Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/S6qA3DEso4HCoM-rz0phayBht04.roa
File:                     S6qA3DEso4HCoM-rz0phayBht04.roa (raw, json)
Hash identifier:          vSiMkEVtPgOrvmlmsmjIPiBb7oFHT1AEB8Wn1mbQ/iE=
Subject key identifier:   4B:AA:80:DC:31:2C:A3:81:C2:A0:CF:AB:CF:4A:61:6B:20:61:B7:4E
Certificate issuer:       /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial:       37438E57
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/S6qA3DEso4HCoM-rz0phayBht04.roa
Signing time:             Sat 01 Jan 2022 02:56:22 +0000
ROA not before:           Sat 01 Jan 2022 02:56:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39590
IP address blocks:        109.105.124.0/22 maxlen: 24
                          2001:948:40::/42 maxlen: 42

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 927174231 (0x37438e57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
        Validity
            Not Before: Jan  1 02:56:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4baa80dc312ca381c2a0cfabcf4a616b2061b74e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:cf:2e:fc:0f:f3:c4:c5:c7:c1:8e:b9:8f:67:
                    04:e6:34:57:50:83:8e:f3:fe:d5:fe:43:29:11:39:
                    50:7d:9b:fe:9c:8a:08:14:50:4d:87:f1:d9:85:29:
                    55:a2:86:16:e1:41:e7:7e:9a:c2:58:ac:0d:c2:2d:
                    a4:45:95:32:35:55:1a:89:f1:56:d5:0d:40:be:50:
                    6a:55:5e:e5:44:a6:b5:b2:3b:8e:41:6a:16:0c:2c:
                    ef:d6:e0:e6:05:e4:d5:cd:a2:3e:05:dc:59:5a:6c:
                    99:58:df:7c:99:fe:47:91:27:17:dd:a6:7d:ec:5e:
                    ca:96:0d:c9:45:39:05:24:bf:77:1d:4e:d9:99:e3:
                    a0:20:0b:76:32:b6:c0:48:bc:fc:f4:f1:93:8b:9c:
                    98:66:d3:04:84:80:86:be:d5:f4:ad:ba:4c:d2:c6:
                    e2:8d:51:7b:7b:6a:37:4f:0a:8b:31:8c:81:06:34:
                    02:cc:10:5d:79:21:62:43:d8:69:07:be:02:72:2e:
                    79:ab:6c:51:33:ba:36:00:fa:70:3e:4a:d5:fe:78:
                    0a:aa:d4:34:fb:21:9b:57:85:4f:7d:fc:89:94:32:
                    81:50:52:e9:9b:f6:72:c0:aa:8e:2d:17:37:6d:aa:
                    35:e1:6a:13:bb:d4:f9:28:00:6e:22:cf:9f:2e:87:
                    e8:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:AA:80:DC:31:2C:A3:81:C2:A0:CF:AB:CF:4A:61:6B:20:61:B7:4E
            X509v3 Authority Key Identifier:
                keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/S6qA3DEso4HCoM-rz0phayBht04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.124.0/22
                IPv6:
                  2001:948:40::/42

    Signature Algorithm: sha256WithRSAEncryption
         c9:e2:dd:94:31:4e:19:eb:a5:67:8d:31:b4:fa:6e:e9:09:60:
         61:73:97:4a:94:cf:b2:b0:76:65:97:07:b4:ae:74:30:93:52:
         de:89:f9:67:b1:4d:d1:20:c4:ec:bb:54:5c:d7:2f:9e:c9:b9:
         38:76:ee:af:84:c2:9e:8e:18:61:60:ca:05:fd:31:6e:05:0f:
         e2:6e:e1:0c:bb:20:b6:83:3f:c6:6e:16:25:ab:fd:19:4d:2d:
         2f:a0:48:83:d5:b4:c5:96:9f:bf:9f:1a:62:e4:2d:70:ed:e9:
         b9:8c:42:74:b2:2e:fe:d9:11:8a:21:81:ab:6a:e7:df:c9:5c:
         25:83:79:5a:09:33:09:3c:c5:62:bc:47:e9:34:84:cd:f4:bf:
         83:b8:ca:ea:72:b9:45:20:c2:e8:f5:60:ab:06:bd:94:16:db:
         95:25:d6:ce:f4:16:df:87:a1:7e:4c:70:d3:d7:cb:50:c7:68:
         24:9c:b4:22:9d:9e:64:fd:3c:12:36:7a:01:fb:b5:b3:52:01:
         21:55:29:4e:9e:f1:c2:b8:d2:69:ec:b6:ec:93:45:c7:b6:5f:
         87:b9:dd:f8:0a:e9:48:ea:bf:15:ba:49:57:0e:b9:3f:da:52:
         84:f6:00:dc:33:57:e4:a2:83:5d:13:4b:bc:de:60:03:ea:b3:
         9b:a1:27:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEN0OOVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzU2YWU2MjVkOTUwNmRmNGEzZTU3N2IyNGE4NmZjZTNjNzNhOGY4MB4XDTIyMDEw
MTAyNTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJhYTgwZGMzMTJj
YTM4MWMyYTBjZmFiY2Y0YTYxNmIyMDYxYjc0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnPLvwP88TFx8GOuY9nBOY0V1CDjvP+1f5DKRE5UH2b/pyK
CBRQTYfx2YUpVaKGFuFB536awlisDcItpEWVMjVVGonxVtUNQL5QalVe5USmtbI7
jkFqFgws79bg5gXk1c2iPgXcWVpsmVjffJn+R5EnF92mfexeypYNyUU5BSS/dx1O
2ZnjoCALdjK2wEi8/PTxk4ucmGbTBISAhr7V9K26TNLG4o1Re3tqN08KizGMgQY0
AswQXXkhYkPYaQe+AnIueatsUTO6NgD6cD5K1f54CqrUNPshm1eFT338iZQygVBS
6Zv2csCqji0XN22qNeFqE7vU+SgAbiLPny6H6HsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRLqoDcMSyjgcKgz6vPSmFrIGG3TjAfBgNVHSMEGDAWgBTTVq5iXZUG30o+
V3skqG/OPHOo+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxYXVZbDJWQnQ5S1BsZDdKS2h2emp4enFQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvN2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8x
L1M2cUEzREVzbzRIQ29NLXJ6MHBoYXlCaHQwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
N2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8xLzAxYXVZbDJWQnQ5
S1BsZDdKS2h2emp4enFQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAm1pfDAPBAIAAjAJAwcGIAEJSABA
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ4t2UMU4Z66VnjTG0+m7pCWBhc5dKlM+ysHZl
lwe0rnQwk1LeiflnsU3RIMTsu1Rc1y+eybk4du6vhMKejhhhYMoF/TFuBQ/ibuEM
uyC2gz/GbhYlq/0ZTS0voEiD1bTFlp+/nxpi5C1w7em5jEJ0si7+2RGKIYGrauff
yVwlg3laCTMJPMVivEfpNITN9L+DuMrqcrlFIMLo9WCrBr2UFtuVJdbO9Bbfh6F+
THDT18tQx2gknLQinZ5k/TwSNnoB+7WzUgEhVSlOnvHCuNJp7Lbsk0XHtl+Hud34
CulI6r8VuklXDrk/2lKE9gDcM1fkooNdE0u83mAD6rOboSeU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:42 2024 by rpki-client on console-ams.rpki-client.org