Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JIr69kPypJMS49p3km818l5rQmg.roa
File:                     JIr69kPypJMS49p3km818l5rQmg.roa (raw, json)
Hash identifier:          RXxXqk6k4PUcozTqaqsSweUFu2iBiy95Nr9TcA2p+T4=
Subject key identifier:   24:8A:FA:F6:43:F2:A4:93:12:E3:DA:77:92:6F:35:F2:5E:6B:42:68
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       034ECDA3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JIr69kPypJMS49p3km818l5rQmg.roa
Signing time:             Sat 01 Jan 2022 16:04:44 +0000
ROA not before:           Sat 01 Jan 2022 16:04:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211641
IP address blocks:        185.109.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55496099 (0x34ecda3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  1 16:04:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=248afaf643f2a49312e3da77926f35f25e6b4268
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fe:d2:d7:17:a3:aa:87:7f:43:87:b8:b5:39:
                    17:6c:73:85:fb:63:8f:04:f3:3e:14:c2:40:6c:6b:
                    8a:b1:1b:81:0f:55:ad:22:e5:71:10:59:3d:da:2b:
                    de:2d:30:0b:76:fc:16:0f:91:17:d9:dd:3b:3b:23:
                    54:c7:6d:7e:99:ac:9c:27:50:ae:f9:7d:8a:02:3e:
                    b1:84:ea:b6:2e:7e:55:7e:3d:dc:98:1b:a2:ae:f8:
                    3a:6a:bd:1e:ae:52:38:ad:fb:f5:13:52:2f:54:e3:
                    09:7e:38:17:be:93:d7:ae:15:8d:08:bc:c8:ea:2e:
                    03:07:fb:00:5f:8e:7f:a4:8d:37:5b:29:2f:4f:23:
                    13:20:dd:d4:37:f0:fc:81:05:47:f4:07:e1:a1:9d:
                    20:0a:48:b3:81:f4:95:85:53:32:9d:6d:97:a3:87:
                    12:91:d6:01:58:53:39:b3:1f:49:f8:d3:a4:fe:bd:
                    b0:21:51:eb:2e:6b:04:17:c1:a6:e4:02:dc:58:6f:
                    b9:fa:e0:08:2c:5e:d2:ff:30:78:db:b5:63:3b:e4:
                    5e:ff:19:f8:a7:44:3e:b7:34:67:d9:1a:44:c2:aa:
                    49:d9:32:3f:1c:15:b3:be:f5:0f:8f:ce:2b:be:2a:
                    d7:05:25:e0:77:b2:8f:40:b9:8a:5d:6b:19:d1:0b:
                    26:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:8A:FA:F6:43:F2:A4:93:12:E3:DA:77:92:6F:35:F2:5E:6B:42:68
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JIr69kPypJMS49p3km818l5rQmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.109.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:7a:1d:e1:fa:88:f8:29:85:32:db:f1:96:b7:86:0f:a8:7f:
         67:94:01:65:85:fe:f0:cd:a1:5c:5e:c6:36:08:65:f9:7b:42:
         6d:68:d8:5b:96:b6:31:ea:63:39:b1:83:bf:94:ae:80:44:9b:
         4a:f1:90:1f:7a:a6:d8:1a:e0:f5:98:29:f8:cb:10:01:90:af:
         d0:a6:68:1b:68:cd:00:ff:0a:02:10:be:36:c4:d0:40:e4:3d:
         e4:27:38:f7:bd:94:5e:ec:96:69:71:48:f7:33:3a:8d:10:fd:
         e8:54:51:bf:0e:1f:18:d3:55:49:1c:ec:67:ea:48:71:9f:fb:
         bb:6c:a2:e5:f6:b0:b0:80:ad:12:37:96:cb:52:0f:88:2c:ab:
         af:cc:1b:f6:da:01:7e:91:c9:70:00:c5:82:76:fd:37:e7:0a:
         07:bf:63:4e:b6:d9:cd:fe:31:3f:c4:31:c2:b6:68:c2:e3:04:
         ec:f2:88:0b:38:ad:be:f4:7b:2a:22:f1:73:0f:18:9f:82:ad:
         82:52:39:e5:6a:dc:67:11:76:ec:41:49:58:9f:39:74:96:cd:
         77:20:2f:68:e5:09:8c:bd:c0:d2:a1:33:04:a1:ff:c0:a4:e7:
         74:7d:aa:a6:14:9a:7d:77:11:10:97:c4:04:43:48:13:29:0b:
         4f:5c:42:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA07NozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ4YWZhZjY0M2Yy
YTQ5MzEyZTNkYTc3OTI2ZjM1ZjI1ZTZiNDI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMD+0tcXo6qHf0OHuLU5F2xzhftjjwTzPhTCQGxrirEbgQ9V
rSLlcRBZPdor3i0wC3b8Fg+RF9ndOzsjVMdtfpmsnCdQrvl9igI+sYTqti5+VX49
3Jgboq74Omq9Hq5SOK379RNSL1TjCX44F76T164VjQi8yOouAwf7AF+Of6SNN1sp
L08jEyDd1Dfw/IEFR/QH4aGdIApIs4H0lYVTMp1tl6OHEpHWAVhTObMfSfjTpP69
sCFR6y5rBBfBpuQC3FhvufrgCCxe0v8weNu1YzvkXv8Z+KdEPrc0Z9kaRMKqSdky
PxwVs771D4/OK74q1wUl4Heyj0C5il1rGdELJq8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkivr2Q/KkkxLj2neSbzXyXmtCaDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0pJcjY5a1B5cEpNUzQ5cDNrbTgxOGw1clFtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALltFDANBgkqhkiG9w0BAQsFAAOC
AQEAg3od4fqI+CmFMtvxlreGD6h/Z5QBZYX+8M2hXF7GNghl+XtCbWjYW5a2Mepj
ObGDv5SugESbSvGQH3qm2Brg9Zgp+MsQAZCv0KZoG2jNAP8KAhC+NsTQQOQ95Cc4
972UXuyWaXFI9zM6jRD96FRRvw4fGNNVSRzsZ+pIcZ/7u2yi5fawsICtEjeWy1IP
iCyrr8wb9toBfpHJcADFgnb9N+cKB79jTrbZzf4xP8QxwrZowuME7PKICzitvvR7
KiLxcw8Yn4KtglI55WrcZxF27EFJWJ85dJbNdyAvaOUJjL3A0qEzBKH/wKTndH2q
phSafXcREJfEBENIEykLT1xCWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org