Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uA4XmmHMVJVqlVxuoHhgQmS1lBM.roa
File:                     uA4XmmHMVJVqlVxuoHhgQmS1lBM.roa (raw, json)
Hash identifier:          qfAIyjPC9f5uG2VFa10dSm7FfgTsWHe4XkyjFtF06DA=
Subject key identifier:   B8:0E:17:9A:61:CC:54:95:6A:95:5C:6E:A0:78:60:42:64:B5:94:13
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0984AE7E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uA4XmmHMVJVqlVxuoHhgQmS1lBM.roa
Signing time:             Sat 11 Jun 2022 09:49:05 +0000
ROA not before:           Sat 11 Jun 2022 09:49:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        109.121.34.0/24 maxlen: 24
                          109.121.36.0/24 maxlen: 24
                          109.121.35.0/24 maxlen: 24
                          109.121.38.0/24 maxlen: 24
                          109.121.33.0/24 maxlen: 24
                          109.121.41.0/24 maxlen: 24
                          109.121.43.0/24 maxlen: 24
                          109.121.42.0/24 maxlen: 24
                          109.121.40.0/24 maxlen: 24
                          109.121.45.0/24 maxlen: 24
                          212.69.10.0/23 maxlen: 23
                          212.69.11.0/24 maxlen: 24
                          109.233.184.0/23 maxlen: 24
                          178.253.237.0/24 maxlen: 24
                          109.121.0.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 159690366 (0x984ae7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jun 11 09:49:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b80e179a61cc54956a955c6ea078604264b59413
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ab:46:8a:53:c6:23:ef:3a:2b:8f:f9:a4:c0:
                    67:26:38:a8:a6:9b:a9:7e:33:dd:60:45:7c:bb:8f:
                    aa:b9:7f:ac:26:27:4e:a3:c0:07:f5:ec:24:7f:f6:
                    32:19:e3:e5:34:b4:ac:42:5e:97:68:fb:d2:d6:48:
                    af:db:35:e7:a4:82:9a:39:fe:3a:79:9f:fe:c6:d3:
                    7c:ec:21:4f:91:de:7e:51:e5:43:3f:fa:91:27:32:
                    5a:ab:a4:31:16:b3:02:d4:90:2f:da:99:2f:b3:42:
                    44:27:99:4a:8a:20:2d:e9:8f:3c:d2:8b:6d:3f:ca:
                    75:0a:66:7e:26:90:c2:16:13:51:1f:c8:10:b2:d4:
                    80:ed:32:a7:a9:41:57:93:5b:5f:5d:06:4f:26:f6:
                    38:00:58:31:0a:88:5b:ca:87:61:61:f1:87:e9:bc:
                    a8:43:84:02:6d:64:47:7d:4a:fa:fc:6c:d6:48:cf:
                    72:07:7e:10:28:01:e2:7f:97:77:12:a6:bc:91:29:
                    82:77:24:e0:d9:ea:47:a3:f7:90:af:ff:9f:0b:5d:
                    07:71:ee:e0:e4:41:26:c9:82:7d:34:8f:38:37:94:
                    23:bb:9c:dc:57:5c:06:ff:2e:0e:05:e3:ef:dd:b8:
                    33:63:33:88:a9:93:3a:46:34:b6:b3:42:88:92:01:
                    0e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:0E:17:9A:61:CC:54:95:6A:95:5C:6E:A0:78:60:42:64:B5:94:13
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/uA4XmmHMVJVqlVxuoHhgQmS1lBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.121.0.0/19
                  109.121.33.0-109.121.36.255
                  109.121.38.0/24
                  109.121.40.0/22
                  109.121.45.0/24
                  109.233.184.0/23
                  178.253.237.0/24
                  212.69.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         43:36:44:d4:92:08:a2:92:72:b2:3b:95:61:f5:0c:67:b9:65:
         6f:4d:6e:0c:9b:c7:c5:72:d4:7f:00:53:a7:1b:46:11:b8:61:
         2e:ea:8b:ae:a9:28:31:91:af:dd:9c:da:20:c8:5f:a6:9c:ee:
         04:57:5c:e8:23:5e:b1:0a:90:86:3e:81:d9:84:7a:6e:4a:2b:
         c1:ab:f0:a6:89:78:d5:9c:72:a0:10:cc:3d:29:90:4b:64:4b:
         32:0d:19:34:92:a2:de:2b:27:22:01:c0:61:5e:aa:df:bb:97:
         0d:cc:8e:4b:91:83:46:c6:77:4e:db:61:63:6f:a7:95:b1:34:
         dc:40:e0:66:f0:86:7d:bd:cc:db:75:7f:4e:76:ac:dc:a0:d4:
         2a:bf:98:60:52:9e:0f:90:6f:99:67:ab:c7:f0:aa:3d:0f:81:
         a7:3e:2f:82:15:5c:a0:ed:93:31:48:b0:ac:0b:a1:b2:71:a1:
         7e:1a:8b:e0:4e:d8:d2:66:58:94:99:9e:91:14:80:a3:c9:a2:
         a0:7b:6f:1d:f8:a8:2a:81:44:39:99:05:23:9a:80:43:81:99:
         60:4c:b0:3f:6e:73:19:98:e5:f6:b4:cc:8d:2c:e9:d7:c2:5e:
         02:d4:76:6c:31:01:8f:7a:92:f2:cc:3d:4c:39:0d:1b:d8:a3:
         05:58:ac:b4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECYSufjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDYx
MTA5NDkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjgwZTE3OWE2MWNj
NTQ5NTZhOTU1YzZlYTA3ODYwNDI2NGI1OTQxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIOrRopTxiPvOiuP+aTAZyY4qKabqX4z3WBFfLuPqrl/rCYn
TqPAB/XsJH/2Mhnj5TS0rEJel2j70tZIr9s156SCmjn+Onmf/sbTfOwhT5HeflHl
Qz/6kScyWqukMRazAtSQL9qZL7NCRCeZSoogLemPPNKLbT/KdQpmfiaQwhYTUR/I
ELLUgO0yp6lBV5NbX10GTyb2OABYMQqIW8qHYWHxh+m8qEOEAm1kR31K+vxs1kjP
cgd+ECgB4n+XdxKmvJEpgnck4NnqR6P3kK//nwtdB3Hu4ORBJsmCfTSPODeUI7uc
3FdcBv8uDgXj7924M2MziKmTOkY0trNCiJIBDqUCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBS4DheaYcxUlWqVXG6geGBCZLWUEzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L3VBNFhtbUhNVkpWcWxWeHVvSGhnUW1TMWxCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEBW15ADAMAwQAbXkhAwQAbXkkAwQA
bXkmAwQCbXkoAwQAbXktAwQBbem4AwQAsv3tAwQB1EUKMA0GCSqGSIb3DQEBCwUA
A4IBAQBDNkTUkgiiknKyO5Vh9QxnuWVvTW4Mm8fFctR/AFOnG0YRuGEu6ouuqSgx
ka/dnNogyF+mnO4EV1zoI16xCpCGPoHZhHpuSivBq/CmiXjVnHKgEMw9KZBLZEsy
DRk0kqLeKyciAcBhXqrfu5cNzI5LkYNGxndO22Fjb6eVsTTcQOBm8IZ9vczbdX9O
dqzcoNQqv5hgUp4PkG+ZZ6vH8Ko9D4GnPi+CFVyg7ZMxSLCsC6GycaF+GovgTtjS
ZliUmZ6RFICjyaKge28d+KgqgUQ5mQUjmoBDgZlgTLA/bnMZmOX2tMyNLOnXwl4C
1HZsMQGPepLyzD1MOQ0b2KMFWKy0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org