Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/zBpAZZrAPSC4eTpyO2DQG2EmTfI.roa
File:                     zBpAZZrAPSC4eTpyO2DQG2EmTfI.roa (raw, json)
Hash identifier:          EXoeb541f7wT/FAEUeWo2BCBzIVSqtvBT1MhzhzBi24=
Subject key identifier:   CC:1A:40:65:9A:C0:3D:20:B8:79:3A:72:3B:60:D0:1B:61:26:4D:F2
Certificate issuer:       /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial:       062D3FD8
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/zBpAZZrAPSC4eTpyO2DQG2EmTfI.roa
Signing time:             Sat 01 Jan 2022 12:04:24 +0000
ROA not before:           Sat 01 Jan 2022 12:04:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     27471
IP address blocks:        109.68.58.0/24 maxlen: 24
                          109.68.57.0/24 maxlen: 24
                          109.68.56.0/24 maxlen: 24
                          109.68.61.0/24 maxlen: 24
                          109.68.60.0/24 maxlen: 24
                          109.68.59.0/24 maxlen: 24
                          109.68.63.0/24 maxlen: 24
                          109.68.62.0/24 maxlen: 24
                          193.151.72.0/24 maxlen: 24
                          193.151.75.0/24 maxlen: 24
                          193.151.74.0/24 maxlen: 24
                          193.151.73.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 103628760 (0x62d3fd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
        Validity
            Not Before: Jan  1 12:04:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc1a40659ac03d20b8793a723b60d01b61264df2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5d:02:00:53:4c:97:e4:50:17:08:9a:10:5d:
                    7a:3d:f7:d0:bb:83:ba:e9:dd:d1:c3:b6:27:a9:e3:
                    cb:f9:72:5f:dc:10:17:90:22:a7:87:c5:6b:05:6d:
                    fd:be:cf:7d:d5:3e:6d:bc:af:76:14:95:d1:2f:19:
                    05:ca:f4:c6:af:8e:fa:42:01:86:be:14:8c:28:5d:
                    81:36:fd:d6:81:fb:bd:78:ba:3b:c3:1c:ad:70:45:
                    85:bd:3f:e6:65:5c:e5:28:dd:66:a1:b6:ae:5e:d9:
                    0b:90:20:ad:ba:f7:f1:26:82:98:08:e2:31:cd:83:
                    4c:1b:b5:82:bb:91:0b:17:67:59:f1:cc:95:5d:53:
                    12:69:31:d6:20:69:10:f8:23:6f:a2:e8:dd:83:84:
                    c1:9e:56:e1:dd:06:76:4e:22:ae:c1:25:55:2e:d0:
                    c7:65:25:fa:e8:cc:4d:35:f7:0e:2d:ce:87:cb:7f:
                    04:b4:5a:7d:bd:a8:0f:d1:0e:16:d6:9b:01:12:03:
                    48:99:f2:17:d2:b2:25:32:ab:ba:b5:d5:0a:40:f5:
                    06:e6:c8:60:06:83:07:81:f1:d0:c0:9d:c2:3e:83:
                    d0:1f:57:1f:9e:22:c1:45:b5:87:d4:5f:49:ce:48:
                    c2:b8:f2:23:e4:ff:84:59:3b:2a:a7:7e:58:c7:77:
                    33:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:1A:40:65:9A:C0:3D:20:B8:79:3A:72:3B:60:D0:1B:61:26:4D:F2
            X509v3 Authority Key Identifier:
                keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/zBpAZZrAPSC4eTpyO2DQG2EmTfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.68.56.0/21
                  193.151.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:60:87:34:b7:30:79:15:8f:f8:9d:94:23:2a:d1:4e:03:7d:
         23:a4:0f:e6:f3:e8:b5:a5:ea:e0:9b:b2:7b:dc:9c:29:07:92:
         65:7f:2c:55:a4:98:24:84:1e:f2:14:af:85:ec:06:b7:0f:4f:
         ed:50:7d:eb:8b:42:e1:d5:86:a1:96:3d:62:b4:ce:bd:ca:84:
         13:0b:aa:66:81:5a:a2:81:c6:f8:c6:af:4b:7d:7a:84:43:6e:
         ca:fe:2c:9c:aa:3b:c5:dc:03:33:8d:c0:dc:bd:e3:da:94:19:
         3e:92:90:23:8b:3b:4b:fe:6b:de:96:14:43:18:f7:1c:e7:4a:
         12:da:c9:ff:0a:e7:d0:86:e1:a5:d3:32:0f:c6:82:b8:17:bb:
         04:77:06:43:63:ee:ff:cd:07:c3:33:20:ce:2b:e9:02:7c:56:
         40:df:0e:5b:fd:20:61:4d:e1:fb:a0:a9:6b:98:94:68:d4:4b:
         3f:b0:98:af:86:a6:0c:b1:12:da:6d:13:42:d1:4d:ea:17:84:
         d7:fe:d2:d2:5a:bf:c5:df:31:17:69:39:ab:4d:ec:26:d5:4f:
         3f:0d:b8:2e:79:fc:bc:19:5f:53:1b:40:35:bc:e2:c9:fc:d5:
         e0:00:81:a0:6c:3f:79:86:b9:d3:40:57:a4:3d:cc:b3:b6:f5:
         bd:63:61:c2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBi0/2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGQ3MzM2ZmE5MTU3MjFjZTNiZmVlMjE3ZjRlOTkxNjRkYjk1MzJiMB4XDTIyMDEw
MTEyMDQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MxYTQwNjU5YWMw
M2QyMGI4NzkzYTcyM2I2MGQwMWI2MTI2NGRmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNdAgBTTJfkUBcImhBdej330LuDuund0cO2J6njy/lyX9wQ
F5Aip4fFawVt/b7PfdU+bbyvdhSV0S8ZBcr0xq+O+kIBhr4UjChdgTb91oH7vXi6
O8McrXBFhb0/5mVc5SjdZqG2rl7ZC5Agrbr38SaCmAjiMc2DTBu1gruRCxdnWfHM
lV1TEmkx1iBpEPgjb6Lo3YOEwZ5W4d0Gdk4irsElVS7Qx2Ul+ujMTTX3Di3Oh8t/
BLRafb2oD9EOFtabARIDSJnyF9KyJTKrurXVCkD1BubIYAaDB4Hx0MCdwj6D0B9X
H54iwUW1h9RfSc5IwrjyI+T/hFk7Kqd+WMd3M2ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTMGkBlmsA9ILh5OnI7YNAbYSZN8jAfBgNVHSMEGDAWgBRd1zNvqRVyHOO/
7iF/TpkWTblTKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hkY3piNmtWY2h6anYtNGhmMDZaRmsyNVV5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvZTc0NGJkLWY2ZDktNGY3NC04YzAxLThjNGJjNDU5MjdhMy8x
L3pCcEFaWnJBUFNDNGVUcHlPMkRRRzJFbVRmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
ZTc0NGJkLWY2ZDktNGY3NC04YzAxLThjNGJjNDU5MjdhMy8xL1hkY3piNmtWY2h6
anYtNGhmMDZaRmsyNVV5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA21EOAMEAsGXSDANBgkqhkiG9w0B
AQsFAAOCAQEAg2CHNLcweRWP+J2UIyrRTgN9I6QP5vPotaXq4Juye9ycKQeSZX8s
VaSYJIQe8hSvhewGtw9P7VB964tC4dWGoZY9YrTOvcqEEwuqZoFaooHG+MavS316
hENuyv4snKo7xdwDM43A3L3j2pQZPpKQI4s7S/5r3pYUQxj3HOdKEtrJ/wrn0Ibh
pdMyD8aCuBe7BHcGQ2Pu/80HwzMgzivpAnxWQN8OW/0gYU3h+6Cpa5iUaNRLP7CY
r4amDLES2m0TQtFN6heE1/7S0lq/xd8xF2k5q03sJtVPPw24Lnn8vBlfUxtANbzi
yfzV4ACBoGw/eYa500BXpD3Ms7b1vWNhwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:57 2024 by rpki-client on console-ams.rpki-client.org