Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Wjm7jvHFQ-uqbg_obHUyNQOPxXs.roa
File:                     Wjm7jvHFQ-uqbg_obHUyNQOPxXs.roa (raw, json)
Hash identifier:          z5IRfnSJrP36bDXGGaUIO1SupUoXjxhvRt/Gbg34yIc=
Subject key identifier:   5A:39:BB:8E:F1:C5:43:EB:AA:6E:0F:E8:6C:75:32:35:03:8F:C5:7B
Certificate issuer:       /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial:       040B2D84
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Wjm7jvHFQ-uqbg_obHUyNQOPxXs.roa
Signing time:             Sat 01 Jan 2022 15:03:33 +0000
ROA not before:           Sat 01 Jan 2022 15:03:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41233
IP address blocks:        193.16.186.0/23 maxlen: 24
                          193.16.188.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67841412 (0x40b2d84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
        Validity
            Not Before: Jan  1 15:03:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a39bb8ef1c543ebaa6e0fe86c753235038fc57b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a8:8a:49:b6:70:c8:39:c0:25:24:cf:bf:9a:
                    ac:0d:8d:e5:36:69:fc:93:4e:16:43:ff:1f:fd:a0:
                    49:2f:52:c3:11:56:6d:f1:cf:55:c5:6f:66:4f:f3:
                    c3:bc:e9:96:1a:06:34:39:4c:a6:10:5c:30:84:fc:
                    88:e1:21:5d:32:32:22:8b:0c:bf:b0:ae:89:68:2a:
                    55:90:aa:62:70:1c:7d:c9:1e:5b:10:2d:4c:81:dc:
                    ed:b4:df:ef:3a:e5:82:f6:ef:75:d0:d9:57:ed:78:
                    47:1a:9e:ac:ad:1d:9d:03:cb:ef:95:4a:80:92:bc:
                    9a:13:51:d0:9e:b3:6b:7b:47:30:48:4c:01:85:81:
                    bf:42:a9:a4:3b:5d:9f:61:b8:8c:4d:24:e0:ac:59:
                    99:95:04:a0:37:1a:bc:6f:39:cd:bb:3d:f9:7f:b5:
                    81:85:77:33:df:a5:a5:0c:c6:51:99:f0:54:d0:1c:
                    75:dc:22:dc:63:55:f6:57:56:3c:14:2c:79:e6:7b:
                    90:67:b1:eb:52:8b:3b:21:a3:5c:79:83:6f:10:a4:
                    e5:06:4e:33:8b:b9:f4:7d:00:cc:3b:c1:4c:ee:7c:
                    a2:11:03:2b:c3:07:63:96:7d:f4:af:07:1d:72:4b:
                    d5:37:fe:6e:d6:e0:8f:20:24:c2:6e:03:32:9c:62:
                    d2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:39:BB:8E:F1:C5:43:EB:AA:6E:0F:E8:6C:75:32:35:03:8F:C5:7B
            X509v3 Authority Key Identifier:
                keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/Wjm7jvHFQ-uqbg_obHUyNQOPxXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.186.0-193.16.191.255

    Signature Algorithm: sha256WithRSAEncryption
         4e:4b:cb:07:f1:4d:9e:ad:a7:ce:7f:79:e4:4a:c2:8c:ed:f8:
         a7:ad:52:2c:75:2f:3a:8a:32:bc:d3:fa:93:c5:32:7c:0a:ff:
         a5:14:4b:ff:c5:04:4e:a1:b4:05:08:d1:e1:6f:43:76:6c:6c:
         2c:40:02:f6:10:68:54:a1:bf:9b:dd:6c:5f:19:46:66:6f:3a:
         53:d0:59:bb:b7:61:57:c3:f9:aa:78:ca:d9:fb:ee:60:4e:3f:
         a4:a9:fd:a1:0d:c5:d3:a9:a1:dc:7d:1d:91:65:ae:a1:70:cc:
         c1:de:55:bc:de:26:a6:30:22:1b:ab:51:a3:39:30:d3:70:4e:
         dd:ae:98:e2:b1:5f:7f:5c:5a:b7:68:eb:71:cd:19:24:8e:e9:
         3f:bd:b8:29:fa:c9:3a:2e:41:ad:4a:11:55:92:d9:7e:21:10:
         4e:41:27:a0:25:8d:4a:fc:e6:64:7b:65:a8:d1:e9:1c:39:85:
         3e:f5:b3:27:c0:19:76:ab:b7:4c:1e:85:bb:72:21:0f:26:81:
         78:a6:3a:d9:36:ef:95:92:90:11:4c:c9:e5:34:ca:bd:07:8f:
         b3:5c:7d:ce:83:64:fe:a6:19:f2:1c:80:f6:32:9c:52:64:84:
         25:a2:f6:bb:1f:ce:b8:ea:73:aa:91:3a:26:bd:61:be:40:90:
         29:84:b7:28
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBAsthDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDdlNmI1YWE0MzdkMzY5MzE1MTUwMmEyMTE0OTZlMzdkNGFlMmM1MB4XDTIyMDEw
MTE1MDMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWEzOWJiOGVmMWM1
NDNlYmFhNmUwZmU4NmM3NTMyMzUwMzhmYzU3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuoikm2cMg5wCUkz7+arA2N5TZp/JNOFkP/H/2gSS9SwxFW
bfHPVcVvZk/zw7zplhoGNDlMphBcMIT8iOEhXTIyIosMv7CuiWgqVZCqYnAcfcke
WxAtTIHc7bTf7zrlgvbvddDZV+14RxqerK0dnQPL75VKgJK8mhNR0J6za3tHMEhM
AYWBv0KppDtdn2G4jE0k4KxZmZUEoDcavG85zbs9+X+1gYV3M9+lpQzGUZnwVNAc
ddwi3GNV9ldWPBQseeZ7kGex61KLOyGjXHmDbxCk5QZOM4u59H0AzDvBTO58ohED
K8MHY5Z99K8HHXJL1Tf+btbgjyAkwm4DMpxi0tkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRaObuO8cVD66puD+hsdTI1A4/FezAfBgNVHSMEGDAWgBQAfmtapDfTaTFR
UCohFJbjfUrixTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FINXJXcVEzMDJreFVWQXFJUlNXNDMxSzRzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8x
L1dqbTdqdkhGUS11cWJnX29iSFV5TlFPUHhYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NTE4ZmFiLTc2MDYtNDgzMi1hYTY2LTVhOGM2Nzg0MjM4OS8xL0FINXJXcVEzMDJr
eFVWQXFJUlNXNDMxSzRzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBwRC6AwQGwRCAMA0GCSqGSIb3
DQEBCwUAA4IBAQBOS8sH8U2erafOf3nkSsKM7finrVIsdS86ijK80/qTxTJ8Cv+l
FEv/xQROobQFCNHhb0N2bGwsQAL2EGhUob+b3WxfGUZmbzpT0Fm7t2FXw/mqeMrZ
++5gTj+kqf2hDcXTqaHcfR2RZa6hcMzB3lW83iamMCIbq1GjOTDTcE7drpjisV9/
XFq3aOtxzRkkjuk/vbgp+sk6LkGtShFVktl+IRBOQSegJY1K/OZke2Wo0ekcOYU+
9bMnwBl2q7dMHoW7ciEPJoF4pjrZNu+VkpARTMnlNMq9B4+zXH3Og2T+phnyHID2
MpxSZIQlova7H8646nOqkTomvWG+QJAphLco
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:07 2024 by rpki-client on console-ams.rpki-client.org