Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa
File:                     1--wycDYNNbfpyg8btcdX7mdEJ0k.roa (raw, json)
Hash identifier:          H+WgA6IZF2LKH/hyeT5QOOdShfRzk7+la9hsOL+uvnI=
Subject key identifier:   FB:EC:32:70:36:0D:35:B7:E9:CA:0F:1B:B5:C7:57:EE:67:44:27:49
Certificate issuer:       /CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
Certificate serial:       018410C00ACC9452DC71CF766A4B74B0CDE3
Authority key identifier: 03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa
Signing time:             Tue 25 Oct 2022 20:05:31 +0000
ROA not before:           Tue 25 Oct 2022 20:05:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205943
IP address blocks:        185.201.70.0/24 maxlen: 24
                          185.201.69.0/24 maxlen: 24
                          185.201.68.0/24 maxlen: 24
                          2a0a:bf40::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:10:c0:0a:cc:94:52:dc:71:cf:76:6a:4b:74:b0:cd:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
        Validity
            Not Before: Oct 25 20:05:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fbec3270360d35b7e9ca0f1bb5c757ee67442749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ff:b5:81:c0:0d:c6:c5:25:9a:e4:ef:68:05:
                    c2:c5:df:72:77:e9:2a:3d:5a:a5:b8:fb:91:7d:27:
                    19:7b:a5:d7:b4:1c:1f:2f:d6:cc:69:ee:76:cc:fa:
                    48:98:3e:d3:ae:94:ce:30:02:6c:b0:92:e7:be:5d:
                    14:1d:99:60:43:a6:fe:3a:26:d2:05:11:24:cc:b3:
                    6f:20:59:cb:bd:5e:33:b3:53:bf:bc:21:4d:1b:81:
                    bc:0a:a4:e8:0a:04:8c:ae:e7:cf:e4:91:8a:8d:dd:
                    26:00:96:a4:2b:4d:e7:21:8c:e3:52:75:97:45:7a:
                    6c:0a:e0:10:f3:61:97:ad:e2:c7:d2:02:c8:28:d3:
                    75:b5:ed:84:d2:ca:1f:3d:e5:c7:4f:3c:8e:3f:9b:
                    73:eb:8e:e8:c4:27:4a:ed:53:08:2d:c7:ae:2b:8d:
                    d3:05:cb:2e:ca:a6:86:3a:41:40:ee:e0:68:9c:47:
                    74:9b:65:73:98:d0:e6:e8:5f:2d:fc:e0:30:1c:ef:
                    3a:0e:44:63:e1:97:7d:43:ad:ab:82:dc:66:da:a0:
                    9c:c5:58:64:b1:49:37:4f:7f:8a:c9:18:b0:e7:97:
                    59:cd:87:e1:04:be:cf:fe:fe:ad:fc:08:3f:44:41:
                    40:68:67:96:c3:1c:7a:9f:56:08:32:02:39:b8:1c:
                    db:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:EC:32:70:36:0D:35:B7:E9:CA:0F:1B:B5:C7:57:EE:67:44:27:49
            X509v3 Authority Key Identifier:
                keyid:03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.68.0-185.201.70.255
                IPv6:
                  2a0a:bf40::/36

    Signature Algorithm: sha256WithRSAEncryption
         31:51:bd:ee:78:4e:4b:c0:48:9f:b0:17:ec:61:2f:35:30:08:
         29:84:e3:c9:2a:15:46:df:e1:63:dd:39:d3:61:d5:ba:3f:91:
         98:8c:46:68:c3:db:0d:70:f1:7c:39:a6:28:70:9c:6d:82:ed:
         cb:f6:5f:b8:2b:6e:09:ed:e9:22:f0:13:cf:eb:ac:a7:2b:b0:
         9f:7b:ce:6d:d3:ac:67:8d:1e:b2:9c:39:ed:23:f5:34:05:50:
         a6:7a:37:4a:9b:ea:08:02:12:ad:9a:68:6e:4d:1a:8f:7a:96:
         ab:f7:30:15:ed:d3:6d:c7:2e:4e:e4:dc:0e:7e:f9:8c:0f:27:
         01:9b:30:c7:f0:0e:4a:5a:3d:d9:fd:07:9a:90:b0:ef:d1:79:
         62:b4:d1:de:0c:70:ad:3c:02:5a:1d:80:57:13:da:30:9e:ee:
         2a:f3:21:48:7e:2d:79:4f:2f:51:32:90:38:58:65:c6:9a:ee:
         13:ef:f3:35:43:cc:9a:59:67:a5:81:8d:19:57:f3:42:bb:fa:
         24:09:28:80:5f:22:50:23:41:97:33:be:bf:69:05:88:cf:d1:
         9c:45:d3:57:7b:ac:5a:38:97:32:a8:d6:0d:67:0c:3e:8b:ba:
         0b:38:ad:c8:4f:63:fd:1d:e2:2d:df:00:bb:f3:73:76:52:1f:
         dd:a8:9f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYQQwArMlFLccc92akt0sM3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjdlN2NmODE3NmUzMDI3NjRkNDgyOTlmYzIyYTliZGM2
YmE2ODMwHhcNMjIxMDI1MjAwNTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVjMzI3MDM2MGQzNWI3ZTljYTBmMWJiNWM3NTdlZTY3NDQyNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf+1gcANxsUlmuTvaAXCxd9yd+kq
PVqluPuRfScZe6XXtBwfL9bMae52zPpImD7TrpTOMAJssJLnvl0UHZlgQ6b+OibS
BREkzLNvIFnLvV4zs1O/vCFNG4G8CqToCgSMrufP5JGKjd0mAJakK03nIYzjUnWX
RXpsCuAQ82GXreLH0gLIKNN1te2E0sofPeXHTzyOP5tz647oxCdK7VMILceuK43T
BcsuyqaGOkFA7uBonEd0m2VzmNDm6F8t/OAwHO86DkRj4Zd9Q62rgtxm2qCcxVhk
sUk3T3+KyRiw55dZzYfhBL7P/v6t/Ag/REFAaGeWwxx6n1YIMgI5uBzbwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvsMnA2DTW36coPG7XHV+5nRCdJMB8GA1UdIwQY
MBaAFAP358+BduMCdk1IKZ/CKpvca6aDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9mbno0RjI0d0oyVFVncG44SXFtOXhycG9NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hZTQ1NDctMmNhMi00Y2JkLWExYjUt
M2NmM2I0NjNhODZhLzEvMS0td3ljRFlOTmJmcHlnOGJ0Y2RYN21kRUoway5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYWU0NTQ3LTJjYTItNGNiZC1hMWI1LTNjZjNiNDYzYTg2
YS8xL0FfZm56NEYyNHdKMlRVZ3BuOElxbTl4cnBvTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwFAQCAAEwDjAMAwQCuclE
AwQAuclGMA4EAgACMAgDBgQqCr9AADANBgkqhkiG9w0BAQsFAAOCAQEAMVG97nhO
S8BIn7AX7GEvNTAIKYTjySoVRt/hY90502HVuj+RmIxGaMPbDXDxfDmmKHCcbYLt
y/ZfuCtuCe3pIvATz+uspyuwn3vObdOsZ40espw57SP1NAVQpno3SpvqCAISrZpo
bk0aj3qWq/cwFe3TbccuTuTcDn75jA8nAZswx/AOSlo92f0HmpCw79F5YrTR3gxw
rTwCWh2AVxPaMJ7uKvMhSH4teU8vUTKQOFhlxpruE+/zNUPMmllnpYGNGVfzQrv6
JAkogF8iUCNBlzO+v2kFiM/RnEXTV3usWjiXMqjWDWcMPou6CzityE9j/R3iLd8A
u/NzdlIf3aif0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org