Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/wImHfWdQ3gtMjKfTvjwU95UKKKY.roa
File:                     wImHfWdQ3gtMjKfTvjwU95UKKKY.roa (raw, json)
Hash identifier:          YIREsFIJJCJ3Ru8GFzEWNVj0zRw3BvV8Dpa1dVwjMWs=
Subject key identifier:   C0:89:87:7D:67:50:DE:0B:4C:8C:A7:D3:BE:3C:14:F7:95:0A:28:A6
Certificate issuer:       /CN=9e563c426d1aae4ed1e7f59536749022089e8479
Certificate serial:       01842DA8852A5AD556E7AE082DBC1DFE39ED
Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/wImHfWdQ3gtMjKfTvjwU95UKKKY.roa
Signing time:             Mon 31 Oct 2022 10:48:49 +0000
ROA not before:           Mon 31 Oct 2022 10:48:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3238
IP address blocks:        82.199.160.0/19 maxlen: 24
                          2a00:5500::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2d:a8:85:2a:5a:d5:56:e7:ae:08:2d:bc:1d:fe:39:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479
        Validity
            Not Before: Oct 31 10:48:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c089877d6750de0b4c8ca7d3be3c14f7950a28a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:40:20:c8:93:05:97:4c:52:72:76:ec:76:d2:
                    40:33:da:5e:ea:b7:08:2c:21:2f:a6:12:39:66:8f:
                    09:94:d2:d9:32:d9:fd:e3:25:b4:07:81:39:fd:d0:
                    a0:18:f8:bf:6d:63:f3:fd:8d:1b:22:e0:cc:4f:7d:
                    92:98:8c:e7:8d:32:52:38:10:6e:1f:ae:82:80:1b:
                    4b:85:87:1d:d5:39:ab:0c:3c:88:1a:8b:77:05:a5:
                    b8:91:04:bf:4c:15:8e:b7:3d:b9:12:8e:0e:96:61:
                    c5:33:71:93:24:4f:25:b0:7d:a6:58:36:f3:4c:2c:
                    09:33:65:2b:06:1e:9c:be:66:d8:26:0b:dd:94:25:
                    bb:64:f3:d2:76:04:b4:42:6b:b0:0f:a3:1a:87:9e:
                    2a:cf:63:d5:d1:a2:dc:52:df:19:1d:a5:ae:56:5f:
                    1d:ac:d8:c8:e1:02:05:84:3c:f9:21:d5:dd:16:19:
                    f9:cc:6e:2f:0d:19:a9:ee:7a:a3:e0:47:96:08:dc:
                    2a:a7:ca:85:96:0a:5b:d6:a8:9b:e6:48:1c:27:18:
                    ff:7e:af:e0:f4:38:69:91:49:3f:da:c0:a8:80:94:
                    e0:b9:f7:61:57:d9:72:7e:37:5f:cb:e4:48:02:0e:
                    78:e7:51:2d:f7:33:a3:19:cd:12:bd:e2:00:c7:5d:
                    e8:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:89:87:7D:67:50:DE:0B:4C:8C:A7:D3:BE:3C:14:F7:95:0A:28:A6
            X509v3 Authority Key Identifier:
                keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/wImHfWdQ3gtMjKfTvjwU95UKKKY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.199.160.0/19
                IPv6:
                  2a00:5500::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:4e:50:76:ec:0b:d2:59:44:75:6f:f1:54:af:8f:a5:7e:81:
         39:20:ff:c3:00:c4:01:f0:d8:a1:8c:54:71:31:c4:f7:0c:f8:
         29:a5:4a:10:fa:5f:6e:e2:c7:7e:57:53:7a:68:68:21:f1:0d:
         d5:ae:9c:eb:75:c1:af:8c:8b:1f:47:7e:9e:5c:72:7f:63:c3:
         97:d0:35:c9:a8:f0:fa:49:74:c2:84:f0:b5:8d:db:ab:c9:a4:
         57:88:0f:e5:ef:06:3d:f7:9e:c3:cf:8d:23:21:81:03:3b:16:
         a5:e1:45:2b:c6:78:8a:7d:1e:11:b4:9a:0b:04:6d:81:d2:e6:
         1c:1f:87:5f:44:dd:d6:06:ca:6b:f1:93:d4:7e:2e:57:74:93:
         2c:7e:f4:5e:dd:42:a6:6b:68:b0:b5:7c:16:5f:46:b3:92:77:
         28:5e:9c:5f:08:9a:46:64:05:7f:32:85:69:ef:bf:bd:7a:20:
         10:e6:2a:21:95:8c:1c:1c:4e:df:13:36:e8:eb:28:bb:44:35:
         3d:9e:e8:25:0b:e7:6e:44:d9:5a:ae:ee:a4:63:0f:be:45:3a:
         28:b0:7d:1b:dc:56:d5:6d:c4:73:c2:44:d9:1f:ce:e0:74:ec:
         82:50:44:f8:89:28:27:19:4e:ff:c8:b7:6c:7f:80:df:93:7c:
         f7:f7:0f:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQtqIUqWtVW564ILbwd/jntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5
ZTg0NzkwHhcNMjIxMDMxMTA0ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDg5ODc3ZDY3NTBkZTBiNGM4Y2E3ZDNiZTNjMTRmNzk1MGEyOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0AgyJMFl0xScnbsdtJAM9pe6rcI
LCEvphI5Zo8JlNLZMtn94yW0B4E5/dCgGPi/bWPz/Y0bIuDMT32SmIznjTJSOBBu
H66CgBtLhYcd1TmrDDyIGot3BaW4kQS/TBWOtz25Eo4OlmHFM3GTJE8lsH2mWDbz
TCwJM2UrBh6cvmbYJgvdlCW7ZPPSdgS0QmuwD6Mah54qz2PV0aLcUt8ZHaWuVl8d
rNjI4QIFhDz5IdXdFhn5zG4vDRmp7nqj4EeWCNwqp8qFlgpb1qib5kgcJxj/fq/g
9DhpkUk/2sCogJTgufdhV9lyfjdfy+RIAg5451Et9zOjGc0SveIAx13o9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMCJh31nUN4LTIyn0748FPeVCiimMB8GA1UdIwQY
MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt
YWZiY2YzNjZiYjA3LzEvd0ltSGZXZFEzZ3RNaktmVHZqd1U5NVVLS0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3
LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFUsegMA0E
AgACMAcDBQAqAFUAMA0GCSqGSIb3DQEBCwUAA4IBAQCYTlB27AvSWUR1b/FUr4+l
foE5IP/DAMQB8NihjFRxMcT3DPgppUoQ+l9u4sd+V1N6aGgh8Q3VrpzrdcGvjIsf
R36eXHJ/Y8OX0DXJqPD6SXTChPC1jduryaRXiA/l7wY9957Dz40jIYEDOxal4UUr
xniKfR4RtJoLBG2B0uYcH4dfRN3WBspr8ZPUfi5XdJMsfvRe3UKma2iwtXwWX0az
kncoXpxfCJpGZAV/MoVp77+9eiAQ5iohlYwcHE7fEzbo6yi7RDU9nuglC+duRNla
ru6kYw++RToosH0b3FbVbcRzwkTZH87gdOyCUET4iSgnGU7/yLdsf4Dfk3z39w8f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:24 2024 by rpki-client on console-ams.rpki-client.org