8:d9:58:61:19:c3:08:1b:ad:12:b1:
         43:9a:1e:06:11:d2:96:c5:24:1f:89:c0:bb:a7:95:2d:34:fd:
         62:94:30:39:fe:e3:b7:d8:bf:22:39:bf:73:26:ee:01:4c:78:
         48:01:c2:58:93:35:bc:22:3f:9b:3d:82:39:55:e7:91:0c:3c:
         96:9e:ae:b7:ef:95:0b:da:2f:64:58:e1:3b:bd:81:cd:0e:bb:
         c6:08:1b:24:a1:1a:9c:9d:60:71:4d:7b:a2:e4:78:2d:25:30:
         eb:bc:29:46:b3:d8:cb:cc:55:36:73:b6:37:77:c3:24:12:ec:
         80:8c:6b:f3:0b:f2:58:f9:de:70:c1:fe:b0:67:92:e7:d8:6e:
         95:08:89:48:4d:c2:82:86:7c:19:e6:0b:ae:5c:bb:11:6c:9f:
         52:ba:60:91:a3:73:90:97:17:5d:db:de:ff:2d:c0:e1:5f:43:
         97:3f:0d:5c:db:41:27:5b:62:b0:65:26:c7:4e:af:b2:65:e5:
         d6:89:18:5d:27:3c:9e:36:25:1b:03:46:d1:6b:2e:74:c0:10:
         e0:99:9f:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOoXQma6VId4gczLWNn4EOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjIxMDA1MTMzNjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFhZDI0NTM2ZmMzNWI0ZWU0Mjk2YjQ0ZGM3OTc1MmU5ZjY5ODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/NfAogiNEuIbB/1ik41bX1NRIkW
JSFAHNW226/XB5lDfXl4uLfUQPX1R+VTWArWlRRN8TBWtrAgyEhg4FsM7Zp8J75V
tJQ8R6o1KtZbFx8XAzx6xl4yoVZXKh1XIgVJYGnZE4L8VoLfSr6j8wsPeJnx74ZX
ZH3XLLGN0r09VomL3C7HD+cRiWKV8TjxOihJ3l8ISc5nHrRiKnyBhgI5fMhitSwc
Oidqk27OdgInVM++xBHT6IzPKc5DLQVy8Gz6TESBqrDyRK6XoZkqRc5mGdiiS9W4
wTfidDuyEc5VEJInFUap6o0CM+izx8CR/V6b/x+XCWwk4m4Y8dbBNcFMRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSq0kU2/DW07kKWtE3Hl1Lp9pguMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvOUtyU1JUYjhOYlR1UXBhMFRjZVhVdW4ybUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe1kMA0G
CSqGSIb3DQEBCwUAA4IBAQCDXKIuojYIzYd8EAboJE2l/x6M7QNI7OT+oCFPLB8z
G7h9nKm+GM7yMbxduNlYYRnDCButErFDmh4GEdKWxSQficC7p5UtNP1ilDA5/uO3
2L8iOb9zJu4BTHhIAcJYkzW8Ij+bPYI5VeeRDDyWnq6375UL2i9kWOE7vYHNDrvG
CBskoRqcnWBxTXui5HgtJTDrvClGs9jLzFU2c7Y3d8MkEuyAjGvzC/JY+d5wwf6w
Z5Ln2G6VCIlITcKChnwZ5guuXLsRbJ9SumCRo3OQlxdd297/LcDhX0OXPw1c20En
W2KwZSbHTq+yZeXWiRhdJzyeNiUbA0bRay50wBDgmZ/u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org