Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MFkchEY0vNXylNRdVkpOg38gjwU.roa
File:                     MFkchEY0vNXylNRdVkpOg38gjwU.roa (raw, json)
Hash identifier:          qjc0zM2Ihj7dqFCKanFBOstCtOewue81QGJLg3jXaQw=
Subject key identifier:   30:59:1C:84:46:34:BC:D5:F2:94:D4:5D:56:4A:4E:83:7F:20:8F:05
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0877F56C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MFkchEY0vNXylNRdVkpOg38gjwU.roa
Signing time:             Wed 23 Mar 2022 10:45:34 +0000
ROA not before:           Wed 23 Mar 2022 10:45:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        109.121.32.0/24 maxlen: 24
                          77.105.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142079340 (0x877f56c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Mar 23 10:45:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=30591c844634bcd5f294d45d564a4e837f208f05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3f:08:c1:2e:d3:66:0a:b1:35:1b:5e:67:29:
                    dc:80:bb:79:c0:2b:fa:4e:99:28:77:04:5d:4c:a7:
                    45:fa:00:44:2a:cd:50:cd:06:fa:5c:b3:b9:d2:8d:
                    cf:5f:0c:14:14:e7:ef:65:ff:36:a2:d7:4d:00:66:
                    b6:14:77:30:11:a7:6f:41:ef:7e:dd:22:85:1c:1a:
                    ef:97:77:40:5a:c0:6a:f5:ea:29:a9:26:97:fe:6f:
                    71:69:a3:94:be:05:78:76:24:ea:77:9b:ef:ad:c8:
                    61:d2:2d:ec:22:f9:77:0c:b9:49:21:07:7d:56:b7:
                    39:86:49:a9:77:6d:f8:ff:fc:3f:5f:b1:93:3d:bc:
                    a1:a5:c8:d5:ea:f0:92:50:69:6d:ec:21:05:a4:a1:
                    92:57:eb:82:ca:13:cd:5d:e9:42:77:1a:87:94:d4:
                    3d:47:c7:b1:d5:9e:6a:da:dd:67:85:28:ea:27:ab:
                    82:bc:10:5c:83:f4:46:93:60:e7:45:6f:52:ba:d9:
                    19:cb:5a:f0:1b:9b:36:c7:79:d3:b7:64:c4:31:33:
                    b9:3f:13:89:a0:a6:3f:3f:b8:a6:81:1d:8c:a6:5b:
                    93:c3:e5:17:7c:f5:2c:4f:52:5a:8c:a1:18:a6:84:
                    e0:d1:40:85:f6:8a:d1:90:c2:49:f5:23:5e:11:50:
                    af:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:59:1C:84:46:34:BC:D5:F2:94:D4:5D:56:4A:4E:83:7F:20:8F:05
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MFkchEY0vNXylNRdVkpOg38gjwU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.4.0/24
                  109.121.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:94:7e:15:94:79:c3:44:34:8c:bc:ab:53:3c:19:39:e8:c0:
         d0:62:07:aa:8d:41:a3:90:fe:da:ec:33:24:88:18:bc:09:66:
         ee:03:70:7e:c3:85:8e:96:5f:18:3f:56:56:ca:4d:04:d9:5e:
         36:53:e9:2e:cc:bf:f2:35:28:c3:b8:13:4c:cb:5c:b1:c6:c9:
         0b:53:fe:4f:f3:e7:b5:8c:e5:be:2c:49:7b:ae:14:4a:4f:92:
         2a:b3:43:63:29:cc:4c:b4:3e:89:bb:47:ce:b3:75:37:8a:ff:
         17:e3:ac:ab:b7:82:50:a0:1c:71:39:8a:76:5b:be:4e:bd:86:
         3a:b2:e7:bd:1e:3c:12:ee:23:de:a9:12:e4:e7:06:25:be:c5:
         b4:fa:06:64:d9:97:1c:a8:89:e6:e8:f6:ff:87:ef:cf:33:73:
         f6:eb:fd:98:b0:87:0c:ee:36:6a:ad:77:90:e8:de:62:23:e5:
         6d:14:db:ca:d0:b8:b9:ff:ce:01:d4:7b:e6:de:72:4c:a2:dc:
         53:ff:90:d2:e4:2e:b0:0d:b3:1a:a3:94:74:53:96:f4:20:36:
         a2:a4:ff:8c:98:35:fb:b8:f2:07:d4:13:99:c2:7d:07:54:17:
         a5:46:38:7b:3b:df:5d:44:83:9d:40:83:c8:7e:45:65:30:1e:
         d0:41:a0:d1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECHf1bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDMy
MzEwNDUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA1OTFjODQ0NjM0
YmNkNWYyOTRkNDVkNTY0YTRlODM3ZjIwOGYwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALE/CMEu02YKsTUbXmcp3IC7ecAr+k6ZKHcEXUynRfoARCrN
UM0G+lyzudKNz18MFBTn72X/NqLXTQBmthR3MBGnb0Hvft0ihRwa75d3QFrAavXq
Kakml/5vcWmjlL4FeHYk6neb763IYdIt7CL5dwy5SSEHfVa3OYZJqXdt+P/8P1+x
kz28oaXI1erwklBpbewhBaShklfrgsoTzV3pQncah5TUPUfHsdWeatrdZ4Uo6ier
grwQXIP0RpNg50VvUrrZGcta8BubNsd507dkxDEzuT8TiaCmPz+4poEdjKZbk8Pl
F3z1LE9SWoyhGKaE4NFAhfaK0ZDCSfUjXhFQr6sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQwWRyERjS81fKU1F1WSk6DfyCPBTAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L01Ga2NoRVkwdk5YeWxOUmRWa3BPZzM4Z2p3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE1pBAMEAG15IDANBgkqhkiG9w0B
AQsFAAOCAQEAjZR+FZR5w0Q0jLyrUzwZOejA0GIHqo1Bo5D+2uwzJIgYvAlm7gNw
fsOFjpZfGD9WVspNBNleNlPpLsy/8jUow7gTTMtcscbJC1P+T/PntYzlvixJe64U
Sk+SKrNDYynMTLQ+ibtHzrN1N4r/F+Osq7eCUKAccTmKdlu+Tr2GOrLnvR48Eu4j
3qkS5OcGJb7FtPoGZNmXHKiJ5uj2/4fvzzNz9uv9mLCHDO42aq13kOjeYiPlbRTb
ytC4uf/OAdR75t5yTKLcU/+Q0uQusA2zGqOUdFOW9CA2oqT/jJg1+7jyB9QTmcJ9
B1QXpUY4ezvfXUSDnUCDyH5FZTAe0EGg0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org