Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/wu351N7dmSu1TZmBpI46NHOt4tY.roa
File:                     wu351N7dmSu1TZmBpI46NHOt4tY.roa (raw, json)
Hash identifier:          xpAFrr+5a3BgBV2tO94/LgR5ysDnfDxuG3SvQiOiry8=
Subject key identifier:   C2:ED:F9:D4:DE:DD:99:2B:B5:4D:99:81:A4:8E:3A:34:73:AD:E2:D6
Certificate issuer:       /CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Certificate serial:       032397B0
Authority key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/wu351N7dmSu1TZmBpI46NHOt4tY.roa
Signing time:             Fri 04 Feb 2022 20:21:59 +0000
ROA not before:           Fri 04 Feb 2022 20:21:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212582
IP address blocks:        45.88.228.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52664240 (0x32397b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
        Validity
            Not Before: Feb  4 20:21:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2edf9d4dedd992bb54d9981a48e3a3473ade2d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:fb:9d:ca:f7:20:8e:fc:28:8f:bd:07:31:ce:
                    86:e9:fc:49:cb:5b:45:5e:31:28:1b:37:90:c1:f1:
                    99:fb:dc:cb:aa:71:f5:0f:42:9f:12:a2:b9:8b:79:
                    06:7e:c2:fb:58:89:9d:e1:15:e6:35:9f:e6:ed:79:
                    d6:6d:9a:ba:5c:01:30:49:49:67:17:8f:e7:5a:18:
                    ab:6f:23:82:8c:7e:a3:15:71:f1:0c:2b:4c:fd:69:
                    11:f8:a9:f0:2d:4e:1b:1c:52:84:81:a0:df:ed:0b:
                    51:f9:da:e8:cb:98:bb:4f:d1:e4:26:09:a2:02:55:
                    a4:d7:5d:12:1e:28:a7:8d:01:f8:ed:ab:e8:60:4b:
                    29:77:df:2e:9f:ec:5f:c6:49:15:c6:db:46:d9:25:
                    b2:5c:b4:1e:23:27:c2:bf:34:0c:ef:0d:18:ab:c6:
                    69:76:ec:e3:77:b4:a8:13:ff:28:0c:c5:49:50:0a:
                    ad:d1:67:97:30:a1:c8:05:9c:94:1b:68:54:93:d7:
                    05:8b:d2:b3:cf:1e:02:85:02:48:2a:7e:f9:94:80:
                    7b:29:20:29:b2:8f:56:c3:a9:49:d5:5c:76:d4:e8:
                    17:f6:d1:22:19:01:a1:d3:8b:38:f9:f8:62:a5:ca:
                    94:6f:55:97:a1:ab:0d:a1:df:02:e9:6d:87:e9:71:
                    b9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:ED:F9:D4:DE:DD:99:2B:B5:4D:99:81:A4:8E:3A:34:73:AD:E2:D6
            X509v3 Authority Key Identifier:
                keyid:F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/wu351N7dmSu1TZmBpI46NHOt4tY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:e1:47:01:2d:1c:fc:92:a5:3c:3f:9b:57:43:9f:3d:89:94:
         fd:6b:57:f9:88:a8:6b:55:0a:b1:20:a5:21:ca:5d:ff:26:9c:
         ce:3d:8f:1c:73:ab:1c:78:d7:2d:a1:7c:9d:43:91:fb:d9:6d:
         4e:e5:32:e6:22:22:6b:4d:85:d2:51:86:51:3d:8f:c9:1d:89:
         54:79:14:c7:0d:0b:91:49:0c:bb:b3:b9:ab:e2:cc:fd:ca:36:
         a1:67:1b:0a:1c:ab:58:4f:81:34:d3:a4:e0:2e:ac:d5:36:ff:
         b2:0d:58:22:ff:92:9a:26:c8:d6:e6:1a:9a:39:2e:d1:41:0f:
         d3:40:c8:db:1f:d2:4e:55:b2:ff:e1:66:3d:9d:22:e0:78:77:
         6c:bd:ef:c5:ff:e0:c6:03:5d:8b:df:e8:70:e6:b1:75:d3:9d:
         f7:74:df:9a:cb:b0:9c:ec:d3:07:7a:82:c4:bc:4e:c5:e4:cf:
         1d:c9:c7:16:b4:b7:9f:63:63:cd:5e:b2:dc:0a:53:57:f7:e5:
         32:8b:17:b9:f3:64:13:12:ee:f6:84:cc:d8:a8:4c:e7:5d:58:
         61:35:b3:43:a6:5f:12:a9:55:c4:e2:e6:aa:fa:21:00:62:58:
         15:e5:83:4b:20:57:7f:5a:51:8f:2b:ac:1a:7a:93:e0:23:0a:
         c1:c8:2a:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyOXsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MmEyNTNjZGY1MDdhMDNlMWY1NzlkMjAyZDhkZjExZDY4ZjVjM2Q3MB4XDTIyMDIw
NDIwMjE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJlZGY5ZDRkZWRk
OTkyYmI1NGQ5OTgxYTQ4ZTNhMzQ3M2FkZTJkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIv7ncr3II78KI+9BzHOhun8SctbRV4xKBs3kMHxmfvcy6px
9Q9CnxKiuYt5Bn7C+1iJneEV5jWf5u151m2aulwBMElJZxeP51oYq28jgox+oxVx
8QwrTP1pEfip8C1OGxxShIGg3+0LUfna6MuYu0/R5CYJogJVpNddEh4op40B+O2r
6GBLKXffLp/sX8ZJFcbbRtklsly0HiMnwr80DO8NGKvGaXbs43e0qBP/KAzFSVAK
rdFnlzChyAWclBtoVJPXBYvSs88eAoUCSCp++ZSAeykgKbKPVsOpSdVcdtToF/bR
IhkBodOLOPn4YqXKlG9Vl6GrDaHfAulth+lxudkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTC7fnU3t2ZK7VNmYGkjjo0c63i1jAfBgNVHSMEGDAWgBTyolPN9QegPh9X
nSAtjfEdaPXD1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhxSlR6ZlVIb0Q0ZlY1MGdMWTN4SFdqMXc5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMTBlYmVjLTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8x
L3d1MzUxTjdkbVN1MVRabUJwSTQ2TkhPdDR0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MTBlYmVjLTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8xLzhxSlR6ZlVIb0Q0
ZlY1MGdMWTN4SFdqMXc5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1Y5DANBgkqhkiG9w0BAQsFAAOC
AQEAVOFHAS0c/JKlPD+bV0OfPYmU/WtX+Yioa1UKsSClIcpd/yaczj2PHHOrHHjX
LaF8nUOR+9ltTuUy5iIia02F0lGGUT2PyR2JVHkUxw0LkUkMu7O5q+LM/co2oWcb
ChyrWE+BNNOk4C6s1Tb/sg1YIv+SmibI1uYamjku0UEP00DI2x/STlWy/+FmPZ0i
4Hh3bL3vxf/gxgNdi9/ocOaxddOd93TfmsuwnOzTB3qCxLxOxeTPHcnHFrS3n2Nj
zV6y3ApTV/flMosXufNkExLu9oTM2KhM511YYTWzQ6ZfEqlVxOLmqvohAGJYFeWD
SyBXf1pRjyusGnqT4CMKwcgqCw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org