Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/wXWDlNSEnODY0QOVV6vp9qc2UKA.roa
File:                     wXWDlNSEnODY0QOVV6vp9qc2UKA.roa (raw, json)
Hash identifier:          YyYx0kYYBGUOuYx/9qFynH08NKj1p3NjwYeKWVo0p+U=
Subject key identifier:   C1:75:83:94:D4:84:9C:E0:D8:D1:03:95:57:AB:E9:F6:A7:36:50:A0
Certificate issuer:       /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial:       16CA83E5
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/wXWDlNSEnODY0QOVV6vp9qc2UKA.roa
Signing time:             Sat 01 Jan 2022 07:03:09 +0000
ROA not before:           Sat 01 Jan 2022 07:03:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4755
IP address blocks:        193.32.247.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 382370789 (0x16ca83e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
        Validity
            Not Before: Jan  1 07:03:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c1758394d4849ce0d8d1039557abe9f6a73650a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:62:b4:83:09:fa:53:72:c7:a3:5b:c0:95:f9:
                    7c:a0:1b:5c:99:7e:00:74:dd:01:09:6c:ce:f2:91:
                    28:08:34:c4:42:b8:ab:bc:0e:ae:d3:53:3a:ed:7c:
                    3c:f6:57:67:0c:6b:cc:49:c1:bc:c3:44:2e:8a:6e:
                    c8:b8:3c:c0:9f:56:b9:ec:4d:2f:9f:05:a7:18:cb:
                    9e:8a:cb:3f:ac:df:d5:36:24:9c:ab:23:7d:11:12:
                    85:b7:42:6b:de:38:be:f8:db:e7:01:39:e6:95:2a:
                    82:9a:7a:64:e1:8c:7a:a0:0d:02:02:36:96:c9:44:
                    07:30:e8:06:8f:18:e3:b5:5c:12:a6:42:ca:4a:47:
                    bf:ef:6f:5c:ae:2f:d6:2a:58:5b:35:df:8f:72:9f:
                    e2:3c:20:46:be:92:6c:96:8c:36:b4:ab:b8:68:68:
                    38:5c:2a:e7:bb:1a:44:72:63:ae:ae:2d:ce:8a:0b:
                    bd:a9:ac:f6:06:bd:5f:09:aa:13:51:9e:e8:83:82:
                    bb:9b:63:65:12:1e:33:90:29:8d:4a:38:21:f8:02:
                    b3:03:b4:77:3b:d5:16:5b:23:3d:f1:93:2f:30:cf:
                    bf:75:e9:91:5b:a3:c0:89:7f:ad:f3:ac:95:e0:2b:
                    2f:ea:a5:16:b6:4e:32:0f:6a:08:cc:f9:42:70:c9:
                    e6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:75:83:94:D4:84:9C:E0:D8:D1:03:95:57:AB:E9:F6:A7:36:50:A0
            X509v3 Authority Key Identifier:
                keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/wXWDlNSEnODY0QOVV6vp9qc2UKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:de:1f:23:fb:18:88:98:72:1c:d0:30:8c:31:78:af:24:3e:
         bb:13:0a:9c:a0:39:72:9c:ca:4a:d3:73:fe:32:f3:c8:9c:81:
         23:91:3a:f9:29:fa:b7:66:4a:b5:0b:15:86:e8:3b:ee:40:db:
         7c:cf:71:df:fc:a9:a8:c6:0d:9c:4e:2a:42:b3:2b:f1:e4:5c:
         56:1d:58:d6:66:70:77:b3:fb:62:4e:66:ad:21:f6:6f:34:60:
         64:12:e4:89:67:7c:36:97:1f:e6:71:ec:f7:d1:51:47:23:05:
         ad:7a:c8:a9:34:3d:42:1a:a1:fd:25:3e:ed:36:72:5b:9b:f8:
         ef:4f:0c:98:f0:df:0f:2b:02:40:ea:8a:09:4b:d6:97:b6:a0:
         0d:4f:3e:23:a2:df:83:c9:31:ab:90:12:26:10:7f:72:0d:7d:
         bc:24:d4:06:de:7c:e6:f1:1d:3f:72:79:94:ec:2c:9f:f3:1c:
         b1:64:40:15:b3:ec:6a:97:03:62:6a:f4:8c:d6:03:2b:f3:3a:
         96:28:f3:87:81:ee:c4:41:da:8a:99:51:e5:26:8f:8d:be:42:
         b3:40:17:e0:84:f5:6b:70:fe:ed:f2:29:8f:7b:57:94:5f:0e:
         c5:b6:09:26:c1:15:b9:33:8c:0f:4f:a0:6c:a9:ca:d9:18:d5:
         7d:db:e7:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFsqD5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjdmZDVkMzMwNjFhOWRlOTIwYWYxYzJhMTM1MTNkNDZkZDI0NjEyMB4XDTIyMDEw
MTA3MDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE3NTgzOTRkNDg0
OWNlMGQ4ZDEwMzk1NTdhYmU5ZjZhNzM2NTBhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJditIMJ+lNyx6NbwJX5fKAbXJl+AHTdAQlszvKRKAg0xEK4
q7wOrtNTOu18PPZXZwxrzEnBvMNELopuyLg8wJ9WuexNL58FpxjLnorLP6zf1TYk
nKsjfREShbdCa944vvjb5wE55pUqgpp6ZOGMeqANAgI2lslEBzDoBo8Y47VcEqZC
ykpHv+9vXK4v1ipYWzXfj3Kf4jwgRr6SbJaMNrSruGhoOFwq57saRHJjrq4tzooL
vams9ga9XwmqE1Ge6IOCu5tjZRIeM5ApjUo4IfgCswO0dzvVFlsjPfGTLzDPv3Xp
kVujwIl/rfOsleArL+qlFrZOMg9qCMz5QnDJ5t8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTBdYOU1ISc4NjRA5VXq+n2pzZQoDAfBgNVHSMEGDAWgBTvf9XTMGGp3pIK
8cKhNRPUbdJGEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzczX1YwekJocWQ2U0N2SENvVFVUMUczU1JoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMjMxOTBjLWUxYTAtNGJhNC1iMWQ4LWExMDJiZTM4MmU1MS8x
L3dYV0RsTlNFbk9EWTBRT1ZWNnZwOXFjMlVLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MjMxOTBjLWUxYTAtNGJhNC1iMWQ4LWExMDJiZTM4MmU1MS8xLzczX1YwekJocWQ2
U0N2SENvVFVUMUczU1JoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEg9zANBgkqhkiG9w0BAQsFAAOC
AQEACN4fI/sYiJhyHNAwjDF4ryQ+uxMKnKA5cpzKStNz/jLzyJyBI5E6+Sn6t2ZK
tQsVhug77kDbfM9x3/ypqMYNnE4qQrMr8eRcVh1Y1mZwd7P7Yk5mrSH2bzRgZBLk
iWd8Npcf5nHs99FRRyMFrXrIqTQ9Qhqh/SU+7TZyW5v4708MmPDfDysCQOqKCUvW
l7agDU8+I6Lfg8kxq5ASJhB/cg19vCTUBt585vEdP3J5lOwsn/McsWRAFbPsapcD
Ymr0jNYDK/M6lijzh4HuxEHaiplR5SaPjb5Cs0AX4IT1a3D+7fIpj3tXlF8OxbYJ
JsEVuTOMD0+gbKnK2RjVfdvn+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org