Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/X8vI3Eti77LWgakSdRQpYjxa9ig.roa
File:                     X8vI3Eti77LWgakSdRQpYjxa9ig.roa (raw, json)
Hash identifier:          IHcIPattEy5gvuL+iICtKLsb2s9oShSOdjga/7lTrV0=
Subject key identifier:   5F:CB:C8:DC:4B:62:EF:B2:D6:81:A9:12:75:14:29:62:3C:5A:F6:28
Certificate issuer:       /CN=fdcd4516a27bb83848110cb32082bcfca9f36890
Certificate serial:       01058D8D
Authority key identifier: FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/X8vI3Eti77LWgakSdRQpYjxa9ig.roa
Signing time:             Sat 01 Jan 2022 06:57:14 +0000
ROA not before:           Sat 01 Jan 2022 06:57:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        109.205.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17141133 (0x1058d8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdcd4516a27bb83848110cb32082bcfca9f36890
        Validity
            Not Before: Jan  1 06:57:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5fcbc8dc4b62efb2d681a912751429623c5af628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ef:66:ea:db:57:17:54:5a:54:a6:d1:f8:3e:
                    13:b1:77:6d:0a:17:c1:57:30:52:60:01:1b:25:be:
                    b3:25:56:b1:ca:6d:72:fd:5d:25:bf:cc:37:dc:d5:
                    7e:2b:e8:56:8a:e0:e3:64:41:c6:0c:dd:76:16:33:
                    61:0b:20:bb:7b:cf:b8:f2:17:9c:e8:71:0f:dc:15:
                    98:c1:9e:43:2a:7a:db:31:e0:ec:7e:ae:5d:2e:bd:
                    c7:6f:c2:f9:eb:6b:3e:21:3e:14:a5:f2:78:c9:15:
                    bc:95:d7:68:24:46:fa:10:0c:86:d0:7d:c5:33:2a:
                    3a:42:59:0b:36:f7:63:a7:a1:d5:1a:63:93:b8:01:
                    be:3a:f4:48:59:26:da:0c:8b:ce:21:60:7d:f1:8a:
                    cf:89:a2:c1:85:c4:7e:21:7b:1b:ae:c8:eb:7c:1f:
                    33:55:ac:7d:a7:66:2e:8b:0a:e8:d6:e9:c2:13:0f:
                    48:cd:74:c1:73:ab:2e:9b:93:e4:db:a3:09:03:6e:
                    73:9b:80:df:8d:c0:94:96:0f:99:47:65:66:bb:32:
                    92:dd:3d:4a:b2:5a:1f:66:43:b7:d2:13:6e:c1:c2:
                    9c:93:12:54:f6:28:22:76:83:09:88:2b:ea:69:56:
                    75:79:c5:90:f9:28:9f:9f:25:bc:a1:40:91:b3:14:
                    97:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CB:C8:DC:4B:62:EF:B2:D6:81:A9:12:75:14:29:62:3C:5A:F6:28
            X509v3 Authority Key Identifier:
                keyid:FD:CD:45:16:A2:7B:B8:38:48:11:0C:B3:20:82:BC:FC:A9:F3:68:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/X8vI3Eti77LWgakSdRQpYjxa9ig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/4b0995-6274-4259-bb4e-310d6c715c24/1/_c1FFqJ7uDhIEQyzIIK8_KnzaJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.205.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:21:93:59:cf:cf:da:8b:bc:6a:17:f8:6b:d0:a6:0a:cb:45:
         a8:82:7e:b6:c0:62:36:a2:d8:6e:48:9d:94:34:e2:75:24:81:
         d8:67:f7:18:76:36:0a:bd:0d:c8:68:1a:ab:8e:c2:77:ae:f0:
         0a:a8:3c:6e:94:35:8b:76:c6:62:db:33:7e:99:24:42:cf:08:
         b8:b9:36:62:4a:00:b5:f9:73:5e:61:06:75:e4:8f:47:b0:50:
         74:e1:c1:2d:51:14:7f:79:fc:a5:e6:11:14:d8:8f:9a:ef:de:
         9b:7e:bd:68:1f:a9:4f:06:1c:63:c4:f3:23:05:88:b8:b9:f9:
         e9:fe:82:ca:c2:cc:40:80:cd:62:3f:cf:77:78:48:5f:42:e1:
         df:87:ad:8f:9f:b4:0f:e6:4e:8f:04:e6:a6:57:d2:b1:ec:7d:
         84:56:c6:e7:52:3f:87:01:22:a4:a6:ed:e5:da:a4:c3:73:aa:
         40:6a:f5:b3:98:c6:45:a6:ef:2e:e3:23:ed:3a:e5:99:60:2f:
         68:0f:4a:16:25:84:2c:07:86:d2:3e:fb:d6:3c:7b:cb:de:17:
         3d:fb:0e:a5:81:a3:03:92:d1:16:81:61:c3:9d:ea:58:50:6f:
         11:a0:11:c8:30:70:a2:b8:67:7c:6e:c9:db:e5:4c:a5:b9:6e:
         34:ec:34:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQWNjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZGNkNDUxNmEyN2JiODM4NDgxMTBjYjMyMDgyYmNmY2E5ZjM2ODkwMB4XDTIyMDEw
MTA2NTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZjYmM4ZGM0YjYy
ZWZiMmQ2ODFhOTEyNzUxNDI5NjIzYzVhZjYyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjvZurbVxdUWlSm0fg+E7F3bQoXwVcwUmABGyW+syVWscpt
cv1dJb/MN9zVfivoVorg42RBxgzddhYzYQsgu3vPuPIXnOhxD9wVmMGeQyp62zHg
7H6uXS69x2/C+etrPiE+FKXyeMkVvJXXaCRG+hAMhtB9xTMqOkJZCzb3Y6eh1Rpj
k7gBvjr0SFkm2gyLziFgffGKz4miwYXEfiF7G67I63wfM1WsfadmLosK6NbpwhMP
SM10wXOrLpuT5NujCQNuc5uA343AlJYPmUdlZrsykt09SrJaH2ZDt9ITbsHCnJMS
VPYoInaDCYgr6mlWdXnFkPkon58lvKFAkbMUlzkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfy8jcS2LvstaBqRJ1FCliPFr2KDAfBgNVHSMEGDAWgBT9zUUWonu4OEgR
DLMggrz8qfNokDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19jMUZGcUo3dURoSUVReXpJSUs4X0tuemFKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNGIwOTk1LTYyNzQtNDI1OS1iYjRlLTMxMGQ2YzcxNWMyNC8x
L1g4dkkzRXRpNzdMV2dha1NkUlFwWWp4YTlpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NGIwOTk1LTYyNzQtNDI1OS1iYjRlLTMxMGQ2YzcxNWMyNC8xL19jMUZGcUo3dURo
SUVReXpJSUs4X0tuemFKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3NOzANBgkqhkiG9w0BAQsFAAOC
AQEAGSGTWc/P2ou8ahf4a9CmCstFqIJ+tsBiNqLYbkidlDTidSSB2Gf3GHY2Cr0N
yGgaq47Cd67wCqg8bpQ1i3bGYtszfpkkQs8IuLk2YkoAtflzXmEGdeSPR7BQdOHB
LVEUf3n8peYRFNiPmu/em369aB+pTwYcY8TzIwWIuLn56f6CysLMQIDNYj/Pd3hI
X0Lh34etj5+0D+ZOjwTmplfSsex9hFbG51I/hwEipKbt5dqkw3OqQGr1s5jGRabv
LuMj7TrlmWAvaA9KFiWELAeG0j771jx7y94XPfsOpYGjA5LRFoFhw53qWFBvEaAR
yDBworhnfG7J2+VMpbluNOw01A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:20 2023 by rpki-client on console-fra.rpki-client.org