Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vjtWuGsZT0iT-XhOkxb2WZNfjdA.roa
File:                     vjtWuGsZT0iT-XhOkxb2WZNfjdA.roa (raw, json)
Hash identifier:          DOtbI5D4Ub3UHUXPDbetQU6tX5cz4o2uh6pFqKOXCr8=
Subject key identifier:   BE:3B:56:B8:6B:19:4F:48:93:F9:78:4E:93:16:F6:59:93:5F:8D:D0
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       12878427
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vjtWuGsZT0iT-XhOkxb2WZNfjdA.roa
Signing time:             Sat 01 Jan 2022 10:05:46 +0000
ROA not before:           Sat 01 Jan 2022 10:05:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50530
IP address blocks:        109.125.180.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 310871079 (0x12878427)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  1 10:05:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be3b56b86b194f4893f9784e9316f659935f8dd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3a:2c:23:59:87:13:32:78:db:2e:ab:65:d5:
                    cf:08:54:cd:09:9a:41:f5:3b:03:7e:d3:fb:ee:52:
                    44:08:c9:36:92:80:bd:46:e9:45:0a:0e:f5:33:50:
                    77:94:10:c0:60:1b:39:b2:09:4a:b6:38:6f:0c:0b:
                    03:18:35:3b:a1:25:5c:82:39:38:a1:a9:dd:37:1b:
                    63:65:89:be:cd:85:9b:59:11:79:91:3b:6a:71:ca:
                    d9:3a:88:ce:0c:35:ae:66:2d:41:de:c0:02:19:8d:
                    cd:70:18:ce:ac:3d:d0:31:46:d6:39:03:68:a5:4e:
                    ee:e0:5a:b3:42:77:2f:36:0a:59:73:35:6c:aa:1e:
                    f9:98:37:b5:40:41:3e:5f:c8:24:b2:3f:96:4a:3e:
                    35:26:b5:da:da:7c:70:2e:a9:d9:bd:b4:e1:f5:6e:
                    f2:01:a8:32:4b:19:1e:bb:76:c6:a3:62:66:50:4f:
                    00:5b:b9:69:2f:0e:fc:71:54:1a:e1:83:72:01:50:
                    34:75:08:86:4b:3d:2c:5b:ed:2e:c7:2d:28:d3:e7:
                    5a:6c:5b:dc:47:31:35:7c:5e:f5:04:2a:9f:ac:e0:
                    71:ff:33:7d:c4:a7:75:92:24:4a:25:12:fa:cb:a3:
                    47:ab:c8:34:bb:ad:d9:aa:3f:65:ae:45:46:22:1c:
                    ed:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:3B:56:B8:6B:19:4F:48:93:F9:78:4E:93:16:F6:59:93:5F:8D:D0
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vjtWuGsZT0iT-XhOkxb2WZNfjdA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.125.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:9e:05:9d:91:28:03:67:7b:ca:fa:4e:09:84:68:7b:0c:98:
         48:06:4f:c5:b9:9d:95:1c:c3:a0:07:9e:f3:86:d8:ed:0a:ab:
         05:47:e4:68:a6:47:3c:50:f7:ed:17:ba:6e:98:a9:28:17:b7:
         e9:fa:a3:9a:0d:f5:ea:76:d3:ad:d8:a5:3a:c6:bb:84:1b:b5:
         5a:55:77:04:e2:40:b0:45:77:8f:94:78:45:88:42:22:8c:4b:
         7b:61:55:93:5d:72:3c:a8:f2:a2:42:ad:91:13:f4:b0:91:50:
         f5:b4:01:f4:02:9c:66:a8:c6:4b:16:65:05:62:ec:d7:82:cd:
         f3:1d:55:77:e5:d3:da:36:dc:68:e1:9d:db:47:17:34:08:13:
         cc:da:1b:ba:aa:11:76:06:47:4d:77:7e:43:e8:ee:3d:4b:37:
         74:5e:61:a3:94:96:53:ca:5e:a2:11:a3:0c:2f:9b:d3:82:ba:
         7c:88:8e:6b:04:ba:47:3c:5d:a8:fc:63:fe:75:03:42:19:b0:
         c7:ca:78:f4:10:ff:8a:86:f0:f1:5a:1a:84:20:6b:62:36:37:
         58:b2:99:56:b3:7f:e9:e2:21:3a:d3:b2:8b:19:aa:68:8d:ed:
         37:dc:2e:3f:33:89:c2:81:64:c0:ca:11:1d:1d:94:34:fb:c0:
         4d:09:1d:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEoeEJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUzYjU2Yjg2YjE5
NGY0ODkzZjk3ODRlOTMxNmY2NTk5MzVmOGRkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKk6LCNZhxMyeNsuq2XVzwhUzQmaQfU7A37T++5SRAjJNpKA
vUbpRQoO9TNQd5QQwGAbObIJSrY4bwwLAxg1O6ElXII5OKGp3TcbY2WJvs2Fm1kR
eZE7anHK2TqIzgw1rmYtQd7AAhmNzXAYzqw90DFG1jkDaKVO7uBas0J3LzYKWXM1
bKoe+Zg3tUBBPl/IJLI/lko+NSa12tp8cC6p2b204fVu8gGoMksZHrt2xqNiZlBP
AFu5aS8O/HFUGuGDcgFQNHUIhks9LFvtLsctKNPnWmxb3EcxNXxe9QQqn6zgcf8z
fcSndZIkSiUS+sujR6vINLut2ao/Za5FRiIc7bECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+O1a4axlPSJP5eE6TFvZZk1+N0DAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L3ZqdFd1R3NaVDBpVC1YaE9reGIyV1pOZmpkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAW19tDANBgkqhkiG9w0BAQsFAAOC
AQEANZ4FnZEoA2d7yvpOCYRoewyYSAZPxbmdlRzDoAee84bY7QqrBUfkaKZHPFD3
7Re6bpipKBe36fqjmg316nbTrdilOsa7hBu1WlV3BOJAsEV3j5R4RYhCIoxLe2FV
k11yPKjyokKtkRP0sJFQ9bQB9AKcZqjGSxZlBWLs14LN8x1Vd+XT2jbcaOGd20cX
NAgTzNobuqoRdgZHTXd+Q+juPUs3dF5ho5SWU8peohGjDC+b04K6fIiOawS6Rzxd
qPxj/nUDQhmwx8p49BD/iobw8VoahCBrYjY3WLKZVrN/6eIhOtOyixmqaI3tN9wu
PzOJwoFkwMoRHR2UNPvATQkd8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:34 2024 by rpki-client on console-ams.rpki-client.org