Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cjdn-MTohbRQJWaQhSx2ZJcPCLk.roa
File:                     cjdn-MTohbRQJWaQhSx2ZJcPCLk.roa (raw, json)
Hash identifier:          kNmQKdmeldKp25LyqNBMr097h77rEHlHHUBu54JWUI4=
Subject key identifier:   72:37:67:F8:C4:E8:85:B4:50:25:66:90:85:2C:76:64:97:0F:08:B9
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       01847CBB0CE52D79494C04FF4A679CBECFF4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cjdn-MTohbRQJWaQhSx2ZJcPCLk.roa
Signing time:             Tue 15 Nov 2022 19:19:04 +0000
ROA not before:           Tue 15 Nov 2022 19:19:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44477
IP address blocks:        109.233.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7c:bb:0c:e5:2d:79:49:4c:04:ff:4a:67:9c:be:cf:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Nov 15 19:19:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=723767f8c4e885b450256690852c7664970f08b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:60:3d:ad:02:3e:da:7e:07:11:0c:80:1a:72:
                    df:3c:d4:89:2a:68:cb:7f:06:f4:f6:26:df:aa:cd:
                    aa:b0:6e:42:8a:b7:1c:c4:a5:5f:26:64:76:0c:62:
                    1f:a2:73:3e:4b:1a:72:e7:a7:d2:b5:5c:c8:4c:c3:
                    b5:d2:d3:a8:e7:89:0a:26:1f:42:f1:ff:72:8c:44:
                    04:13:07:60:b0:24:fa:e1:c0:dd:c3:87:80:4f:c8:
                    a5:c2:52:35:e0:a7:1c:e9:4a:7d:19:fd:17:72:89:
                    ef:8a:1f:fb:1a:b8:d2:e5:68:39:62:80:97:f2:b0:
                    f1:c5:a8:90:5d:68:84:c4:66:4c:f5:12:b9:02:c6:
                    34:e1:dd:cd:d4:46:50:d9:b6:82:39:d0:1a:90:23:
                    20:9b:e4:34:5b:2f:ab:cc:4f:85:e0:1f:ca:4c:cc:
                    d8:55:21:7c:5f:81:69:de:87:63:39:4d:06:9a:a4:
                    38:4f:be:69:ef:1c:b3:26:98:df:ed:19:bd:e6:22:
                    25:7f:8f:88:7f:2b:fd:9a:74:4d:56:fb:cd:86:f6:
                    3e:f0:8b:c0:b2:bb:da:9e:4f:c3:cb:80:ee:f3:a4:
                    d5:c1:f2:33:2c:34:0f:be:00:17:d7:af:64:17:ba:
                    38:9a:1d:9a:8b:25:5e:fd:40:cb:fc:75:26:be:2c:
                    e8:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:37:67:F8:C4:E8:85:B4:50:25:66:90:85:2C:76:64:97:0F:08:B9
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cjdn-MTohbRQJWaQhSx2ZJcPCLk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.233.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:ed:9a:a0:00:9d:14:fa:f8:f9:d5:3f:c2:75:94:af:67:17:
         90:56:31:3c:84:da:08:0b:22:e3:6f:ea:74:ac:88:00:17:21:
         5f:c7:f0:2a:cb:28:ae:25:7a:b3:d0:41:be:54:6c:a4:78:cb:
         70:82:0b:f4:78:a1:ab:5b:00:67:1e:79:38:62:ae:70:ac:d8:
         87:27:07:e6:d0:6b:73:eb:1c:e6:02:32:e1:35:46:2e:54:8a:
         8f:9f:68:54:d2:4d:70:b9:63:6a:e9:c8:d0:22:94:3f:8a:fb:
         19:52:5b:ee:62:11:c5:ea:d0:79:fa:11:ae:73:4d:35:11:69:
         5b:31:6e:f1:3b:30:c6:37:90:99:1e:b0:98:09:a6:f8:23:07:
         b9:0a:8d:c2:c6:46:f6:66:1d:ca:65:58:3b:b9:ad:0e:7d:95:
         63:7f:35:6f:58:53:6e:0c:7e:9d:7b:8c:46:88:a1:db:70:38:
         8e:dd:ee:3e:dd:fd:50:25:dd:36:6a:94:d7:34:45:4b:f9:22:
         e5:f3:e4:4d:72:25:70:67:d7:e7:87:0b:29:e6:1b:f9:b5:48:
         3d:bc:a0:db:98:8b:49:2a:7a:3e:c6:de:9e:bb:6f:56:1d:21:
         db:9b:63:49:ca:6c:9b:c2:a9:36:39:31:4b:2f:29:00:45:af:
         23:47:31:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR8uwzlLXlJTAT/Smecvs/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE1MTkxOTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM3NjdmOGM0ZTg4NWI0NTAyNTY2OTA4NTJjNzY2NDk3MGYwOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WA9rQI+2n4HEQyAGnLfPNSJKmjL
fwb09ibfqs2qsG5CirccxKVfJmR2DGIfonM+Sxpy56fStVzITMO10tOo54kKJh9C
8f9yjEQEEwdgsCT64cDdw4eAT8ilwlI14Kcc6Up9Gf0Xconvih/7GrjS5Wg5YoCX
8rDxxaiQXWiExGZM9RK5AsY04d3N1EZQ2baCOdAakCMgm+Q0Wy+rzE+F4B/KTMzY
VSF8X4Fp3odjOU0GmqQ4T75p7xyzJpjf7Rm95iIlf4+Ifyv9mnRNVvvNhvY+8IvA
srvank/Dy4Du86TVwfIzLDQPvgAX169kF7o4mh2aiyVe/UDL/HUmvizoIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHI3Z/jE6IW0UCVmkIUsdmSXDwi5MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvY2pkbi1NVG9oYlJRSldhUWhTeDJaSmNQQ0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbem9MA0G
CSqGSIb3DQEBCwUAA4IBAQBt7ZqgAJ0U+vj51T/CdZSvZxeQVjE8hNoICyLjb+p0
rIgAFyFfx/AqyyiuJXqz0EG+VGykeMtwggv0eKGrWwBnHnk4Yq5wrNiHJwfm0Gtz
6xzmAjLhNUYuVIqPn2hU0k1wuWNq6cjQIpQ/ivsZUlvuYhHF6tB5+hGuc001EWlb
MW7xOzDGN5CZHrCYCab4Iwe5Co3Cxkb2Zh3KZVg7ua0OfZVjfzVvWFNuDH6de4xG
iKHbcDiO3e4+3f1QJd02apTXNEVL+SLl8+RNciVwZ9fnhwsp5hv5tUg9vKDbmItJ
Kno+xt6eu29WHSHbm2NJymybwqk2OTFLLykARa8jRzFr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org