Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/F3dEw9n_X6DR28gSdaeYAezRP6s.roa
File:                     F3dEw9n_X6DR28gSdaeYAezRP6s.roa (raw, json)
Hash identifier:          3VTq2NmdSd4D0Gdg83EOzPkTVxKaF89OLD+9hbzDAjM=
Subject key identifier:   17:77:44:C3:D9:FF:5F:A0:D1:DB:C8:12:75:A7:98:01:EC:D1:3F:AB
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       01D6DDCE
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/F3dEw9n_X6DR28gSdaeYAezRP6s.roa
Signing time:             Mon 21 Feb 2022 10:37:00 +0000
ROA not before:           Mon 21 Feb 2022 10:37:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211936
IP address blocks:        109.105.199.0/24 maxlen: 24
                          109.105.197.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30858702 (0x1d6ddce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Feb 21 10:37:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=177744c3d9ff5fa0d1dbc81275a79801ecd13fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4b:be:ca:2a:c1:b1:6a:d8:25:b9:27:2e:54:
                    8c:a6:18:2c:76:ec:d6:5a:01:2f:9d:25:9e:3f:09:
                    4a:e2:54:73:a9:5f:7f:0a:c6:e7:37:e3:10:06:b5:
                    16:31:97:5d:b6:5c:52:ef:c3:20:44:06:4e:0e:c3:
                    e1:c8:70:27:73:96:1d:76:96:61:89:18:45:cb:37:
                    0d:cb:05:7d:fc:01:8e:70:b4:ac:e8:42:43:a6:c4:
                    e2:ee:3b:40:8c:6d:01:0b:5a:b5:68:d8:5a:b2:65:
                    4a:c0:96:97:cb:6a:42:61:cb:8e:0d:91:ec:fd:f9:
                    7c:47:79:72:e8:9a:3f:18:14:64:b1:52:ed:11:06:
                    d0:da:f5:ea:19:9e:4a:dc:38:6d:f7:57:2b:64:71:
                    d4:2b:43:c3:ab:c3:e4:9f:1f:02:f7:56:9f:28:0e:
                    29:95:62:e0:c5:35:33:4b:00:ae:8f:32:af:5d:ea:
                    6e:1d:e0:d2:10:b2:4b:bb:b7:4b:b6:8f:d1:02:fd:
                    59:8a:17:02:58:cf:1a:8a:7a:c6:6c:2a:bb:3a:4f:
                    ff:7b:be:a7:d8:d6:9b:fb:1b:46:9e:9c:c8:42:21:
                    42:65:99:a8:12:29:16:34:42:81:b4:22:7d:95:59:
                    d4:30:c5:96:4b:2f:7e:1f:77:2b:ab:0c:01:38:f5:
                    8d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:77:44:C3:D9:FF:5F:A0:D1:DB:C8:12:75:A7:98:01:EC:D1:3F:AB
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/F3dEw9n_X6DR28gSdaeYAezRP6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.197.0/24
                  109.105.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:ee:37:ee:d5:30:e2:92:79:60:f1:58:03:24:c1:10:57:97:
         a1:32:aa:7e:d4:6a:ae:a3:fd:f2:db:d2:d4:9b:d5:b6:03:f5:
         a7:c5:1b:71:03:cb:e2:9e:a8:58:83:df:46:1f:bf:30:4f:2b:
         c5:bf:ba:1c:d1:e1:f1:d1:48:b7:72:ee:bd:6a:2b:ea:49:dd:
         74:fa:b1:d3:d8:b8:2f:ce:e2:77:81:2a:a7:f0:d8:5b:5a:91:
         40:55:0d:31:68:1d:64:31:d8:61:2c:e0:a6:e7:03:3d:74:56:
         5a:5c:ee:3a:92:b9:15:c2:53:5c:ad:35:fe:14:69:46:bd:13:
         af:2f:10:d3:28:ce:87:62:ec:e8:1e:fc:d5:0a:ba:51:4d:47:
         47:88:68:1d:9b:d1:57:19:ce:00:e8:af:76:e5:07:70:cf:d0:
         3d:66:a0:72:cc:ef:e7:78:88:3e:83:83:da:98:5e:26:14:a6:
         ec:ee:99:70:e8:b3:7c:ab:b3:96:2f:bb:3c:60:37:36:b4:a1:
         35:06:6c:57:d3:8b:84:a1:b2:28:f7:41:fd:8a:58:4e:6e:44:
         57:d8:f4:0f:33:97:1f:06:53:f2:91:f9:e2:6b:6e:78:81:4c:
         1c:1a:45:0e:fd:7b:67:61:53:10:b7:26:8a:95:83:b2:64:ed:
         72:78:3f:e7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAdbdzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDIy
MTEwMzcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc3NzQ0YzNkOWZm
NWZhMGQxZGJjODEyNzVhNzk4MDFlY2QxM2ZhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN1LvsoqwbFq2CW5Jy5UjKYYLHbs1loBL50lnj8JSuJUc6lf
fwrG5zfjEAa1FjGXXbZcUu/DIEQGTg7D4chwJ3OWHXaWYYkYRcs3DcsFffwBjnC0
rOhCQ6bE4u47QIxtAQtatWjYWrJlSsCWl8tqQmHLjg2R7P35fEd5cuiaPxgUZLFS
7REG0Nr16hmeStw4bfdXK2Rx1CtDw6vD5J8fAvdWnygOKZVi4MU1M0sAro8yr13q
bh3g0hCyS7u3S7aP0QL9WYoXAljPGop6xmwquzpP/3u+p9jWm/sbRp6cyEIhQmWZ
qBIpFjRCgbQifZVZ1DDFlksvfh93K6sMATj1jWECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQXd0TD2f9foNHbyBJ1p5gB7NE/qzAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0YzZEV3OW5fWDZEUjI4Z1NkYWVZQWV6UlA2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG1pxQMEAG1pxzANBgkqhkiG9w0B
AQsFAAOCAQEAnu437tUw4pJ5YPFYAyTBEFeXoTKqftRqrqP98tvS1JvVtgP1p8Ub
cQPL4p6oWIPfRh+/ME8rxb+6HNHh8dFIt3LuvWor6knddPqx09i4L87id4Eqp/DY
W1qRQFUNMWgdZDHYYSzgpucDPXRWWlzuOpK5FcJTXK01/hRpRr0Try8Q0yjOh2Ls
6B781Qq6UU1HR4hoHZvRVxnOAOivduUHcM/QPWagcszv53iIPoOD2pheJhSm7O6Z
cOizfKuzli+7PGA3NrShNQZsV9OLhKGyKPdB/YpYTm5EV9j0DzOXHwZT8pH54mtu
eIFMHBpFDv17Z2FTELcmipWDsmTtcng/5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org