Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Xm39hIlFmL9Vs1CjTwB-KCKH4Z0.roa
File:                     Xm39hIlFmL9Vs1CjTwB-KCKH4Z0.roa (raw, json)
Hash identifier:          bh1iHkpL3ePPwCew2x0tyrKqQZm4X1SnXti/ntnJGhA=
Subject key identifier:   5E:6D:FD:84:89:45:98:BF:55:B3:50:A3:4F:00:7E:28:22:87:E1:9D
Certificate issuer:       /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial:       448F9FA7
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Xm39hIlFmL9Vs1CjTwB-KCKH4Z0.roa
Signing time:             Sat 01 Jan 2022 03:58:38 +0000
ROA not before:           Sat 01 Jan 2022 03:58:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48125
IP address blocks:        217.109.116.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1150263207 (0x448f9fa7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
        Validity
            Not Before: Jan  1 03:58:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5e6dfd84894598bf55b350a34f007e282287e19d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d4:da:9f:a3:f0:98:b4:c9:06:b1:0a:e9:17:
                    8c:88:54:f2:fb:fe:85:d3:c1:db:a1:68:75:1f:63:
                    5e:1d:da:3a:18:02:8f:da:b8:6d:1f:73:d6:76:95:
                    f7:72:3a:4f:12:0a:c3:ed:de:cd:49:90:65:bd:e9:
                    21:97:4c:56:f0:45:46:ec:50:84:b2:06:6f:fb:b9:
                    ba:4b:53:6a:10:22:bc:fc:6f:95:89:7a:0a:fa:c8:
                    39:b0:ff:69:9f:fb:d2:16:be:10:a1:89:21:65:56:
                    c3:b5:82:55:42:0a:e1:32:bc:a8:4c:74:a0:ee:3d:
                    2e:03:68:ad:85:51:58:fa:92:43:80:1a:2d:5c:c6:
                    2c:59:7f:d4:c7:94:77:c1:0e:99:bf:58:df:b6:90:
                    65:81:34:ce:1b:86:7c:87:c9:e0:d1:4e:1a:c1:09:
                    64:f8:bd:18:29:7d:c9:8f:02:0a:32:75:78:6b:13:
                    44:56:98:83:cb:f1:51:5a:04:c3:f8:07:78:a4:26:
                    8c:d5:53:8e:b7:44:fe:04:0b:f0:c4:d1:9c:9b:43:
                    05:b6:de:9b:68:6c:46:00:d7:38:12:23:fa:34:65:
                    6c:a0:df:29:20:43:5b:29:22:fd:ba:24:05:85:be:
                    21:af:07:8f:9a:45:85:ff:b1:ff:7f:64:41:6d:2d:
                    5e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:6D:FD:84:89:45:98:BF:55:B3:50:A3:4F:00:7E:28:22:87:E1:9D
            X509v3 Authority Key Identifier:
                keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Xm39hIlFmL9Vs1CjTwB-KCKH4Z0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.109.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:16:08:ac:d6:96:ad:e9:8b:13:e8:3b:5b:4c:03:ad:dc:8e:
         02:61:19:20:54:bd:05:ad:c8:53:61:b8:ac:98:a9:73:4c:96:
         1e:fe:ee:83:4b:15:ff:70:a8:85:ef:12:12:18:83:cf:78:da:
         d6:5e:8a:74:79:bb:e5:33:50:c2:82:f3:89:12:73:30:d3:e9:
         d1:da:14:83:05:a1:07:87:ec:75:51:c5:ed:c3:6e:62:ae:ea:
         44:1f:53:36:48:ed:3a:09:21:e0:64:ae:46:8b:45:52:32:14:
         31:97:25:a6:85:06:e8:e4:80:ff:e9:c3:6a:53:cc:2f:d7:c7:
         8d:5d:a4:02:09:06:24:3b:25:18:c7:65:44:7d:47:29:4d:54:
         d5:87:4f:75:8c:b1:45:da:80:d5:69:1f:ab:87:bb:ed:9c:26:
         8b:5f:57:98:cd:68:e0:90:07:2d:0c:0b:7b:c9:f9:ad:3a:65:
         52:6d:8a:83:64:67:a1:84:90:3f:b3:72:26:20:1f:3c:3b:12:
         31:f5:36:c5:af:93:e8:17:3d:1c:ab:17:e4:db:68:23:d0:c0:
         01:2e:27:84:f6:9e:13:3f:f6:32:57:83:eb:e7:39:b3:ad:14:
         b2:21:7d:7f:ad:b3:7c:d1:0d:cb:26:16:3c:77:a9:81:bd:a4:
         07:8a:1d:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERI+fpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU2ZGZkODQ4OTQ1
OThiZjU1YjM1MGEzNGYwMDdlMjgyMjg3ZTE5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfU2p+j8Ji0yQaxCukXjIhU8vv+hdPB26FodR9jXh3aOhgC
j9q4bR9z1naV93I6TxIKw+3ezUmQZb3pIZdMVvBFRuxQhLIGb/u5uktTahAivPxv
lYl6CvrIObD/aZ/70ha+EKGJIWVWw7WCVUIK4TK8qEx0oO49LgNorYVRWPqSQ4Aa
LVzGLFl/1MeUd8EOmb9Y37aQZYE0zhuGfIfJ4NFOGsEJZPi9GCl9yY8CCjJ1eGsT
RFaYg8vxUVoEw/gHeKQmjNVTjrdE/gQL8MTRnJtDBbbem2hsRgDXOBIj+jRlbKDf
KSBDWyki/bokBYW+Ia8Hj5pFhf+x/39kQW0tXukCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRebf2EiUWYv1WzUKNPAH4oIofhnTAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L1htMzloSWxGbUw5VnMxQ2pUd0ItS0NLSDRaMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANltdDANBgkqhkiG9w0BAQsFAAOC
AQEAehYIrNaWremLE+g7W0wDrdyOAmEZIFS9Ba3IU2G4rJipc0yWHv7ug0sV/3Co
he8SEhiDz3ja1l6KdHm75TNQwoLziRJzMNPp0doUgwWhB4fsdVHF7cNuYq7qRB9T
NkjtOgkh4GSuRotFUjIUMZclpoUG6OSA/+nDalPML9fHjV2kAgkGJDslGMdlRH1H
KU1U1YdPdYyxRdqA1Wkfq4e77Zwmi19XmM1o4JAHLQwLe8n5rTplUm2Kg2RnoYSQ
P7NyJiAfPDsSMfU2xa+T6Bc9HKsX5NtoI9DAAS4nhPaeEz/2MleD6+c5s60UsiF9
f62zfNENyyYWPHepgb2kB4odUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org