Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WtzSVztpgI3cYVwgaZeKmRQthYY.roa
File:                     WtzSVztpgI3cYVwgaZeKmRQthYY.roa (raw, json)
Hash identifier:          2CG43TKouX+DuIJ3i8nUWU3Zbtmaq+IeyOTyr9WCJcw=
Subject key identifier:   5A:DC:D2:57:3B:69:80:8D:DC:61:5C:20:69:97:8A:99:14:2D:85:86
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       101FB6F7
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WtzSVztpgI3cYVwgaZeKmRQthYY.roa
Signing time:             Wed 16 Feb 2022 13:20:26 +0000
ROA not before:           Wed 16 Feb 2022 13:20:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12761
IP address blocks:        193.118.162.0/24 maxlen: 24
                          217.111.164.0/24 maxlen: 24
                          217.111.166.0/24 maxlen: 24
                          217.111.165.0/24 maxlen: 24
                          217.111.167.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 270513911 (0x101fb6f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: Feb 16 13:20:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5adcd2573b69808ddc615c2069978a99142d8586
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2b:20:b9:9a:ea:bc:ba:cd:c1:c0:e5:3e:f1:
                    4e:b3:21:37:51:1e:9f:2a:e7:e1:cb:da:5b:b3:72:
                    9b:2d:dc:a8:40:02:f1:74:67:89:a3:5e:86:97:1f:
                    de:20:d6:6e:31:ed:74:27:9d:ff:23:93:c0:60:1e:
                    1a:fe:7e:a1:65:5a:6c:e0:6d:87:23:a1:b1:2d:26:
                    c3:5d:a6:7f:53:e4:c6:30:e1:29:06:fa:85:7e:c5:
                    ea:f0:63:35:65:e2:1e:39:62:e8:0e:1e:94:ca:e7:
                    3c:6a:e9:bc:ab:25:88:6d:0d:fc:33:df:a1:de:d4:
                    15:8a:96:46:5f:b1:4e:0c:84:d2:9c:61:b4:fc:f4:
                    3a:7c:52:24:65:45:6f:c2:3b:79:17:13:60:3b:6c:
                    08:9d:00:b8:4b:9b:cf:00:4a:c6:3a:e9:87:18:39:
                    d0:9b:b5:af:f8:5e:72:eb:c4:fc:ad:9a:00:61:54:
                    92:c7:fb:d9:b8:f8:0c:3c:82:e5:05:43:49:47:e2:
                    45:af:ca:6c:e6:dc:97:31:7c:f6:86:c7:5d:24:89:
                    94:4a:21:1a:61:5e:95:b9:01:ea:ec:ee:a0:e7:d0:
                    50:af:a1:88:79:2b:74:e7:6e:f5:2b:7c:bd:8d:03:
                    12:3e:53:6b:a5:f7:51:ed:fc:6e:8d:1c:a4:f2:a3:
                    f9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:DC:D2:57:3B:69:80:8D:DC:61:5C:20:69:97:8A:99:14:2D:85:86
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/WtzSVztpgI3cYVwgaZeKmRQthYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.162.0/24
                  217.111.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:c5:ba:82:e1:e5:e4:8c:ad:95:4d:86:bf:be:d4:96:25:1f:
         e1:40:05:28:8e:8d:3d:04:de:8f:fa:66:07:d2:02:23:b9:53:
         66:33:07:40:c3:23:f8:da:05:ff:73:d0:8b:28:ec:e3:5d:72:
         60:8f:1c:c2:b5:f4:63:9a:61:ee:0f:94:98:30:f4:62:fb:91:
         6d:6f:b8:0f:cb:c9:80:24:c9:c6:4f:7f:c4:09:1f:36:29:12:
         18:eb:5b:53:06:0e:25:d0:51:a0:33:3c:ff:2e:dd:81:a4:41:
         ba:e4:6d:8c:ef:93:b9:c1:12:02:1b:7e:15:c2:50:e3:e2:29:
         35:1e:fb:c7:61:46:61:d0:03:e1:9b:7b:43:b1:5a:aa:d2:0c:
         a5:ff:af:10:bf:5e:68:c4:bd:cb:b3:e1:95:9a:10:ab:44:fc:
         ed:ea:14:58:ed:6f:15:f3:5d:2d:b9:ad:e7:12:cb:24:15:cd:
         93:89:59:02:8c:08:09:27:44:d5:59:28:80:81:cd:24:c6:84:
         25:c4:7d:cb:b7:ab:b7:cb:29:54:2d:80:d3:19:7b:88:49:16:
         1b:d9:f0:86:68:cd:13:f9:30:47:61:ae:91:e7:41:7d:85:39:
         fb:9a:c7:d6:cf:02:f4:99:c9:7d:ce:e8:a3:93:60:74:a5:9d:
         c3:a2:1c:0b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEB+29zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDIx
NjEzMjAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFkY2QyNTczYjY5
ODA4ZGRjNjE1YzIwNjk5NzhhOTkxNDJkODU4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0rILma6ry6zcHA5T7xTrMhN1Eenyrn4cvaW7Nymy3cqEAC
8XRniaNehpcf3iDWbjHtdCed/yOTwGAeGv5+oWVabOBthyOhsS0mw12mf1PkxjDh
KQb6hX7F6vBjNWXiHjli6A4elMrnPGrpvKsliG0N/DPfod7UFYqWRl+xTgyE0pxh
tPz0OnxSJGVFb8I7eRcTYDtsCJ0AuEubzwBKxjrphxg50Ju1r/hecuvE/K2aAGFU
ksf72bj4DDyC5QVDSUfiRa/KbObclzF89obHXSSJlEohGmFelbkB6uzuoOfQUK+h
iHkrdOdu9St8vY0DEj5Ta6X3Ue38bo0cpPKj+fMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRa3NJXO2mAjdxhXCBpl4qZFC2FhjAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L1d0elNWenRwZ0kzY1lWd2dhWmVLbVJRdGhZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMF2ogMEAtlvpDANBgkqhkiG9w0B
AQsFAAOCAQEAEMW6guHl5IytlU2Gv77UliUf4UAFKI6NPQTej/pmB9ICI7lTZjMH
QMMj+NoF/3PQiyjs411yYI8cwrX0Y5ph7g+UmDD0YvuRbW+4D8vJgCTJxk9/xAkf
NikSGOtbUwYOJdBRoDM8/y7dgaRBuuRtjO+TucESAht+FcJQ4+IpNR77x2FGYdAD
4Zt7Q7FaqtIMpf+vEL9eaMS9y7PhlZoQq0T87eoUWO1vFfNdLbmt5xLLJBXNk4lZ
AowICSdE1VkogIHNJMaEJcR9y7ert8spVC2A0xl7iEkWG9nwhmjNE/kwR2GukedB
fYU5+5rH1s8C9JnJfc7oo5NgdKWdw6IcCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:28 2024 by rpki-client on console-ams.rpki-client.org