Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LTUfdtibYUhdKIclXTCdPVjfmk4.roa
File:                     LTUfdtibYUhdKIclXTCdPVjfmk4.roa (raw, json)
Hash identifier:          kXjp/qTqv/IQxFi24/a3giLWg1AXnMS5jhgZ+eOMWtU=
Subject key identifier:   2D:35:1F:76:D8:9B:61:48:5D:28:87:25:5D:30:9D:3D:58:DF:9A:4E
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01848A10A6B3BCFA090F3B15B566077A264C
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LTUfdtibYUhdKIclXTCdPVjfmk4.roa
Signing time:             Fri 18 Nov 2022 09:27:37 +0000
ROA not before:           Fri 18 Nov 2022 09:27:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47193
IP address blocks:        109.248.64.0/19 maxlen: 20
                          109.248.112.0/20 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8a:10:a6:b3:bc:fa:09:0f:3b:15:b5:66:07:7a:26:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Nov 18 09:27:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d351f76d89b61485d2887255d309d3d58df9a4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4a:67:60:f4:1e:ea:ba:4e:42:20:5b:4f:fb:
                    ee:fc:b6:81:88:d7:fa:93:3f:5b:40:e2:70:c4:05:
                    7f:cc:f5:fd:a4:a7:44:be:49:cd:fa:d5:7e:73:6d:
                    5d:85:91:bb:56:d6:e5:ca:dc:34:65:76:b4:08:bc:
                    b5:5e:51:b8:be:fe:bd:2a:1a:c6:06:82:d8:cd:5e:
                    4a:71:bf:ed:ab:41:3c:ff:94:0e:c8:13:62:82:d7:
                    a8:b6:9f:e3:36:9a:95:c5:c7:ea:f7:6e:80:4a:96:
                    56:84:7a:ed:b6:e5:a6:7a:a0:70:db:5b:99:64:d7:
                    7b:a9:45:cd:94:f6:cf:95:9a:96:e6:ba:86:2e:aa:
                    b2:af:24:d5:55:3a:48:df:3c:1b:8c:03:8d:a8:9f:
                    5c:6c:37:e1:0b:70:f1:3d:4d:2d:a7:21:d9:40:d2:
                    a4:26:cb:19:6f:17:eb:c9:ad:4e:15:0d:ef:96:b0:
                    14:7b:3d:a1:87:0d:23:76:17:a6:be:59:8f:e1:11:
                    56:cd:57:cd:a9:0e:7c:ae:7f:1a:da:33:6c:84:8a:
                    6b:21:ee:a1:6e:7f:e8:47:33:0d:80:db:9c:85:ef:
                    88:84:3f:9f:29:f6:43:9f:61:62:bf:4f:37:33:3b:
                    21:27:99:84:d0:bd:1c:6d:54:e9:a7:8c:77:d8:3f:
                    a6:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:35:1F:76:D8:9B:61:48:5D:28:87:25:5D:30:9D:3D:58:DF:9A:4E
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/LTUfdtibYUhdKIclXTCdPVjfmk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.248.64.0/19
                  109.248.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         32:2d:89:8d:44:a0:40:f6:6e:b1:22:5e:03:92:05:7c:90:41:
         b4:e7:19:de:b7:ac:49:66:a9:bb:f0:7e:ab:e8:e5:83:30:22:
         95:2b:e0:cb:8e:4d:f1:2c:cf:44:d5:f1:50:23:d8:0b:10:fd:
         ee:d3:8c:f0:89:e2:a8:17:be:db:e0:23:f3:ef:18:08:98:8a:
         3d:58:6a:e2:bd:ae:db:6e:db:af:d8:18:41:50:7e:9e:3e:ed:
         f2:a9:f8:32:27:0f:e1:ee:0c:8a:38:51:21:90:ad:54:93:77:
         d6:e2:0b:67:f8:49:f4:62:33:89:22:8c:91:d0:98:b8:2f:3b:
         f5:07:e2:71:8f:3f:dc:83:96:0f:82:46:55:39:41:f0:d8:cf:
         a4:f0:c0:51:c0:8d:cc:2e:df:35:c9:14:6f:f2:02:16:b2:f2:
         5b:4b:cc:5a:42:b2:5e:15:14:8e:69:aa:6f:69:f5:ad:b8:d6:
         c6:ee:7c:1d:1e:6c:17:96:c7:62:e5:11:7e:e9:5e:d3:25:6b:
         0f:1d:3c:75:78:9e:5f:29:29:fd:b1:0d:1d:63:dd:62:c1:a3:
         68:b2:3c:ca:34:77:16:30:02:02:4d:4e:17:42:d9:a6:48:29:
         84:4e:31:93:da:b4:39:0a:ae:d5:a4:cd:5e:2c:f0:83:d4:47:
         37:7d:9c:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSKEKazvPoJDzsVtWYHeiZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMTE4MDkyNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM1MWY3NmQ4OWI2MTQ4NWQyODg3MjU1ZDMwOWQzZDU4ZGY5YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUpnYPQe6rpOQiBbT/vu/LaBiNf6
kz9bQOJwxAV/zPX9pKdEvknN+tV+c21dhZG7Vtblytw0ZXa0CLy1XlG4vv69KhrG
BoLYzV5Kcb/tq0E8/5QOyBNigteotp/jNpqVxcfq926ASpZWhHrttuWmeqBw21uZ
ZNd7qUXNlPbPlZqW5rqGLqqyryTVVTpI3zwbjAONqJ9cbDfhC3DxPU0tpyHZQNKk
JssZbxfrya1OFQ3vlrAUez2hhw0jdhemvlmP4RFWzVfNqQ58rn8a2jNshIprIe6h
bn/oRzMNgNuche+IhD+fKfZDn2Fiv083MzshJ5mE0L0cbVTpp4x32D+mcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC01H3bYm2FIXSiHJV0wnT1Y35pOMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvTFRVZmR0aWJZVWhkS0ljbFhUQ2RQVmpmbWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFbfhAAwQE
bfhwMA0GCSqGSIb3DQEBCwUAA4IBAQAyLYmNRKBA9m6xIl4DkgV8kEG05xnet6xJ
Zqm78H6r6OWDMCKVK+DLjk3xLM9E1fFQI9gLEP3u04zwieKoF77b4CPz7xgImIo9
WGriva7bbtuv2BhBUH6ePu3yqfgyJw/h7gyKOFEhkK1Uk3fW4gtn+En0YjOJIoyR
0Ji4Lzv1B+Jxjz/cg5YPgkZVOUHw2M+k8MBRwI3MLt81yRRv8gIWsvJbS8xaQrJe
FRSOaapvafWtuNbG7nwdHmwXlsdi5RF+6V7TJWsPHTx1eJ5fKSn9sQ0dY91iwaNo
sjzKNHcWMAICTU4XQtmmSCmETjGT2rQ5Cq7VpM1eLPCD1Ec3fZzs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org