Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/17ac67-2d5f-439a-8ff9-cacfb67bff9d/1/wicoWWQD8RsvKnfjGhB4nJzrTSg.roa
File:                     wicoWWQD8RsvKnfjGhB4nJzrTSg.roa (raw, json)
Hash identifier:          ncOVuMlEP+B5vc0NdRkYgN3w3T1IV9ouE7pb6uBki+4=
Subject key identifier:   C2:27:28:59:64:03:F1:1B:2F:2A:77:E3:1A:10:78:9C:9C:EB:4D:28
Certificate issuer:       /CN=521d2c07c28ac7b726a825d3693afe2397209de6
Certificate serial:       152A97BB
Authority key identifier: 52:1D:2C:07:C2:8A:C7:B7:26:A8:25:D3:69:3A:FE:23:97:20:9D:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Uh0sB8KKx7cmqCXTaTr-I5cgneY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/17ac67-2d5f-439a-8ff9-cacfb67bff9d/1/wicoWWQD8RsvKnfjGhB4nJzrTSg.roa
Signing time:             Sat 01 Jan 2022 12:59:46 +0000
ROA not before:           Sat 01 Jan 2022 12:59:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     5467
IP address blocks:        93.175.0.0/19 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 355112891 (0x152a97bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=521d2c07c28ac7b726a825d3693afe2397209de6
        Validity
            Not Before: Jan  1 12:59:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c22728596403f11b2f2a77e31a10789c9ceb4d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:eb:a8:c5:f4:30:03:44:5a:55:f8:dd:d8:be:
                    a8:f9:f8:1d:35:40:f5:98:74:f7:77:0e:ca:b6:cf:
                    de:4b:32:ca:54:bd:c5:eb:a3:48:3a:bd:46:76:2c:
                    e7:ea:5b:d6:e8:7c:61:fe:ad:2f:ed:97:b1:e2:06:
                    02:3a:11:b2:70:f4:65:01:ac:19:90:7b:bb:37:ef:
                    24:ba:8d:a1:05:ac:a7:d3:fd:ca:e3:09:80:e0:67:
                    1a:b5:d6:dc:9a:d9:ac:7b:5e:3e:83:d0:15:0e:64:
                    19:9b:db:cc:4d:f5:75:44:8b:76:2c:b4:d3:06:fa:
                    48:10:13:13:a7:12:96:b7:c4:15:92:12:b5:35:26:
                    74:66:0e:c8:91:ab:11:25:dc:75:9f:62:ec:e7:e0:
                    67:70:23:8a:cb:a7:be:f3:4b:ec:4d:25:dc:10:ea:
                    38:37:58:5c:c5:19:9e:d6:3c:c1:fa:62:88:ae:36:
                    f4:9b:1b:e5:ad:2b:67:a2:85:0f:71:43:94:14:38:
                    b8:60:fc:d5:d0:8d:79:33:b4:d1:9b:da:8d:71:6a:
                    b9:54:0c:a7:d0:53:96:9c:6f:5d:f1:e2:90:e4:29:
                    bd:4d:62:20:b4:48:06:8c:be:ec:3d:53:cc:96:25:
                    e1:43:31:62:38:e7:c8:92:52:da:50:bf:36:52:7e:
                    d9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:27:28:59:64:03:F1:1B:2F:2A:77:E3:1A:10:78:9C:9C:EB:4D:28
            X509v3 Authority Key Identifier:
                keyid:52:1D:2C:07:C2:8A:C7:B7:26:A8:25:D3:69:3A:FE:23:97:20:9D:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh0sB8KKx7cmqCXTaTr-I5cgneY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/17ac67-2d5f-439a-8ff9-cacfb67bff9d/1/wicoWWQD8RsvKnfjGhB4nJzrTSg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/17ac67-2d5f-439a-8ff9-cacfb67bff9d/1/Uh0sB8KKx7cmqCXTaTr-I5cgneY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.175.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         87:ea:2e:a8:a9:7e:07:4f:3c:e6:51:ec:2c:5a:d8:be:be:1c:
         78:24:45:0c:ac:de:a8:5c:05:f9:05:59:d0:e7:b4:9b:b4:67:
         4e:87:f7:5f:dd:fc:18:99:73:41:39:55:87:e5:60:23:38:c5:
         e7:c2:24:a9:d4:fc:78:bd:be:c8:fa:c5:ec:e6:31:80:60:81:
         43:d7:79:f4:f7:f8:e5:a6:46:83:b5:cf:70:2e:4a:57:49:af:
         93:eb:2c:62:8a:fa:9d:a2:71:be:66:eb:a4:14:ac:4b:22:bb:
         a6:d9:f0:57:f3:ef:17:71:85:af:25:65:f4:ff:19:ee:44:6c:
         c3:98:d3:ed:db:06:d8:61:3e:43:09:8f:d9:e6:31:4f:d3:fa:
         f9:66:36:d3:f8:e4:e6:b7:0f:ce:46:e8:d7:8d:06:ab:0f:21:
         05:82:da:27:c1:d3:67:18:89:af:e6:38:03:39:12:9e:1a:95:
         08:53:ef:45:bf:36:a9:83:45:e2:6d:ce:73:8c:7f:3a:12:d5:
         8d:4d:c6:8e:04:ae:5d:fb:55:f2:3b:50:37:e9:98:c1:1f:c2:
         95:85:23:61:07:f0:96:d8:61:b0:0d:97:1a:99:7f:ac:ee:62:
         04:6f:13:3b:81:0a:e6:9f:27:ff:b0:4a:83:53:d5:df:19:e9:
         ff:43:61:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFSqXuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjFkMmMwN2MyOGFjN2I3MjZhODI1ZDM2OTNhZmUyMzk3MjA5ZGU2MB4XDTIyMDEw
MTEyNTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIyNzI4NTk2NDAz
ZjExYjJmMmE3N2UzMWExMDc4OWM5Y2ViNGQyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHrqMX0MANEWlX43di+qPn4HTVA9Zh093cOyrbP3ksyylS9
xeujSDq9RnYs5+pb1uh8Yf6tL+2XseIGAjoRsnD0ZQGsGZB7uzfvJLqNoQWsp9P9
yuMJgOBnGrXW3JrZrHtePoPQFQ5kGZvbzE31dUSLdiy00wb6SBATE6cSlrfEFZIS
tTUmdGYOyJGrESXcdZ9i7OfgZ3AjisunvvNL7E0l3BDqODdYXMUZntY8wfpiiK42
9Jsb5a0rZ6KFD3FDlBQ4uGD81dCNeTO00ZvajXFquVQMp9BTlpxvXfHikOQpvU1i
ILRIBoy+7D1TzJYl4UMxYjjnyJJS2lC/NlJ+2aECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTCJyhZZAPxGy8qd+MaEHicnOtNKDAfBgNVHSMEGDAWgBRSHSwHworHtyao
JdNpOv4jlyCd5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VoMHNCOEtLeDdjbXFDWFRhVHItSTVjZ25lWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvMTdhYzY3LTJkNWYtNDM5YS04ZmY5LWNhY2ZiNjdiZmY5ZC8x
L3dpY29XV1FEOFJzdktuZmpHaEI0bkp6clRTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
MTdhYzY3LTJkNWYtNDM5YS04ZmY5LWNhY2ZiNjdiZmY5ZC8xL1VoMHNCOEtLeDdj
bXFDWFRhVHItSTVjZ25lWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBV2vADANBgkqhkiG9w0BAQsFAAOC
AQEAh+ouqKl+B0885lHsLFrYvr4ceCRFDKzeqFwF+QVZ0Oe0m7RnTof3X938GJlz
QTlVh+VgIzjF58IkqdT8eL2+yPrF7OYxgGCBQ9d59Pf45aZGg7XPcC5KV0mvk+ss
Yor6naJxvmbrpBSsSyK7ptnwV/PvF3GFryVl9P8Z7kRsw5jT7dsG2GE+QwmP2eYx
T9P6+WY20/jk5rcPzkbo140Gqw8hBYLaJ8HTZxiJr+Y4AzkSnhqVCFPvRb82qYNF
4m3Oc4x/OhLVjU3GjgSuXftV8jtQN+mYwR/ClYUjYQfwlthhsA2XGpl/rO5iBG8T
O4EK5p8n/7BKg1PV3xnp/0NhKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:50 2024 by rpki-client on console-ams.rpki-client.org