Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ls10BPXXU2m2YYsrrI2lNxU45Mc.roa
File:                     Ls10BPXXU2m2YYsrrI2lNxU45Mc.roa (raw, json)
Hash identifier:          kgo3UpksWxC4OA0a1jhzWiPA2m/otHjqWeVoIosQLPY=
Subject key identifier:   2E:CD:74:04:F5:D7:53:69:B6:61:8B:2B:AC:8D:A5:37:15:38:E4:C7
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       031C4E98
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ls10BPXXU2m2YYsrrI2lNxU45Mc.roa
Signing time:             Sat 02 Jul 2022 08:05:25 +0000
ROA not before:           Sat 02 Jul 2022 08:05:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        109.105.197.0/24 maxlen: 24
                          109.105.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52186776 (0x31c4e98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jul  2 08:05:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ecd7404f5d75369b6618b2bac8da5371538e4c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d8:12:7d:48:0c:cf:56:cd:a7:5e:04:13:b9:
                    3a:08:22:8f:0b:a0:a9:12:c8:96:55:c6:b3:26:bb:
                    b1:64:39:bf:ef:2a:a1:35:5a:f9:c3:52:dd:8f:10:
                    ad:d5:33:14:9a:8a:e0:c9:52:25:cc:d5:59:f2:bc:
                    47:30:07:0b:99:d4:d8:0b:07:60:76:ec:66:06:90:
                    9d:e3:c9:ec:eb:27:6b:0e:47:c1:7e:2b:39:40:2b:
                    e1:05:c8:05:ee:8a:18:9e:e0:61:20:f0:6a:fc:5d:
                    af:fd:44:5b:1e:80:04:9b:4e:ee:09:f1:20:77:ac:
                    b6:c4:64:35:7a:26:39:a6:ab:5e:72:04:90:81:6a:
                    d7:c4:8c:19:72:c7:04:19:12:79:c6:97:81:6f:9b:
                    8a:c8:6c:c0:89:fb:70:e6:8b:87:64:1e:04:8f:bf:
                    5e:ad:4a:87:ba:55:be:bf:ed:7b:0e:71:df:ad:bd:
                    fc:21:f8:53:b7:b9:d1:da:20:fe:bc:e0:14:44:9c:
                    f2:27:9c:1f:f5:ba:34:80:e5:ab:1f:a5:37:89:54:
                    fa:b6:a9:1d:0b:4b:24:04:54:44:18:01:16:85:c9:
                    dd:f1:c0:91:b2:15:89:83:a7:ae:13:c4:b2:2f:f7:
                    7b:45:54:cd:d0:e2:bf:3e:4b:50:78:8f:03:b4:fd:
                    54:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CD:74:04:F5:D7:53:69:B6:61:8B:2B:AC:8D:A5:37:15:38:E4:C7
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/Ls10BPXXU2m2YYsrrI2lNxU45Mc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.197.0/24
                  109.105.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:a6:71:b9:1e:ca:5c:c3:da:5e:50:12:c6:14:c1:5f:85:c6:
         7d:e8:7c:8f:14:91:6c:53:7b:cf:73:cc:5c:48:47:b1:8d:b5:
         94:a4:c2:5c:34:c6:c3:1d:b0:a1:16:98:3f:c9:7f:f2:1f:1f:
         c8:e9:ed:1c:bb:4d:4c:a2:78:38:2d:65:92:a1:ab:99:1c:8d:
         f8:26:49:06:59:b7:0d:33:39:6a:e1:12:29:2c:cd:04:4b:fc:
         f2:d1:72:d8:ba:cd:26:b2:a5:42:c0:04:fa:92:80:91:ed:eb:
         38:39:36:d0:d7:3d:92:06:b3:2d:50:b7:1e:d5:7b:a7:0d:ba:
         ce:06:8d:f4:49:52:7e:12:65:73:75:32:f2:ce:dc:93:39:61:
         6d:72:43:73:22:10:53:69:75:12:02:d7:8b:ef:97:18:b4:8b:
         bc:ff:11:eb:97:77:9f:d3:b2:56:d6:1b:dc:b0:12:f9:b3:7c:
         ba:bb:89:72:d5:d5:e4:ee:1c:a8:b8:0e:86:1d:50:19:f1:41:
         f9:65:af:04:8f:6c:23:3e:c9:d2:ef:87:15:81:ae:48:ed:84:
         03:e5:6f:41:92:b1:fe:16:68:88:62:8d:63:94:52:d8:2c:56:
         f4:6a:a8:f3:d2:60:c6:41:b4:ce:a6:ec:32:83:50:d3:c0:81:
         fb:09:6d:06
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAxxOmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDcw
MjA4MDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVjZDc0MDRmNWQ3
NTM2OWI2NjE4YjJiYWM4ZGE1MzcxNTM4ZTRjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAILYEn1IDM9WzadeBBO5OggijwugqRLIllXGsya7sWQ5v+8q
oTVa+cNS3Y8QrdUzFJqK4MlSJczVWfK8RzAHC5nU2AsHYHbsZgaQnePJ7Osnaw5H
wX4rOUAr4QXIBe6KGJ7gYSDwavxdr/1EWx6ABJtO7gnxIHestsRkNXomOaarXnIE
kIFq18SMGXLHBBkSecaXgW+bishswIn7cOaLh2QeBI+/Xq1Kh7pVvr/tew5x3629
/CH4U7e50dog/rzgFESc8iecH/W6NIDlqx+lN4lU+rapHQtLJARURBgBFoXJ3fHA
kbIViYOnrhPEsi/3e0VUzdDivz5LUHiPA7T9VHsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQuzXQE9ddTabZhiyusjaU3FTjkxzAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0xzMTBCUFhYVTJtMllZc3JySTJsTnhVNDVNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG1pxQMEAG1pxzANBgkqhkiG9w0B
AQsFAAOCAQEARKZxuR7KXMPaXlASxhTBX4XGfeh8jxSRbFN7z3PMXEhHsY21lKTC
XDTGwx2woRaYP8l/8h8fyOntHLtNTKJ4OC1lkqGrmRyN+CZJBlm3DTM5auESKSzN
BEv88tFy2LrNJrKlQsAE+pKAke3rODk20Nc9kgazLVC3HtV7pw26zgaN9ElSfhJl
c3Uy8s7ckzlhbXJDcyIQU2l1EgLXi++XGLSLvP8R65d3n9OyVtYb3LAS+bN8uruJ
ctXV5O4cqLgOhh1QGfFB+WWvBI9sIz7J0u+HFYGuSO2EA+VvQZKx/hZoiGKNY5RS
2CxW9Gqo89JgxkG0zqbsMoNQ08CB+wltBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org