Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/WAPjwIfilEeBcWVbzvzQIM71ZhA.roa
File:                     WAPjwIfilEeBcWVbzvzQIM71ZhA.roa (raw, json)
Hash identifier:          16/48nx/whhMOI76n5ltu9x05T9ey92qHdqVCHbHA1A=
Subject key identifier:   58:03:E3:C0:87:E2:94:47:81:71:65:5B:CE:FC:D0:20:CE:F5:66:10
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       01F8C120
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/WAPjwIfilEeBcWVbzvzQIM71ZhA.roa
Signing time:             Wed 02 Mar 2022 14:53:57 +0000
ROA not before:           Wed 02 Mar 2022 14:53:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60588
IP address blocks:        109.105.205.0/24 maxlen: 24
                          109.105.207.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33079584 (0x1f8c120)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Mar  2 14:53:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5803e3c087e294478171655bcefcd020cef56610
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:29:e9:f6:bd:99:22:d9:0d:ce:3b:12:9e:fc:
                    8b:b9:2a:22:82:c0:a4:09:34:67:d6:08:09:be:84:
                    5c:80:79:58:87:f5:10:bb:d0:d4:61:24:4a:c4:a0:
                    3f:a2:4d:78:ee:5a:98:ba:c0:d9:af:5f:fc:7c:64:
                    28:a9:05:55:1f:80:13:a7:94:9f:87:42:17:a1:a2:
                    b0:33:dc:c2:5b:12:54:ff:24:67:31:ef:54:39:c6:
                    a6:28:5b:31:ba:29:30:45:0f:cc:e8:f0:d7:ce:9e:
                    b9:6c:2c:7d:95:28:6f:3b:c8:5f:70:b4:9e:51:6a:
                    ce:b1:20:c7:61:83:14:53:5a:a9:31:45:28:74:3e:
                    7e:bc:46:52:cf:e7:49:63:20:ee:80:db:b1:24:95:
                    1d:25:cc:03:37:71:a9:0d:d8:fc:40:f8:46:e5:6e:
                    c9:f8:15:25:66:f8:cb:6b:45:f9:8e:bd:a4:f4:f5:
                    dc:1d:42:8c:58:61:e4:26:b8:d6:86:e5:82:97:02:
                    6a:44:7d:60:6e:a8:12:95:6d:51:a4:9b:9a:45:bd:
                    80:a1:c7:fa:c1:1b:c0:c9:bc:3e:dc:e0:34:54:61:
                    ce:48:02:37:3d:37:5b:32:10:6f:ab:97:62:04:64:
                    c6:24:7a:72:d8:9a:37:ed:ab:33:88:d9:0f:0a:13:
                    81:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:03:E3:C0:87:E2:94:47:81:71:65:5B:CE:FC:D0:20:CE:F5:66:10
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/WAPjwIfilEeBcWVbzvzQIM71ZhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.205.0/24
                  109.105.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:61:aa:9f:2d:61:50:13:c3:8b:6e:92:ec:95:7b:01:d4:db:
         ed:8f:72:5b:5c:3f:ba:a2:68:b7:a3:7e:65:35:04:27:7b:bd:
         6e:ef:e0:20:86:1f:88:88:90:2a:25:24:51:68:b7:13:bf:5d:
         15:e8:25:70:44:23:58:75:96:8a:0b:17:12:f5:1c:4a:45:5b:
         e2:b5:f3:53:26:04:34:3b:38:a4:d5:ad:69:70:e9:04:df:a6:
         1b:99:12:6e:dc:1b:61:75:77:1b:05:6e:0b:dc:31:38:91:56:
         e4:aa:3e:5e:48:50:d9:53:49:c8:43:3f:e2:c1:3d:d2:94:89:
         2f:15:39:5a:9e:09:8d:3e:17:7d:de:9d:84:bf:52:fc:87:a2:
         80:6d:15:cb:04:58:b6:a8:eb:86:4b:f9:42:de:c8:15:14:f6:
         47:cc:b9:42:41:d4:e8:bf:a4:49:c6:80:74:e7:6d:47:57:f5:
         18:ab:f7:73:53:b0:2d:98:d9:77:bd:05:2b:7e:b2:d2:51:45:
         5b:67:7f:16:d6:af:6b:a3:87:d5:16:61:0b:cd:8d:43:11:8a:
         9e:96:45:82:b2:41:ea:fd:18:ea:8b:ea:01:90:22:4d:95:9c:
         19:71:51:1a:c2:3e:82:da:66:bf:b1:08:0a:4f:a0:f5:78:bc:
         4f:03:8e:d9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAfjBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDMw
MjE0NTM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgwM2UzYzA4N2Uy
OTQ0NzgxNzE2NTViY2VmY2QwMjBjZWY1NjYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMop6fa9mSLZDc47Ep78i7kqIoLApAk0Z9YICb6EXIB5WIf1
ELvQ1GEkSsSgP6JNeO5amLrA2a9f/HxkKKkFVR+AE6eUn4dCF6GisDPcwlsSVP8k
ZzHvVDnGpihbMbopMEUPzOjw186euWwsfZUobzvIX3C0nlFqzrEgx2GDFFNaqTFF
KHQ+frxGUs/nSWMg7oDbsSSVHSXMAzdxqQ3Y/ED4RuVuyfgVJWb4y2tF+Y69pPT1
3B1CjFhh5Ca41oblgpcCakR9YG6oEpVtUaSbmkW9gKHH+sEbwMm8PtzgNFRhzkgC
Nz03WzIQb6uXYgRkxiR6ctiaN+2rM4jZDwoTgcMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRYA+PAh+KUR4FxZVvO/NAgzvVmEDAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L1dBUGp3SWZpbEVlQmNXVmJ6dnpRSU03MVpoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG1pzQMEAG1pzzANBgkqhkiG9w0B
AQsFAAOCAQEATGGqny1hUBPDi26S7JV7AdTb7Y9yW1w/uqJot6N+ZTUEJ3u9bu/g
IIYfiIiQKiUkUWi3E79dFeglcEQjWHWWigsXEvUcSkVb4rXzUyYENDs4pNWtaXDp
BN+mG5kSbtwbYXV3GwVuC9wxOJFW5Ko+XkhQ2VNJyEM/4sE90pSJLxU5Wp4JjT4X
fd6dhL9S/IeigG0VywRYtqjrhkv5Qt7IFRT2R8y5QkHU6L+kScaAdOdtR1f1GKv3
c1OwLZjZd70FK36y0lFFW2d/Ftava6OH1RZhC82NQxGKnpZFgrJB6v0Y6ovqAZAi
TZWcGXFRGsI+gtpmv7EICk+g9Xi8TwOO2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org