Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A2dcb8lrpD-6w_EeN4eOI7w7nnU.roa
File:                     A2dcb8lrpD-6w_EeN4eOI7w7nnU.roa (raw, json)
Hash identifier:          2WzwIn3bpGcsJ8BeCjYGzMDpgjrIxBIOc1XBcXrQBGs=
Subject key identifier:   03:67:5C:6F:C9:6B:A4:3F:BA:C3:F1:1E:37:87:8E:23:BC:3B:9E:75
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       01321709
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A2dcb8lrpD-6w_EeN4eOI7w7nnU.roa
Signing time:             Sat 01 Jan 2022 05:02:47 +0000
ROA not before:           Sat 01 Jan 2022 05:02:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        84.246.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20059913 (0x1321709)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  1 05:02:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03675c6fc96ba43fbac3f11e37878e23bc3b9e75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:2a:d3:bd:0f:6b:e4:e5:e6:60:fc:23:89:3e:
                    7b:20:e5:ce:c2:0c:85:0d:eb:82:07:7f:2a:81:54:
                    e5:25:62:b5:7f:4c:6c:22:f9:a9:08:4d:e2:9b:6e:
                    cf:98:60:ba:e4:43:8f:59:8c:b9:d4:a3:df:b3:95:
                    50:8f:96:ad:4d:00:c0:18:43:4a:a9:f2:fe:87:4a:
                    3e:59:1e:2b:25:6c:6c:5d:05:fb:11:63:4f:24:80:
                    4f:16:5b:17:14:2d:24:25:38:7a:b2:75:18:74:d5:
                    e9:47:c6:da:ba:14:ce:9e:c5:08:4e:24:eb:05:91:
                    17:88:aa:9a:d0:ea:66:d7:cc:3d:5d:23:52:2f:0d:
                    6e:27:92:69:05:21:a7:89:34:97:03:f6:fb:a0:b4:
                    e6:62:89:17:7c:9d:3d:e7:6e:37:76:e8:d9:45:f6:
                    e2:01:2f:a4:81:45:dd:11:be:3c:d2:4b:06:9d:06:
                    83:be:2c:90:f4:1e:c8:46:f1:1d:05:ce:13:13:ac:
                    67:c5:16:7f:c5:98:e6:c0:86:50:70:0f:a2:f7:b6:
                    d0:e6:5e:b9:cc:3f:eb:c9:be:4c:11:05:6c:f7:a7:
                    be:8d:5e:66:2e:aa:18:69:4a:d5:53:f4:f0:f1:2d:
                    fd:56:27:f9:f6:8f:38:26:f3:60:e5:d8:2d:87:ac:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:67:5C:6F:C9:6B:A4:3F:BA:C3:F1:1E:37:87:8E:23:BC:3B:9E:75
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/A2dcb8lrpD-6w_EeN4eOI7w7nnU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.246.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f4:97:cd:ac:14:18:6b:ee:23:f7:6e:12:7b:ce:d2:78:30:
         ef:d3:9c:16:56:02:96:f4:7a:37:2a:5a:9d:83:8f:17:21:c4:
         79:aa:5f:9c:7d:ba:61:af:84:97:c5:ad:38:3b:85:a9:4a:55:
         e6:fa:83:e1:60:9f:af:d0:87:0b:e4:f1:2c:72:c2:f4:b8:34:
         44:f3:15:0f:45:76:8e:8e:63:32:5c:4b:da:a4:87:a0:e2:95:
         67:62:54:a2:a4:28:f9:4a:0b:ff:30:b2:bb:90:4b:b4:f2:cd:
         dd:52:0d:c2:fd:ed:07:d9:47:bb:90:68:c7:21:98:c9:fb:5a:
         55:3a:dd:c8:01:41:da:57:b1:63:d9:10:58:b1:c5:e8:d6:fb:
         25:65:ed:33:e5:2a:54:53:cb:8a:a1:e6:38:d4:29:19:d8:ee:
         34:19:37:3e:1f:87:79:8e:ea:17:75:f3:cf:f4:e9:b2:5c:26:
         2b:08:9f:bd:a9:5c:30:58:7c:78:42:e8:08:5a:a9:ec:8e:7f:
         95:bd:6c:f3:a8:41:cf:4d:a9:d2:9f:9d:a0:bf:c1:c0:e0:9a:
         ee:7a:4c:01:32:fe:4b:86:ea:6a:a9:b0:02:6b:27:f7:b6:6a:
         af:75:97:15:43:7f:cd:08:01:4e:71:f6:a5:32:ef:8b:40:fc:
         96:a9:68:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATIXCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDEw
MTA1MDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM2NzVjNmZjOTZi
YTQzZmJhYzNmMTFlMzc4NzhlMjNiYzNiOWU3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsq070Pa+Tl5mD8I4k+eyDlzsIMhQ3rggd/KoFU5SVitX9M
bCL5qQhN4ptuz5hguuRDj1mMudSj37OVUI+WrU0AwBhDSqny/odKPlkeKyVsbF0F
+xFjTySATxZbFxQtJCU4erJ1GHTV6UfG2roUzp7FCE4k6wWRF4iqmtDqZtfMPV0j
Ui8NbieSaQUhp4k0lwP2+6C05mKJF3ydPeduN3bo2UX24gEvpIFF3RG+PNJLBp0G
g74skPQeyEbxHQXOExOsZ8UWf8WY5sCGUHAPove20OZeucw/68m+TBEFbPenvo1e
Zi6qGGlK1VP08PEt/VYn+faPOCbzYOXYLYesMLMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDZ1xvyWukP7rD8R43h44jvDuedTAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L0EyZGNiOGxycEQtNndfRWVONGVPSTd3N25uVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFT2bDANBgkqhkiG9w0BAQsFAAOC
AQEAh/SXzawUGGvuI/duEnvO0ngw79OcFlYClvR6NypanYOPFyHEeapfnH26Ya+E
l8WtODuFqUpV5vqD4WCfr9CHC+TxLHLC9Lg0RPMVD0V2jo5jMlxL2qSHoOKVZ2JU
oqQo+UoL/zCyu5BLtPLN3VINwv3tB9lHu5BoxyGYyftaVTrdyAFB2lexY9kQWLHF
6Nb7JWXtM+UqVFPLiqHmONQpGdjuNBk3Ph+HeY7qF3Xzz/TpslwmKwifvalcMFh8
eELoCFqp7I5/lb1s86hBz02p0p+doL/BwOCa7npMATL+S4bqaqmwAmsn97Zqr3WX
FUN/zQgBTnH2pTLvi0D8lqloNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org