Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bcc899-7a55-4c5c-a9ed-e5e02ef15126/1/WkNAnTU--7G3zoPO6FTxh5pv2hY.roa
File:                     WkNAnTU--7G3zoPO6FTxh5pv2hY.roa (raw, json)
Hash identifier:          9zFyV9A4x9pLvlf2qyKSE7hOU80lzEFnqX6tMql4WIU=
Subject key identifier:   5A:43:40:9D:35:3E:FB:B1:B7:CE:83:CE:E8:54:F1:87:9A:6F:DA:16
Certificate issuer:       /CN=54fb44eecad8d07f84ed34e0a22b671e70f16ae0
Certificate serial:       02BCBBEF
Authority key identifier: 54:FB:44:EE:CA:D8:D0:7F:84:ED:34:E0:A2:2B:67:1E:70:F1:6A:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VPtE7srY0H-E7TTgoitnHnDxauA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bcc899-7a55-4c5c-a9ed-e5e02ef15126/1/WkNAnTU--7G3zoPO6FTxh5pv2hY.roa
Signing time:             Fri 08 Apr 2022 16:46:22 +0000
ROA not before:           Fri 08 Apr 2022 16:46:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8530
IP address blocks:        185.159.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45923311 (0x2bcbbef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54fb44eecad8d07f84ed34e0a22b671e70f16ae0
        Validity
            Not Before: Apr  8 16:46:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a43409d353efbb1b7ce83cee854f1879a6fda16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:4a:a8:a5:85:b9:42:8b:42:da:5b:8d:81:a0:
                    12:f5:86:5c:cd:6f:78:8f:90:af:c7:e1:31:d6:18:
                    a2:c4:67:67:71:93:be:7b:fa:b8:86:9a:25:f7:ac:
                    2a:d8:a2:bf:bb:6f:05:b8:a7:85:c0:e2:3f:b7:e7:
                    67:a7:51:16:f0:f3:c5:bd:6f:56:63:47:ba:27:85:
                    01:f9:bd:69:c4:dd:a2:03:27:eb:db:71:1a:79:93:
                    0d:12:e3:8f:cc:8e:55:ea:1f:1c:0c:03:48:b4:5d:
                    a4:da:83:60:55:e9:ab:a8:9c:4f:aa:73:66:0c:4e:
                    4c:a8:c8:9a:be:76:06:70:30:1d:1a:a6:a4:d5:2c:
                    b1:7c:19:b5:21:90:71:56:8f:68:ff:c9:57:ad:fe:
                    55:1e:bb:a7:2b:6f:6d:f6:62:3b:2a:84:4f:b9:87:
                    61:a7:a3:ae:99:e2:79:ef:42:02:3b:d7:f7:f7:1a:
                    17:65:94:36:f3:7f:5f:05:6d:3b:00:95:1c:38:11:
                    4e:c9:44:33:63:52:20:5b:43:73:42:f0:fd:4e:39:
                    3f:5d:85:bc:e9:8e:00:8d:68:8a:ec:5a:a7:a0:d9:
                    2b:5f:b0:79:25:b7:80:f7:1d:80:ac:96:67:d6:3e:
                    47:aa:1c:aa:13:e1:75:2e:ab:07:3a:f2:4f:ea:cd:
                    d8:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:43:40:9D:35:3E:FB:B1:B7:CE:83:CE:E8:54:F1:87:9A:6F:DA:16
            X509v3 Authority Key Identifier:
                keyid:54:FB:44:EE:CA:D8:D0:7F:84:ED:34:E0:A2:2B:67:1E:70:F1:6A:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPtE7srY0H-E7TTgoitnHnDxauA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bcc899-7a55-4c5c-a9ed-e5e02ef15126/1/WkNAnTU--7G3zoPO6FTxh5pv2hY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bcc899-7a55-4c5c-a9ed-e5e02ef15126/1/VPtE7srY0H-E7TTgoitnHnDxauA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:6a:bb:fa:ba:ca:66:36:0c:8a:f1:fa:8b:c6:07:85:55:11:
         cb:7e:32:af:28:0e:15:cf:6a:80:c7:d4:62:ce:6e:53:dd:9b:
         ad:7a:f7:6a:fc:a3:2c:73:09:72:d8:2e:77:f2:47:8e:52:2e:
         e8:47:f6:8f:74:c3:3e:0d:1e:ea:30:9d:d7:49:08:e0:96:8c:
         10:a4:e3:1f:03:b5:3b:64:62:a1:04:cc:f2:28:82:c7:ce:d3:
         37:bc:d6:d7:c7:73:e5:88:4d:a4:c3:57:40:69:6c:48:9b:29:
         e2:18:a4:78:c6:6d:fc:a1:45:7c:57:46:68:aa:3e:c1:39:63:
         0f:e6:6d:5b:fd:f7:9b:90:55:0f:4f:8f:3a:6d:ff:b2:8e:ad:
         c0:99:c9:5d:c9:a1:eb:d1:37:3c:96:d2:a2:72:fd:a3:af:9e:
         39:13:87:40:b2:e3:00:55:b7:ba:22:4e:f0:3a:49:6f:60:24:
         42:84:e0:50:5a:18:b1:f0:d8:9b:59:33:f1:38:7f:b7:10:3c:
         7a:33:50:24:f6:bd:7d:fc:78:af:ed:20:7d:d7:d1:db:6b:27:
         54:36:4f:1d:ff:0e:ed:11:69:44:27:97:24:90:a4:05:af:0b:
         5b:29:a3:5f:7a:d5:6d:b5:ad:42:43:2e:a2:e8:c7:47:d0:6e:
         f6:5e:eb:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAry77zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGZiNDRlZWNhZDhkMDdmODRlZDM0ZTBhMjJiNjcxZTcwZjE2YWUwMB4XDTIyMDQw
ODE2NDYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE0MzQwOWQzNTNl
ZmJiMWI3Y2U4M2NlZTg1NGYxODc5YTZmZGExNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5KqKWFuUKLQtpbjYGgEvWGXM1veI+Qr8fhMdYYosRnZ3GT
vnv6uIaaJfesKtiiv7tvBbinhcDiP7fnZ6dRFvDzxb1vVmNHuieFAfm9acTdogMn
69txGnmTDRLjj8yOVeofHAwDSLRdpNqDYFXpq6icT6pzZgxOTKjImr52BnAwHRqm
pNUssXwZtSGQcVaPaP/JV63+VR67pytvbfZiOyqET7mHYaejrpniee9CAjvX9/ca
F2WUNvN/XwVtOwCVHDgRTslEM2NSIFtDc0Lw/U45P12FvOmOAI1oiuxap6DZK1+w
eSW3gPcdgKyWZ9Y+R6ocqhPhdS6rBzryT+rN2IUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaQ0CdNT77sbfOg87oVPGHmm/aFjAfBgNVHSMEGDAWgBRU+0TuytjQf4Tt
NOCiK2cecPFq4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZQdEU3c3JZMEgtRTdUVGdvaXRuSG5EeGF1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYmNjODk5LTdhNTUtNGM1Yy1hOWVkLWU1ZTAyZWYxNTEyNi8x
L1drTkFuVFUtLTdHM3pvUE82RlR4aDVwdjJoWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
YmNjODk5LTdhNTUtNGM1Yy1hOWVkLWU1ZTAyZWYxNTEyNi8xL1ZQdEU3c3JZMEgt
RTdUVGdvaXRuSG5EeGF1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmfWzANBgkqhkiG9w0BAQsFAAOC
AQEASWq7+rrKZjYMivH6i8YHhVURy34yrygOFc9qgMfUYs5uU92brXr3avyjLHMJ
ctgud/JHjlIu6Ef2j3TDPg0e6jCd10kI4JaMEKTjHwO1O2RioQTM8iiCx87TN7zW
18dz5YhNpMNXQGlsSJsp4hikeMZt/KFFfFdGaKo+wTljD+ZtW/33m5BVD0+POm3/
so6twJnJXcmh69E3PJbSonL9o6+eOROHQLLjAFW3uiJO8DpJb2AkQoTgUFoYsfDY
m1kz8Th/txA8ejNQJPa9ffx4r+0gfdfR22snVDZPHf8O7RFpRCeXJJCkBa8LWymj
X3rVbbWtQkMuoujHR9Bu9l7rNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:16 2024 by rpki-client on console-ams.rpki-client.org