Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/uFJCOADUITW_RVTgYkjvbWrGDiI.roa
File:                     uFJCOADUITW_RVTgYkjvbWrGDiI.roa (raw, json)
Hash identifier:          H+qPXjAw9Q4RdeTspTQj/wSkzrIiiOD0dc0PMKLD5sY=
Subject key identifier:   B8:52:42:38:00:D4:21:35:BF:45:54:E0:62:48:EF:6D:6A:C6:0E:22
Certificate issuer:       /CN=3841266f2c94ac422b96a68a7500bb82c1179191
Certificate serial:       056DCCCA
Authority key identifier: 38:41:26:6F:2C:94:AC:42:2B:96:A6:8A:75:00:BB:82:C1:17:91:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OEEmbyyUrEIrlqaKdQC7gsEXkZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/uFJCOADUITW_RVTgYkjvbWrGDiI.roa
Signing time:             Sat 01 Jan 2022 15:59:10 +0000
ROA not before:           Sat 01 Jan 2022 15:59:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50999
IP address blocks:        109.171.128.0/17 maxlen: 24
                          2a05:3280::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91081930 (0x56dccca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3841266f2c94ac422b96a68a7500bb82c1179191
        Validity
            Not Before: Jan  1 15:59:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b852423800d42135bf4554e06248ef6d6ac60e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:13:db:81:e2:c6:52:b1:dc:87:8f:22:d6:19:
                    d3:99:98:16:35:45:fe:e8:a9:51:1f:c3:ae:5a:1f:
                    34:67:60:f2:17:86:82:70:75:33:2b:58:f7:c5:24:
                    e7:02:e6:bb:14:94:ef:33:3e:5a:be:1e:2a:48:d9:
                    1d:78:5d:5e:1e:7e:e2:2c:3a:40:a9:fd:fe:62:0a:
                    de:ff:3b:b4:d5:b9:a4:46:95:0d:49:0b:95:b7:63:
                    ea:b1:cf:e3:2f:9a:1b:21:c2:76:84:67:85:c1:7c:
                    49:bb:f8:b4:49:ac:d7:82:12:50:e4:19:1c:68:a8:
                    cc:e2:b7:55:4d:4e:50:9c:d3:13:73:8c:e0:5e:5b:
                    1e:02:bf:d7:f2:1c:69:0d:18:b6:db:68:2f:87:18:
                    03:82:d0:a3:11:b9:af:51:be:30:f0:1b:f8:5c:7e:
                    5a:38:a8:79:6c:07:24:a1:39:db:8f:ec:4c:dd:9c:
                    f4:34:8b:b2:24:81:55:0e:8d:e7:df:66:1a:61:3a:
                    d2:ed:b9:18:3f:26:c0:03:c6:d6:76:86:b2:40:5a:
                    58:3c:54:50:dd:95:7e:4e:bb:4e:ec:35:9b:0a:d7:
                    32:94:da:fa:b7:65:7d:57:db:59:34:a8:bc:88:3d:
                    f8:a4:2b:f3:ac:4d:90:e3:ed:c1:e9:8c:15:9f:6b:
                    e1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:52:42:38:00:D4:21:35:BF:45:54:E0:62:48:EF:6D:6A:C6:0E:22
            X509v3 Authority Key Identifier:
                keyid:38:41:26:6F:2C:94:AC:42:2B:96:A6:8A:75:00:BB:82:C1:17:91:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEEmbyyUrEIrlqaKdQC7gsEXkZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/uFJCOADUITW_RVTgYkjvbWrGDiI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/10a444-3e30-4421-b439-86e5a9ef862a/1/OEEmbyyUrEIrlqaKdQC7gsEXkZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.171.128.0/17
                IPv6:
                  2a05:3280::/29

    Signature Algorithm: sha256WithRSAEncryption
         87:f1:9a:a0:30:6b:71:a6:d7:54:d5:e7:9a:50:7c:ba:4e:9d:
         58:4f:b6:50:e0:85:a7:3c:9f:17:ab:1c:88:86:ca:bd:68:20:
         5b:27:b1:2c:fd:40:45:5d:13:18:a3:f2:81:84:23:f2:bf:f8:
         b1:77:5c:1a:44:5e:4d:2c:ee:3a:a6:15:46:a6:a0:45:f7:42:
         d5:91:d1:5e:3f:81:1e:72:b0:b6:7f:4c:7f:55:eb:31:20:67:
         c4:32:28:a9:96:db:7b:f9:e7:4a:35:74:de:7f:b7:c0:97:6c:
         30:f5:07:f5:02:2c:84:88:b2:59:d1:41:a0:85:aa:36:8c:da:
         96:31:64:1a:df:f2:6a:31:9f:eb:04:0c:9b:d6:03:21:12:73:
         5c:ae:ca:c2:a7:54:8b:f9:6c:a6:98:e7:bf:19:42:f8:dd:90:
         6d:f5:81:65:0e:96:8c:15:57:a9:18:02:d9:74:40:9f:c6:36:
         81:e2:bb:4d:7e:2b:e5:44:ae:98:4b:85:4f:96:d9:ca:64:22:
         f4:2a:dc:b6:a1:f1:e4:4e:db:9c:be:a8:d1:44:32:6e:e8:73:
         a5:6c:81:47:ea:6f:d8:58:ef:13:a3:82:58:93:51:e6:42:dc:
         34:6c:f4:24:d8:90:23:9d:63:b0:6a:48:09:47:48:fe:22:3e:
         b5:1f:38:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBW3MyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODQxMjY2ZjJjOTRhYzQyMmI5NmE2OGE3NTAwYmI4MmMxMTc5MTkxMB4XDTIyMDEw
MTE1NTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjg1MjQyMzgwMGQ0
MjEzNWJmNDU1NGUwNjI0OGVmNmQ2YWM2MGUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0T24HixlKx3IePItYZ05mYFjVF/uipUR/DrlofNGdg8heG
gnB1MytY98Uk5wLmuxSU7zM+Wr4eKkjZHXhdXh5+4iw6QKn9/mIK3v87tNW5pEaV
DUkLlbdj6rHP4y+aGyHCdoRnhcF8Sbv4tEms14ISUOQZHGiozOK3VU1OUJzTE3OM
4F5bHgK/1/IcaQ0YtttoL4cYA4LQoxG5r1G+MPAb+Fx+WjioeWwHJKE524/sTN2c
9DSLsiSBVQ6N599mGmE60u25GD8mwAPG1naGskBaWDxUUN2Vfk67Tuw1mwrXMpTa
+rdlfVfbWTSovIg9+KQr86xNkOPtwemMFZ9r4SMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS4UkI4ANQhNb9FVOBiSO9tasYOIjAfBgNVHSMEGDAWgBQ4QSZvLJSsQiuW
pop1ALuCwReRkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09FRW1ieXlVckVJcmxxYUtkUUM3Z3NFWGtaRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvMTBhNDQ0LTNlMzAtNDQyMS1iNDM5LTg2ZTVhOWVmODYyYS8x
L3VGSkNPQURVSVRXX1JWVGdZa2p2YldyR0RpSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
MTBhNDQ0LTNlMzAtNDQyMS1iNDM5LTg2ZTVhOWVmODYyYS8xL09FRW1ieXlVckVJ
cmxxYUtkUUM3Z3NFWGtaRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEB22rgDANBAIAAjAHAwUDKgUygDAN
BgkqhkiG9w0BAQsFAAOCAQEAh/GaoDBrcabXVNXnmlB8uk6dWE+2UOCFpzyfF6sc
iIbKvWggWyexLP1ARV0TGKPygYQj8r/4sXdcGkReTSzuOqYVRqagRfdC1ZHRXj+B
HnKwtn9Mf1XrMSBnxDIoqZbbe/nnSjV03n+3wJdsMPUH9QIshIiyWdFBoIWqNoza
ljFkGt/yajGf6wQMm9YDIRJzXK7KwqdUi/lsppjnvxlC+N2QbfWBZQ6WjBVXqRgC
2XRAn8Y2geK7TX4r5USumEuFT5bZymQi9CrctqHx5E7bnL6o0UQybuhzpWyBR+pv
2FjvE6OCWJNR5kLcNGz0JNiQI51jsGpICUdI/iI+tR84Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:31 2024 by rpki-client on console-ams.rpki-client.org