Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YgobYDsUwN7ldha60VlYbWBzk2c.roa
File:                     YgobYDsUwN7ldha60VlYbWBzk2c.roa (raw, json)
Hash identifier:          jLr5dLSiG9wW8gfBCCy8Gy24lSwJ0RRVKBKZwRkzxfc=
Subject key identifier:   62:0A:1B:60:3B:14:C0:DE:E5:76:16:BA:D1:59:58:6D:60:73:93:67
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018475407108A343F3E0349665A318D943BC
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YgobYDsUwN7ldha60VlYbWBzk2c.roa
Signing time:             Mon 14 Nov 2022 08:27:48 +0000
ROA not before:           Mon 14 Nov 2022 08:27:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        109.121.41.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:75:40:71:08:a3:43:f3:e0:34:96:65:a3:18:d9:43:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Nov 14 08:27:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=620a1b603b14c0dee57616bad159586d60739367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0c:40:3e:a7:83:1f:fa:d7:f5:83:f5:7f:67:
                    a7:c9:e9:ba:bb:7d:92:37:28:d8:df:3c:40:da:8a:
                    d8:da:99:32:e0:38:97:97:f2:8a:be:21:be:bf:a8:
                    df:5a:ec:29:6c:5b:53:96:37:37:93:eb:8b:c5:d0:
                    ba:8d:22:04:03:e6:6c:72:c8:3e:c9:2e:e3:da:76:
                    50:02:e5:be:bf:15:da:ac:22:ae:38:2e:e8:78:b4:
                    bb:7f:3b:4e:27:73:3f:98:05:e4:5e:79:4a:6a:24:
                    1b:ac:a5:42:eb:38:dd:66:53:e8:0a:06:e0:48:20:
                    3a:2d:82:bd:25:8a:cc:b2:12:01:f9:2e:39:12:9a:
                    21:c3:e9:f8:2e:d4:aa:2e:b9:30:ff:ba:10:c9:b0:
                    49:32:f5:1f:fd:86:eb:57:f6:21:04:f8:d1:e0:22:
                    69:01:17:9f:66:63:95:8b:ce:02:c3:cd:17:ca:54:
                    b9:ca:96:a3:7a:16:3d:3c:52:5c:90:66:36:1b:4c:
                    62:69:53:c2:45:48:e4:c8:2d:5d:97:45:73:03:14:
                    22:0e:f3:3a:97:19:45:45:30:93:c9:b0:9c:84:6f:
                    a3:cb:4a:04:ff:18:00:01:aa:04:36:cb:ad:82:2c:
                    f4:e1:55:04:a2:9c:1c:f1:6a:f1:1d:60:bd:57:e9:
                    6b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:0A:1B:60:3B:14:C0:DE:E5:76:16:BA:D1:59:58:6D:60:73:93:67
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/YgobYDsUwN7ldha60VlYbWBzk2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:b9:a8:a3:71:8c:91:36:ee:2f:bd:ab:b0:9c:24:8c:85:f3:
         99:f7:c8:e8:17:af:5c:e8:73:1f:0d:ca:3c:67:14:4c:31:87:
         a1:30:5b:19:2f:4b:39:8e:3f:05:d2:05:77:c2:8a:f0:56:87:
         a3:39:b2:b5:5b:a3:f8:d7:98:a4:46:59:bd:53:7f:ee:73:9a:
         f5:17:70:34:0f:10:ea:09:ea:14:ac:fe:b0:4e:a6:a8:cd:d2:
         68:57:6c:5a:20:9e:5a:19:f8:44:82:50:e7:66:23:7d:f3:f2:
         92:0a:e2:ef:a4:4b:f5:29:4c:6c:8e:6b:d0:9e:75:74:47:aa:
         70:9c:48:d5:15:c2:03:d9:4e:70:1a:12:52:24:2d:b0:28:03:
         25:ae:40:1b:22:40:5c:36:0c:76:0d:8a:16:44:8d:87:58:0d:
         6a:b2:a3:d9:f0:86:69:87:ad:b3:0f:eb:95:c6:ad:86:35:86:
         80:57:d0:e0:d4:8e:51:38:b2:ad:96:a6:49:6d:a3:73:ef:5d:
         14:1d:3d:52:c8:5c:45:e3:7c:5a:15:1e:a0:32:be:14:d3:10:
         82:39:f2:68:11:f7:63:3a:af:34:02:5b:10:d1:c9:50:8a:3c:
         45:34:5c:a6:73:c8:84:bf:98:30:46:cd:f1:41:7c:0d:7f:f7:
         8d:15:79:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1QHEIo0Pz4DSWZaMY2UO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE0MDgyNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBhMWI2MDNiMTRjMGRlZTU3NjE2YmFkMTU5NTg2ZDYwNzM5MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwxAPqeDH/rX9YP1f2enyem6u32S
NyjY3zxA2orY2pky4DiXl/KKviG+v6jfWuwpbFtTljc3k+uLxdC6jSIEA+Zscsg+
yS7j2nZQAuW+vxXarCKuOC7oeLS7fztOJ3M/mAXkXnlKaiQbrKVC6zjdZlPoCgbg
SCA6LYK9JYrMshIB+S45Epohw+n4LtSqLrkw/7oQybBJMvUf/YbrV/YhBPjR4CJp
ARefZmOVi84Cw80XylS5ypajehY9PFJckGY2G0xiaVPCRUjkyC1dl0VzAxQiDvM6
lxlFRTCTybCchG+jy0oE/xgAAaoENsutgiz04VUEopwc8WrxHWC9V+lrtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIKG2A7FMDe5XYWutFZWG1gc5NnMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWWdvYllEc1V3TjdsZGhhNjBWbFliV0J6azJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkpMA0G
CSqGSIb3DQEBCwUAA4IBAQA1uaijcYyRNu4vvauwnCSMhfOZ98joF69c6HMfDco8
ZxRMMYehMFsZL0s5jj8F0gV3worwVoejObK1W6P415ikRlm9U3/uc5r1F3A0DxDq
CeoUrP6wTqaozdJoV2xaIJ5aGfhEglDnZiN98/KSCuLvpEv1KUxsjmvQnnV0R6pw
nEjVFcID2U5wGhJSJC2wKAMlrkAbIkBcNgx2DYoWRI2HWA1qsqPZ8IZph62zD+uV
xq2GNYaAV9Dg1I5ROLKtlqZJbaNz710UHT1SyFxF43xaFR6gMr4U0xCCOfJoEfdj
Oq80AlsQ0clQijxFNFymc8iEv5gwRs3xQXwNf/eNFXmB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org