Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/WqkLrPvky6mcaxCN23MKQrW8-Ko.roa
File:                     WqkLrPvky6mcaxCN23MKQrW8-Ko.roa (raw, json)
Hash identifier:          QN8kvUM3FUN6n21Hi0qysTfPHK11AvV9didTMiUn7BQ=
Subject key identifier:   5A:A9:0B:AC:FB:E4:CB:A9:9C:6B:10:8D:DB:73:0A:42:B5:BC:F8:AA
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       091D7A1F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/WqkLrPvky6mcaxCN23MKQrW8-Ko.roa
Signing time:             Sat 01 Jan 2022 16:00:41 +0000
ROA not before:           Sat 01 Jan 2022 16:00:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205203
IP address blocks:        194.56.227.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152926751 (0x91d7a1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:00:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5aa90bacfbe4cba99c6b108ddb730a42b5bcf8aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4f:61:59:e5:43:d9:05:a6:d8:e4:30:20:43:
                    fc:aa:99:4b:7d:a5:fd:f0:fb:62:17:e9:c3:63:f6:
                    81:4a:1d:ba:00:e8:74:2f:0f:4a:d4:11:0d:30:dc:
                    01:f0:14:65:fa:ce:f9:d6:2f:12:57:3c:52:f8:07:
                    3c:0a:17:d4:c0:7a:30:70:08:da:f5:57:12:22:6a:
                    3a:23:b0:d9:18:ba:77:c8:3e:6d:23:5f:0f:b4:74:
                    73:21:56:aa:4c:c1:bd:f1:35:be:6c:b8:d7:0d:1b:
                    84:ca:3d:74:6e:69:92:89:d1:73:8d:da:5c:e9:d3:
                    3b:c7:58:3d:98:a6:9a:90:09:10:c8:9e:ac:63:25:
                    dd:df:df:d0:4e:c8:e1:e9:2d:52:e5:2c:f6:1a:1e:
                    05:bf:3a:91:40:c0:96:37:a9:9d:df:00:cb:b9:58:
                    39:9b:8c:51:63:c9:87:d1:a0:0a:3e:63:f8:c8:ab:
                    14:63:5d:52:6c:1d:b8:d0:7e:b9:5a:dd:7c:c4:e4:
                    34:a4:6e:41:aa:a6:cb:bc:ea:80:29:e4:a3:bf:c9:
                    cf:d7:0b:78:2d:c1:22:c3:cc:ab:34:7a:37:dc:3d:
                    ca:2e:5e:5a:9b:9a:03:68:6a:75:91:61:9e:46:b0:
                    a9:e0:2d:0a:e0:ca:f6:b9:43:5c:5c:ea:c6:34:fa:
                    c1:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A9:0B:AC:FB:E4:CB:A9:9C:6B:10:8D:DB:73:0A:42:B5:BC:F8:AA
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/WqkLrPvky6mcaxCN23MKQrW8-Ko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.56.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:c9:19:b2:33:37:55:25:d2:c4:b4:d2:0d:16:d9:92:db:8e:
         b3:91:35:ac:07:14:4a:68:68:a0:d9:82:55:71:d6:8d:65:8a:
         25:0b:6a:f4:25:96:bb:df:e7:ea:ad:c9:f6:27:64:b3:01:f4:
         fd:b2:f9:c1:bf:91:08:74:f4:ca:bf:43:b1:a6:f6:15:8d:99:
         d9:37:cb:56:e8:17:14:e4:d2:13:ce:89:ff:fb:c1:d8:24:5c:
         78:f1:47:a1:86:3e:f2:49:e1:6a:6f:26:da:bc:2e:ec:97:24:
         27:67:06:f4:ca:d7:ab:ba:93:8f:45:0b:87:aa:ec:b8:e6:82:
         76:a9:4f:b1:e4:6c:fa:86:f6:7f:6a:1c:7e:c1:44:32:26:4d:
         3a:f7:64:91:73:1d:5c:90:4d:1d:23:96:80:2d:e5:4d:24:5f:
         fa:88:88:20:2a:9a:d5:7e:67:02:d8:b9:8a:73:1a:8e:5d:eb:
         3d:2b:bc:70:6f:3b:76:dc:a2:da:38:ab:a0:22:01:b7:94:d6:
         1d:87:a0:f7:c3:74:cb:6b:48:7f:61:69:be:76:0a:c0:46:2e:
         c2:75:e9:d2:b8:e3:d7:5c:36:8c:71:eb:65:0c:a1:cb:3f:d2:
         a6:65:6b:53:bf:b2:7d:f8:14:52:c0:87:3d:c2:05:0e:e1:11:
         9f:d3:94:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECR16HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFhOTBiYWNmYmU0
Y2JhOTljNmIxMDhkZGI3MzBhNDJiNWJjZjhhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlPYVnlQ9kFptjkMCBD/KqZS32l/fD7Yhfpw2P2gUodugDo
dC8PStQRDTDcAfAUZfrO+dYvElc8UvgHPAoX1MB6MHAI2vVXEiJqOiOw2Ri6d8g+
bSNfD7R0cyFWqkzBvfE1vmy41w0bhMo9dG5pkonRc43aXOnTO8dYPZimmpAJEMie
rGMl3d/f0E7I4ektUuUs9hoeBb86kUDAljepnd8Ay7lYOZuMUWPJh9GgCj5j+Mir
FGNdUmwduNB+uVrdfMTkNKRuQaqmy7zqgCnko7/Jz9cLeC3BIsPMqzR6N9w9yi5e
WpuaA2hqdZFhnkawqeAtCuDK9rlDXFzqxjT6wesCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaqQus++TLqZxrEI3bcwpCtbz4qjAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L1dxa0xyUHZreTZtY2F4Q04yM01LUXJXOC1Lby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI44zANBgkqhkiG9w0BAQsFAAOC
AQEAvskZsjM3VSXSxLTSDRbZktuOs5E1rAcUSmhooNmCVXHWjWWKJQtq9CWWu9/n
6q3J9idkswH0/bL5wb+RCHT0yr9Dsab2FY2Z2TfLVugXFOTSE86J//vB2CRcePFH
oYY+8knham8m2rwu7JckJ2cG9MrXq7qTj0ULh6rsuOaCdqlPseRs+ob2f2ocfsFE
MiZNOvdkkXMdXJBNHSOWgC3lTSRf+oiIICqa1X5nAti5inMajl3rPSu8cG87dtyi
2jiroCIBt5TWHYeg98N0y2tIf2FpvnYKwEYuwnXp0rjj11w2jHHrZQyhyz/SpmVr
U7+yffgUUsCHPcIFDuERn9OUYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org