Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/PJ-KwT2FgluPdEV-QWpl1GkMYaU.roa
File:                     PJ-KwT2FgluPdEV-QWpl1GkMYaU.roa (raw, json)
Hash identifier:          XjFauccS4cdckDJBL4mxlQMiYOIN2QOzvtTRPCnpCrk=
Subject key identifier:   3C:9F:8A:C1:3D:85:82:5B:8F:74:45:7E:41:6A:65:D4:69:0C:61:A5
Certificate issuer:       /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial:       08BB1959
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/PJ-KwT2FgluPdEV-QWpl1GkMYaU.roa
Signing time:             Sat 01 Jan 2022 01:02:09 +0000
ROA not before:           Sat 01 Jan 2022 01:02:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12307
IP address blocks:        185.119.104.0/23 maxlen: 23
                          185.119.107.0/24 maxlen: 24
                          2a06:8a07::/32 maxlen: 32
                          2a06:8a00::/29 maxlen: 29
                          2a06:8a00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146479449 (0x8bb1959)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
        Validity
            Not Before: Jan  1 01:02:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c9f8ac13d85825b8f74457e416a65d4690c61a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:8e:82:14:fa:91:0f:ed:77:d3:05:8d:6a:47:
                    70:13:da:be:e2:26:e7:9d:e0:e2:0a:fd:e2:ab:a6:
                    cf:4f:31:b4:b2:00:23:bf:ba:f3:7b:81:8b:de:31:
                    7a:9b:eb:1d:c7:c4:e1:41:31:cb:06:9f:e7:57:5d:
                    22:dc:21:e0:cb:42:0b:95:2b:87:f0:60:3a:3f:f6:
                    e4:93:f4:33:8e:b4:63:cf:03:f3:80:3e:14:be:e8:
                    21:bd:e1:2b:5b:2d:bc:cb:95:27:85:34:b9:e2:82:
                    a7:52:f1:df:80:c2:3f:3b:ea:6e:a8:61:43:16:c9:
                    cf:e5:76:11:f5:ee:75:8e:ea:11:a7:1f:14:a1:d2:
                    cc:f9:8e:87:83:11:3e:07:7a:cf:86:43:37:cd:22:
                    7a:9e:fa:33:c6:16:bd:77:6e:85:d8:49:fb:a1:d9:
                    76:22:9e:c7:bd:5f:56:49:5e:81:1c:59:60:0c:ef:
                    2f:c7:8a:67:74:95:01:2f:85:55:6b:85:83:87:26:
                    52:8a:a3:f6:00:79:0a:9d:b9:07:b9:ef:25:b2:ac:
                    b9:cd:f2:30:f2:5b:c9:7e:85:5b:6a:89:21:69:de:
                    ac:3e:ac:06:2b:0a:29:42:8e:8f:c9:a5:eb:b5:4a:
                    4f:c8:00:7e:29:76:78:ef:ef:6e:7a:b9:b4:e1:6f:
                    1b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9F:8A:C1:3D:85:82:5B:8F:74:45:7E:41:6A:65:D4:69:0C:61:A5
            X509v3 Authority Key Identifier:
                keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/PJ-KwT2FgluPdEV-QWpl1GkMYaU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.104.0/23
                  185.119.107.0/24
                IPv6:
                  2a06:8a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         41:25:51:9c:45:44:92:a7:87:db:23:71:f0:cb:c6:2d:6f:d9:
         04:97:85:34:36:fe:91:15:27:04:c6:ee:b6:0d:3b:b0:89:af:
         79:f0:9a:a3:cc:44:57:05:47:b0:68:7f:70:0c:17:ce:ef:a3:
         9c:fd:ac:dc:fc:29:1c:d6:b5:fe:7b:0c:de:df:b4:01:a6:c9:
         33:0b:82:05:37:0e:03:30:ac:1a:7b:76:8e:07:da:95:54:98:
         e9:39:63:36:45:9d:85:56:c9:3d:e2:ac:12:21:09:1c:4a:30:
         ab:bf:e9:91:8a:3e:b9:cc:f7:d8:e2:0f:b9:ee:22:92:8a:a5:
         48:3d:5a:61:e7:97:43:02:e4:ca:d8:d1:24:64:92:d2:d4:87:
         22:a0:c3:d1:d4:d0:a0:c6:00:62:fc:1f:7c:df:28:e7:8d:6f:
         2a:14:25:c3:ff:6d:a7:7f:09:06:42:fc:18:37:24:a7:cf:1c:
         a7:43:83:cf:ab:6c:b2:ea:bb:2d:47:a2:ce:90:d9:8d:7c:ce:
         bb:64:53:4f:ac:02:cb:1d:18:2c:42:37:b6:1f:55:24:de:f0:
         b9:b3:70:14:4f:47:9b:c3:5b:8b:c5:69:1a:33:03:31:87:fe:
         3d:dd:18:62:19:11:53:e0:48:b1:5a:d1:2a:f6:a9:de:70:94:
         b6:57:ef:a9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECLsZWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDRlNTlhMjIzZjRiY2I4MjM0OTJmYjEwOTZjM2E4MjMxMGMwM2RhMB4XDTIyMDEw
MTAxMDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M5ZjhhYzEzZDg1
ODI1YjhmNzQ0NTdlNDE2YTY1ZDQ2OTBjNjFhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqOghT6kQ/td9MFjWpHcBPavuIm553g4gr94qumz08xtLIA
I7+683uBi94xepvrHcfE4UExywaf51ddItwh4MtCC5Urh/BgOj/25JP0M460Y88D
84A+FL7oIb3hK1stvMuVJ4U0ueKCp1Lx34DCPzvqbqhhQxbJz+V2EfXudY7qEacf
FKHSzPmOh4MRPgd6z4ZDN80iep76M8YWvXduhdhJ+6HZdiKex71fVklegRxZYAzv
L8eKZ3SVAS+FVWuFg4cmUoqj9gB5Cp25B7nvJbKsuc3yMPJbyX6FW2qJIWnerD6s
BisKKUKOj8ml67VKT8gAfil2eO/vbnq5tOFvG+MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ8n4rBPYWCW490RX5BamXUaQxhpTAfBgNVHSMEGDAWgBQwTlmiI/S8uCNJ
L7EJbDqCMQwD2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01FNVpvaVAwdkxnalNTLXhDV3c2Z2pFTUE5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZjUzNmNkLTk0M2YtNDU1NC05ZjE3LTM0NGNjNTAyZjFiZC8x
L1BKLUt3VDJGZ2x1UGRFVi1RV3BsMUdrTVlhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZjUzNmNkLTk0M2YtNDU1NC05ZjE3LTM0NGNjNTAyZjFiZC8xL01FNVpvaVAwdkxn
alNTLXhDV3c2Z2pFTUE5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAbl3aAMEALl3azANBAIAAjAHAwUD
KgaKADANBgkqhkiG9w0BAQsFAAOCAQEAQSVRnEVEkqeH2yNx8MvGLW/ZBJeFNDb+
kRUnBMbutg07sImvefCao8xEVwVHsGh/cAwXzu+jnP2s3PwpHNa1/nsM3t+0AabJ
MwuCBTcOAzCsGnt2jgfalVSY6TljNkWdhVbJPeKsEiEJHEowq7/pkYo+ucz32OIP
ue4ikoqlSD1aYeeXQwLkytjRJGSS0tSHIqDD0dTQoMYAYvwffN8o541vKhQlw/9t
p38JBkL8GDckp88cp0ODz6tssuq7LUeizpDZjXzOu2RTT6wCyx0YLEI3th9VJN7w
ubNwFE9Hm8Nbi8VpGjMDMYf+Pd0YYhkRU+BIsVrRKvap3nCUtlfvqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:54 2024 by rpki-client on console-ams.rpki-client.org