Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/E37qTbmyuv7aqh_iQgCa1pJB9cI.roa
File:                     E37qTbmyuv7aqh_iQgCa1pJB9cI.roa (raw, json)
Hash identifier:          G2VpowRBgINvtYs0a8wflwgIYjtRdMeeZXNQltBspx8=
Subject key identifier:   13:7E:EA:4D:B9:B2:BA:FE:DA:AA:1F:E2:42:00:9A:D6:92:41:F5:C2
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       0182539051AFB0BF3831DBE900098D1652F2
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/E37qTbmyuv7aqh_iQgCa1pJB9cI.roa
Signing time:             Sun 31 Jul 2022 09:22:23 +0000
ROA not before:           Sun 31 Jul 2022 09:22:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42093
IP address blocks:        109.105.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:53:90:51:af:b0:bf:38:31:db:e9:00:09:8d:16:52:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jul 31 09:22:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=137eea4db9b2bafedaaa1fe242009ad69241f5c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:52:3c:4f:62:05:e4:4c:ac:79:be:f4:c2:71:
                    6e:9e:ce:cd:70:03:89:6e:03:cb:1b:38:14:b6:de:
                    ac:cd:51:c1:f4:23:f1:8b:bb:df:c2:cd:6c:fd:91:
                    7b:46:c3:86:67:02:23:23:07:40:0f:4c:da:5d:d7:
                    8a:47:a1:fb:34:1e:71:87:f4:5a:87:ee:49:22:db:
                    15:62:a3:dd:43:96:93:5b:a1:8b:be:3d:b6:51:08:
                    64:0a:40:7e:a6:2a:4b:73:10:e7:43:03:69:06:c9:
                    91:32:2b:13:d9:fc:4a:9b:3f:02:2c:71:26:6a:24:
                    5f:23:ff:e2:94:d9:68:40:b4:9e:66:d0:ed:68:f0:
                    40:48:9b:2e:67:c6:b5:d9:10:fd:b2:b7:6b:74:80:
                    0b:f9:4c:87:90:a3:45:01:82:75:23:6d:80:48:46:
                    e9:3e:c7:71:0c:c3:a7:19:54:a8:a1:68:7a:9e:79:
                    57:95:9c:3b:a4:4c:6c:78:98:33:ce:01:2c:10:4d:
                    bf:40:02:df:d0:a4:2b:cc:e7:e8:80:b7:8b:7e:a1:
                    7d:54:65:7d:73:0d:c6:3f:b4:4c:fd:3f:f7:cf:49:
                    42:97:8e:9e:06:41:1d:c4:d8:16:59:06:a9:a7:fd:
                    a5:08:e4:08:34:b1:9a:35:f1:ea:fb:78:77:b4:70:
                    90:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7E:EA:4D:B9:B2:BA:FE:DA:AA:1F:E2:42:00:9A:D6:92:41:F5:C2
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/E37qTbmyuv7aqh_iQgCa1pJB9cI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:cd:5c:41:20:fc:0b:2f:98:3f:a5:80:20:21:1d:85:d7:dc:
         38:ab:82:3b:b9:ca:3a:75:20:9d:2a:ba:9a:7f:2c:88:3b:c6:
         d4:7e:88:cc:79:9a:7e:ab:24:d4:76:54:c4:54:ba:1f:cf:73:
         3f:19:c4:d3:8a:7c:8c:18:6b:65:da:bb:4c:eb:2f:be:79:53:
         a3:49:26:4f:61:06:43:02:2a:9b:89:24:4f:f7:f4:b5:ee:2b:
         8f:d0:02:2b:78:51:86:d4:40:41:29:64:3d:08:52:2f:4b:a6:
         32:57:27:fc:c9:4c:86:99:c7:7e:90:4d:0a:6f:79:ca:ea:46:
         43:6b:1e:df:3f:2d:f6:84:15:8b:88:a6:8c:95:e1:65:e9:d2:
         c6:d3:0d:0d:8e:72:e4:48:ec:da:16:7d:bd:d0:63:8f:fd:7d:
         42:d6:fb:84:f4:ec:84:2b:e1:c3:0b:b9:ee:81:27:b6:c9:ec:
         a2:ad:40:25:69:84:b3:89:93:d2:84:12:e1:56:c8:02:1f:51:
         9f:20:eb:fe:4f:b0:94:75:04:6b:8e:2f:f5:2b:de:76:aa:22:
         35:07:14:a3:c5:4f:e9:b9:81:3f:ea:1a:53:99:9b:b4:30:bf:
         93:a5:58:55:e9:47:bb:40:74:85:be:46:80:f1:dd:e4:c5:1b:
         93:c2:e1:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJTkFGvsL84MdvpAAmNFlLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjIwNzMxMDkyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzdlZWE0ZGI5YjJiYWZlZGFhYTFmZTI0MjAwOWFkNjkyNDFmNWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlI8T2IF5Eyseb70wnFuns7NcAOJ
bgPLGzgUtt6szVHB9CPxi7vfws1s/ZF7RsOGZwIjIwdAD0zaXdeKR6H7NB5xh/Ra
h+5JItsVYqPdQ5aTW6GLvj22UQhkCkB+pipLcxDnQwNpBsmRMisT2fxKmz8CLHEm
aiRfI//ilNloQLSeZtDtaPBASJsuZ8a12RD9srdrdIAL+UyHkKNFAYJ1I22ASEbp
PsdxDMOnGVSooWh6nnlXlZw7pExseJgzzgEsEE2/QALf0KQrzOfogLeLfqF9VGV9
cw3GP7RM/T/3z0lCl46eBkEdxNgWWQapp/2lCOQINLGaNfHq+3h3tHCQGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBN+6k25srr+2qof4kIAmtaSQfXCMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvRTM3cVRibXl1djdhcWhfaVFnQ2ExcEpCOWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnGMA0G
CSqGSIb3DQEBCwUAA4IBAQAVzVxBIPwLL5g/pYAgIR2F19w4q4I7uco6dSCdKrqa
fyyIO8bUfojMeZp+qyTUdlTEVLofz3M/GcTTinyMGGtl2rtM6y++eVOjSSZPYQZD
AiqbiSRP9/S17iuP0AIreFGG1EBBKWQ9CFIvS6YyVyf8yUyGmcd+kE0Kb3nK6kZD
ax7fPy32hBWLiKaMleFl6dLG0w0NjnLkSOzaFn290GOP/X1C1vuE9OyEK+HDC7nu
gSe2yeyirUAlaYSziZPShBLhVsgCH1GfIOv+T7CUdQRrji/1K952qiI1BxSjxU/p
uYE/6hpTmZu0ML+TpVhV6Ue7QHSFvkaA8d3kxRuTwuEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org